From 3 – 19 December PCI SSC Participating Organizations are invited to vote on proposals for 2019 Special Interest Group (SIG) projects.
Special Interest Groups (SIGs) are community-driven initiatives that focus on payment security challenges related to PCI Security Standards. SIGs bring together experts from across industries and around the world to address the topics that are most important to their payment security efforts, resulting in practical and relevant resources that help stakeholders apply PCI Standards to their organizations.
To vote, Participating Organization business contacts must log in to the PCI SSC portal to review the choices and select up to three projects. Please note that the business contact will be the only person with the ability to access the ballot and will submit a vote on behalf of the entire company.
Here is the list of SIG proposals to choose from:
- Guidance and Recommendations for Designing Social Engineering Awareness and Tests
- Guidance for Effective Security Vulnerability Management
- Guidance for setting and managing PKIs for payments, including input into X9 efforts to develop a financial services PKI not controlled by web browser companies
- Update Guidance on Scoping and Network Segmentation to account for new technologies
- Guidance for merchants on acceptable practices and methods to meet PCI DSS Requirement 9.9.2 (inspect device surfaces to detect tampering)
- Guidance for Managed Service Providers and Managed Security Service Providers
- Guidance document for best practices on managing PCI DSS compliance in large and complex organizations
- Guidance on different options for secure card data deletion
- Guidance on developing a mature compliance program through continuous improvement
2019 SIG projects will be announced in January 2019. PCI SSC will work with those that are selected to create charters prior to the commencement of the new SIGs in early 2019.
Thank you for your participation. This kind of direct involvement by stakeholders is invaluable to our efforts to provide resources that help security payment data.