Unravelling PCI DSS 4.0: making the great leap forward
Payment Card Industry Data Security Standard (PCI DSS) 4.0 is not simply an upgrade to a standard dedicated to securing a few digits of a PAN. It places new emphases on risk analysis and organizational governance; it has huge implications for client-side security and contains brand new requirements related to how businesses identify, inventory, and manage scripts operating in web browsers that collect payment information.
Compliance activities are no longer limited to once annually, but are now required continuously. Organizations will also be required to produce more security documentation and regular QSA assessments will place PCI 4.0 activities under added scrutiny.
To achieve compliance, firms will need to change their mindset. The customized approach, enhanced validation methods and procedures, and some other elements of the new standard are new, and some are not supported in current QSA validation methods.
In a return to being in-person, PCI London will be held in January 2023, and will feature expert speakers from across the industry and the market leading service suppliers to deliver:
- Critical and unique insights that can inform the direction of business, technology and security strategy
- Practical steps that can help assess exposure to, articulate and proactively mitigate the impacts of emerging risks
- Examples of proven approaches that can ensure commercial objectives are met in a secure, compliant manner
- Guidance on future issues and challenges to consider as part of the enterprise decision-making process
Gemserv will be exhibiting at PCI London with our Head of Information Security, Ian Davis speaking on “Customised approach – benefits and drawbacks”.
How to register
If you would like to find out more or register then please visit the PCI London Conference website via the link below.