PCI DSS v4.0 Is Here – Now What?

OVERVIEW

The Payment Card Industry Security Standards Council (PCI SSC) released v4.0 of the PCI Data Security Standard (DSS) in 2022 and the countdown is on. Organizations that need to comply with PCI DSS only have until April 2025 to implement all the new requirements. Are you ready and, more importantly, do you even know what it will take to be ready?

Many organizations need to comply with the PCI DSS and a major version change can be daunting. To make things worse, most of the information provided by the PCI SSC and other organizations can be vague and/or marketing focused. This leaves individuals confused as to what they really need to be doing to prepare themselves and their organizations. My goal is to break it down Barney-style so that no one gets stuck behind the eight ball when they run their first v4.0 assessment.

This presentation will:
-Provide brief definitions of the PCI SSC and PCI DSS
-Explain the history of the PCI DSS (how we got to where we are)
-Provide an overview of the changes in v4.0, specifically avoiding any vague marketing talk and focusing on actionable items to help prepare organizations for v4.0
-Provide a summary of the big-ticket items that organizations should be working on to ease into v4.0