Last month, the PCI Security Standards Council (PCI SSC) officially released the PCI DSS v3.0 compliance standards, but much remains to be done before merchants, service providers and auditors will understand how the new mandates will impact organizations.
The effective date of the version 3.0 of the standard will be on January 1, 2014, but existing PCI DSS 2.0 compliant vendors will have until January 1, 2015 to move to the new standard, and some of the changes will continue to be best practices for several more months (until June 1, 2015).
Here’s what has changed:
Also, watch Jeff Hall, CISSP, CISM, CGEIT, PCI-QSA, PCIP and Senior Security Consultant at FishNet Security and Cindy Valladares, Senior Manager Corporate Communications at Tripwire, to learn how PCI DSS 3.0 will impact your organization and what you need to do:
- Understanding key themes for PCI DSS 3.0
- Making sense of clarifications, additional guidance, and new requirements
- What’s changed, what hasn’t, and what will affect merchants most
- How Tripwire’s continuous compliance solutions for PCI DSS are helping thousands of businesses worldwide
PCI DSS 3.0: Don’t Shortchange Your PCI Readiness
- How PCI DSS v3.0 Will Affect Your Organization
- The Skinny on PCI DSS 3.0 Compliance Changes by Anthony M. Freed
- PCI DSS version 3.0 Change Highlights Document by the PCI Council
- PCI 3.0 – Catch a Sneak Peek Before the Full Feature by Adrian Sanabria (need subscription to 451 Research)
- Hurry Up And Wait, PCI DSS 3.0 by Branden Williams
Title image courtesy of ShutterStock