Emerging PCI DSS v4 Data Security and Privacy for Hybrid Cloud

Presented by

Ulf Mattsson, Head of Innovation, TokenEx

About this talk

The upcoming PCI DSS version 4.0 will include many new or revised requirements and compensating controls will be removed It will include support for a range of evolving payment environments, technologies, and methodologies for achieving security. PCI DSS v4.0 further supports the use of different new technologies. The new validation option gives organizations the flexibility to take a customized approach to demonstrate how they are meeting the security intent of each PCI DSS requirement. This customized approach supports organizations using security approaches that may be different than traditional PCI DSS requirements. Through customized validation, entities can show how their specific implementation meets the intent and addresses the risk. Unlike compensating controls, customized validation will not require a business or technical justification for meeting the requirements using alternative methods, as the requirements will now be outcome-based. We will discuss how PCI DSS v4 may impact: - Implementation of the new “Customized Controls” - Cloud implementations - Compliance cost - Changes in liability - Relation to the 49 new US State Laws - PII and PI privacy - Measure data re-identifiability for pseudonymization. - Apply data protection to discovered sensitive data

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (59)
Subscribers (7667)
Learn all about privacy and what it means to different professionals. Discover why investing in privacy and cyber security makes business sense.