Implementing a Risk Migration Plan for PCI DSS 3.1

Presented by

Dr Branden Williams; Mason Karrer, RSA; Stuart Hince, HPE Data Security, Emma Sutcliffe, PCI SSC

About this talk

Under the rules of PCI DSS v3.1, SSL and early versions of the Transport Layer Security (TLS) protocol are no longer considered acceptable for payment data protection due to "inherent weaknesses" within the protocol. Organizations who process payments must migrate to TLS 1.1 encryption or higher by June 2018. Prior to this date, existing implementations using SSL and/or early TLS must have a formal risk mitigation and migration plan in place. Moreover, details have just been released on the upcoming PCI DSS 3.2. In a landscape filled with new threats and new regulations, risk management has never been more critical. On this webinar we will look at ways to address the SSL and TLS vulnerabilities by implementing a pragmatic risk migration plan. Join us to learn about innovative data-centric protection technologies that mitigate risk, enable compliance, and are all the more important – especially if potentially insecure transfer methods will continue to be used through mid-2018.

Related topics:

More from this channel

Upcoming talks (3)
On-demand talks (142)
Subscribers (44568)
The IT GRC Forum produces online events and provides professional networking facilities and market intelligence to Governance, Risk Management and Compliance professionals.