Timeline for PCI DSS 4.0: The First Requirement and Best Practices for Network Security Controls
PCI DSS compliance is verifying that your systems, those that handle personal and cardholder information, meet all the expectations of the 12 requirements of the standard. These requirements describe security and privacy controls to protect against modern threats and vulnerabilities and call for both attention to implementing controls and maintaining long-term best practices.
The best way to understand expectations under PCI DSS is to walk through the requirements and what they say about security. Here, we’ll touch on the first requirement: Install and maintain security controls.