Watch Questions with the Council: PCI DSS v4.0 and the Customized Approach

1 year ago AndyC

 

In
the
second
installment
of
the


“Questions
with
the
Council”
video
series,
Data
Security
Standards
Manager,
Ka

Watch Questions with the Council: PCI DSS v4.0 and the Customized Approach



 


In
the
second
installment
of
the


“Questions
with
the
Council”
video
series,
Data
Security
Standards
Manager,
Kandyce
Young,
answers
the
payment
industry’s
questions
about
PCI
DSS
v4.0.
The
questions
focus
specifically
on
the
customized
approach
and
compensating
controls.
Questions
include:

  • Is
    the
    customized
    approach
    right
    for
    our
    organization?
     
  • What
    is
    a
    situation
    where
    a
    compensating
    control
    should
    be
    used,
    versus
    the
    customized
    approach?
     
  • What
    is
    a
    “legitimate
    documented
    technical
    or
    business
    constraint”
    when
    implementing
    a
    compensating
    control?
  • Can
    the
    same
    QSA
    design
    and
    asses
    a
    customized
    control?
     

Watch
“Questions
with
the
Council”
where
Kandyce
answers
these
questions
and
more!
Make
sure
to


subscribe
to
the
Council’s
YouTube
page
to
stay
up
to
date
with
upcoming
payment
security
videos. 

 
Have
more
questions
about
the
customized
approach
or
compensating
controls?
Make
sure
to
read
this
blog
series
for
more
information:

Make
sure
to
check
out
the
whole


“Questions
with
the
Council”
series! 

Want
more
resources
on
PCI
DSS
v4.0?
 Visit
the
PCI
DSS
v4.0
Resource
Hub:




PCI DSS v4.0 Resource Hub

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

More Stories

Protecting Model Updates in Privacy-Preserving Federated Learning: Part Two

3 days ago AndyC

Take A Tour! NIST Cybersecurity Framework 2.0: Small Business Quick Start Guide

4 days ago AndyC
Coffee with the Council Podcast: Help Shape the Future of Payment Security as a PCI SSC Participating Organization

Coffee with the Council Podcast: Help Shape the Future of Payment Security as a PCI SSC Participating Organization

6 days ago AndyC
Resource Guide: Earn Continuing Professional Education Credits Through the Council

Resource Guide: Earn Continuing Professional Education Credits Through the Council

2 weeks ago AndyC

Giving NIST Digital Identity Guidelines a Boost: Supplement for Incorporating Syncable Authenticators

2 weeks ago AndyC
PCI DSS v4: What’s New with Self-Assessment Questionnaires

PCI DSS v4: What’s New with Self-Assessment Questionnaires

1 month ago AndyC

You may have missed

Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION

4 hours ago AndyC
GenAI Continues to Dominate CIO and CISO Conversations

GenAI Continues to Dominate CIO and CISO Conversations

4 hours ago AndyC

Pay up, or else? – Week in security with Tony Anscombe

19 hours ago AndyC
Blackbasta gang Synlab Italia attack

Blackbasta gang Synlab Italia attack

22 hours ago AndyC
Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities

Microsoft Outlook Flaw Exploited by Russia’s APT28 to Hack Czech, German Entities

1 day ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.