NIST Mapping

Posted by Mark Meissner on 17 Jul, 2019 in Infographic and Guidance and PCI DSS
Mapping PCI DSS v. 3.2.1 to the NIST Cybersecurity Framework v. 1.1   How meeting PCI DSS requiremen... READ MORE

FAQ: Can organizations use alternative password management methods to meet PCI DSS Requirement 8?

Posted by Lindsay Goodspeed on 11 Jul, 2019 in Passwords and PCI DSS and Multi-Factor Authentication and FAQ
Did you know that the Frequently Asked Questions (FAQ) resource on the PCI SSC website is updated re... READ MORE

Programs Update: PCI Software Security Framework

Posted by Laura K. Gray on 25 Apr, 2019 in Software and Apps and Interview and PCI DSS and Software Security Framework
New validation programs are being developed to support the PCI Software Security Standards. Together... READ MORE

PCI Standards in 2019: Q&A with CTO Troy Leach

Posted by Laura K. Gray on 12 Apr, 2019 in Point to Point Encryption (P2PE) and Interview and PCI DSS and PTS POI and Third Party Risk and Participation and Request for Comments and SPoC and Software Security Framework and Contactless
What do stakeholders need to know about PCI Security Standards in 2019? PCI SSC Chief Technology Off... READ MORE

PCI DSS: Looking Ahead to Version 4.0

Posted by Laura K. Gray on 6 Mar, 2019 in PCI DSS
PCI SSC has begun efforts on PCI Data Security Standard version 4.0 (PCI DSS v4.0). Here we provide ... READ MORE

Lead QSA Rotation as Best Practice

Posted by Elizabeth Terry on 5 Feb, 2019 in PCI DSS and Compliance and QSA
  PCI SSC continually seeks to increase the baseline standard of quality within the assessor communi... READ MORE

Update to Maintaining Compliance Information Supplement

Posted by Lindsay Goodspeed on 29 Jan, 2019 in Guidance and Awareness and PCI DSS and Compliance and SIGs and BAU
  The Council just published Information Supplement: Best Practices for Maintaining PCI DSS Complian... READ MORE

PCI DSS: Reminders and Resources

Posted by Laura K. Gray on 17 Dec, 2018 in TLS/SSL and PCI DSS and Cloud Security and Multi-Factor Authentication and FAQ
Version 3.2 of the PCI Data Security Standard (PCI DSS) will be retired at the end of 2018. Here are... READ MORE

Industry Guidance on Accepting Telephone Payments Securely

Posted by Lindsay Goodspeed on 27 Nov, 2018 in Guidance and PCI DSS and SIGs
  PCI SSC just published an updated version of the Special Interest Group information supplement Pro... READ MORE

Council CTO on Verizon’s 2018 Payment Security Report

Posted by Lindsay Goodspeed on 25 Sep, 2018 in Point to Point Encryption (P2PE) and Community Meetings and PCI DSS and Compliance and BAU
Verizon recently released its 2018 Payment Security Report. During North America PCI Community Meeti... READ MORE

What Happens After 30 June 2018? New Guidance on Use of SSL/Early TLS

Posted by Laura K. Gray on 15 Jun, 2018 in Guidance and TLS/SSL and PCI DSS
Following the release of PCI DSS v3.2.1 to account for dates that have already passed, such as the 3... READ MORE

PCI DSS Now and Looking Ahead

Posted by Laura K. Gray on 17 May, 2018 in TLS/SSL and Interview and PCI DSS
Today the PCI SSC published a minor revision to the PCI Data Security Standard (PCI DSS) to account ... READ MORE

MOST READ

MUST READ