It’s coming up to a month now since the release of PCI DSS v3.0, so what have you done about it so far?
Many of you would have been reading up on the new version of the standard and are probably planning how your organisation is going to comply with it. You would already know that there are some important changes in v3.0 including the requirement for penetration testing methodology and proving that pen testing has been conducted regularly as well as increased focus on staff awareness training. Merchants have to train staff around device security and passwords. Moreover, according to the new version PCI DSS compliance assessors will be checking the awareness of employees within an organisation and request evidence that security awareness training has taken place.
To provide you with a helping hand, here are two very useful and free PCI DSS v3.0 Resources:
PCI DSS Webinar Video
PCI QSA Geraint Williams recently hosted a webinar titled PCI DSS V3.0: The Changes Explained – Simply. In this webinar, Geraint goes through the changes to the standard and what organisations need to do in regards to them.
To view this video, please complete our short 2 minute survey which is designed to establish how companies are going about achieving compliance with the standard, what challenges they face and how prepared they are for transitioning to v3.
Once you have completed the survey, you’ll be provided with a link to the full webinar video. You can view a teaser of the webinar in the video below.
PCI DSS Green Paper
IT Governance is well known for their Green Papers, so it’s no surprise that we have one for PCI DSS v3.0. ‘PCI DSS v3.0: What has changed’? This green paper explores the updates in version 3 and will help you get a good idea of what steps your organisation need to take next.
You can download the Green Paper here > PCI DSS v3.0: What has changed?
Finally, if you are looking for a more comprehensive reading on PCI DSS v3.0, order the PCI DSS – A Pocket Guide.