There are changes coming to the Payment Card Industry Data Security Standard later this year, so there is no time like the present to start preparing for PCI DSS 4.0.  

Considering this is the first major revision to the standard since v3.0 was released in 2013, there will be plenty of new mandates to comply with for companies obligated to follow PCI DSS.

For the PCI Security Standards Council, the aim of the new version of the standard including several goals: 

  1. Keep the standard current and ensure it meets the needs of the payment industry
  2. Add flexibility to support different approaches to security
  3. Focus on security as a continuous process 
  4. Enhance the methods and procedures for validating compliance  

As of today, the SSC is reviewing feedback it collected from QSA companies in the second half of 2020 with a request for comment against this version. From there, the SSC will compile a list of the final actions that will be taken based on the feedback.  

The updated version of the standard, incorporating the feedback, is expected to be delivered within the first quarter of 2021. Once the supporting documents, training and program updates are released, organizations will have an extended transition period of 18 months to update from PCI DSS 3.2 to PCI DSS 4.0.  

Altogether, the PCI Council is giving organizations like yours about 2 ½ years before any new requirements will have to be implemented.  

However, it is never too early to partner with a cybersecurity expert like 2W Tech to help you comply with PCI DSS. Call us today so we can help you meet your compliance obligations through our Cybersecurity Compliance Program.  

Read More:

Microsoft Exchange Server Hack

Virginia Joins California With its Own Consumer Data Protection Act

Back to IT News