From now through 21 December 2020, PCI SSC Participating Organizations are invited to vote on proposals for 2021 Special Interest Group (SIG) projects.
Special Interest Groups (SIGs) are community-driven initiatives that focus on payment security challenges related to PCI Security Standards. SIGs bring together experts from across industries and around the world to address the topics that are most important to their payment security efforts, resulting practical and relevant resources that help stakeholders apply PCI Standards to their organizations.
To vote, the business contact must log in to the PCI portal to review the proposed topics and vote on behalf of their organization. Participating Organizations can select one SIG proposal for a 2021 project. Please note that the business contact is the only person with access to the SIG election process and that can submit a vote on behalf of their company.
Here is a brief description of the 2021 SIG proposals for Participating Organizations to choose from:
- Covid-19 Impacts on the Payments World: Ramifications for Risk and Data Breaches: This SIG would explore the most effective ways to help small merchants identify and address the increased risk from Covid-19-related changes to their processing environments.
- Secure Application Code Analysis: This SIG would provide guidelines on different methods for static and dynamic testing, including considerations for functionality and effectiveness.
- Recognizing and Remediating Client-side Web Browser Threats to Cardholder Data (CHD): This SIG would provide guidance on processes and methods to test for and eliminate client-side web browser vulnerabilities.
- Threat Intelligence-Based Ethical Red-Teaming: This SIG would provide guidance and metrics to measure the extensiveness of an Attack Simulation/Threat Intelligence-led Red-team Testing engagement.
- Container Orchestration Tools: This SIG would provide guidance and best practices for the use of Container Orchestration Tools throughout the lifecycle of building, deploying, and running container services.
Full details of each proposed SIG topic are available for Participation Organizations to review via the PCI Portal.
The results of the SIG election will be shared in January 2021. At that time, PCI SSC will work with the submitter(s) of the selected SIG to create a charter in preparation for the commencement of the new SIG.
PCI SSC appreciates the participation of our stakeholders in the SIG selection and approval process. This involvement by stakeholders is invaluable in our efforts to provide resources that help secure payment data.