PCI DSS V3.0: The Changes Explained Simply

On the 7th November, the PCI Security Standards Council released PCI DSS v3.0. Replacing v2.0, the new version will become applicable on 1st January 2014; however there will be a 12 month grace period which will provide companies with plenty of time to meet the requirements of the new version.

If you’ve already read through version 3, you will have noticed that there have been changes across all 12 of the requirements of the standard. It seems that becoming aligned to version 3 isn’t going to be a walk in the park, especially if don’t understand the changes well.

PCI QSA and Information Security Consultant, Geraint Williams, will be running the PCI DSS V3.0: The Changes Explained Simply webinar on 26th November and I strongly suggest that you attend.

The webinar is free and will provide you with an overview of:

  • What the key differences are between version 2 and version 3
  • What the timelines are for meeting these requirements
  • How the changes may affect you and your business (merchants and service providers)
  • How to maintain PCI DSS compliance as “business as usual”
  • Rules around penetration testing
  • Service provider responsibilities and contractual agreements
  • Implications for data storage and backup
  • Password and credential requirements
  • Malware detection
  • Change management
  • The relocation of operational procedure and security policy components

Geraint’s knowledge on PCI DSS is second to none, so attending his webinar will be the key factor in preparing yourself for the changes you’ll have to make.

The webinar will start at 15:00 GMT and will last approximately 40 minutes plus a Q&A session.

You can register for the webinar here >>> PCI DSS V3.0: The Changes Explained Simply. On the page you’ll also find a free green paper written by Geraint, PCI DSS v3.0: What has changed?