PCI DSS 4.0 Timeline: The Eleventh Requirement and System Testing

PCI DSS 4.0 featured

System security is one task of many in organizations focused on compliance, one that requires continuous monitoring and diligence to ensure its success. One of the more critical aspects of compliance requirements like PCI DSS 4.0 is ongoing testing of system and network components. 

What does that process look like for companies in the payment industry? It involves a combination of active and passive testing methods to document and follow up on unauthorized changes. 


Read More

Timeline for PCI DSS 4.0: The Ninth Requirement and Physical Access Security

pci dss 4.0 featured

When thinking about cybersecurity, many stakeholders outside the industry will rarely consider the physical systems supporting digital information. And yet, almost any security framework worth its salt will have some provision for securing physical systems and environments. PCI DSS 4.0 is no different, and the ninth requirement is dedicated to just this topic.

This article will discuss this requirement and exactly what it means to approach the physical security of systems containing cardholder data in compliance with PCI DSS.


Read More