The Payment Security Meeting Featured Guidance from the Council and Industry Leaders on Payment Security Threats and Best Practices in 2022
TORONTO, 15 September 2022 — More than a 1000 in person attendees and hundreds of online stakeholders attended the PCI SSC Global Community Meeting, which provides a platform for leaders in the payment security industry to collaborate and share knowledge on security best practices to protect payment data against cybercrime. The multi-day event featured a deep dive into the recently released PCI DSS v4.0, presentations on mobile and software security, and a keynote address from Confidence Staveley of the CyberSafe Foundation, who spoke about cybersecurity awareness and the changing global payment threat landscape.
“After three years of online events, the Council was delighted to host our North America Community Meeting bringing together a diverse group of global industry leaders who foster collaboration and innovation in the payments security industry,” said PCI SSC Executive Director Lance J. Johnson. “Our standards and programs are designed to protect payment data and are driven by industry involvement. Further recognizing the importance of our stakeholders, we’re excited to announce major changes to our participation structure which will provide the industry expanded opportunity to contribute, collaborate and influence the direction of these standards and programs.”
Under the updated Participating Organization (PO) structure, organizations can choose to either join at the Principal or Associate level. While the Associate PO is comparable to the Council’s existing PO program, the Principal PO category is designed to enable a deeper level of collaboration and interaction with the Council.
In conjunction with the announcement, the Council is also expanding the size and role of its Board of Advisors (BoA). The increased number of board seats will ensure greater global involvement in PCI SSC standards, providing even more opportunities for discussion and collaboration. Additional information about the updated PO program and expanded BoA can be found here New Opportunities for Collaboration with the Council Coming in 2023.
Other Council news presented at the meeting included:
- Newly Published PCI DSS v4.0 Resources: To support organizations working to implement PCI DSS v4.0, the Council recently published updates to two popular resources. The PCI DSS Prioritized Approach is a tool to help businesses secure payment account data more quickly while making steady progress towards PCI DSS compliance. The PCI DSS v4.0 Quick Reference Guide provides an introduction to PCI DSS, helping organizations understand how PCI DSS v4.0 can help protect payment environments and how to apply the standard. These resources can be found in the PCI SSC Document Library.
- Knowledge Training: To help bridge the knowledge gap between assessors and assessed entities, PCI SSC is announcing the availability of Knowledge Training. These trainings aim to provide knowledge so that assessments are a much smoother, more efficient process for all involved. Built on our training programs, attendees will complete the same training and exams as existing Assessors. Knowledge Training will be available beginning 5 October. For more information: Bridge the Gap with Knowledge Training.
- Publication of Containerization Information Supplement: PCI Security Standards Council has published a new Information Supplement: Guidance for Containers and Container Orchestration Tools. This document was produced by the 2021 Special Interest Group (SIG), the members of which provided their expertise and shared experience for applying best practices to containers and container orchestration tools for payment systems. For more information visit the PCI Perspectives Blog: Guidance for Containers and Container Orchestration Tools.
- New PCI SSC Mobile App and Website: To communicate more effectively with global stakeholders, the Council has enhanced the utility and user experience of the Council website. With a focus on improving ease of access to information the Council also recently published a mobile app. This app allows for more direct engagement with payment industry stakeholders, including instant notification of Council news and announcements, and easier access to important resources. For more information visit the PCI Perspectives Blog: Introducing the New PCI SSC Mobile App
Visit the PCI SSC website for more information on all of the PCI Council’s efforts and activities including how your organization can attend the next PCI SSC event and join the global cross-industry effort to increase payment security.
Register now to attend the next PCI SSC events:
- Europe Community Meeting in Milan, Italy: 18 – 20 October
- Asia-Pacific Forum, Virtual Event: 16 November
About the PCI Security Standards Council
The PCI Security Standards Council (PCI SSC) leads a global, cross-industry effort to increase payment security by providing industry-driven, flexible and effective data security standards and programs that help businesses detect, mitigate and prevent cyberattacks and breaches. Connect with PCI SSC on LinkedIn. Join the conversation on Twitter @PCISSC. Subscribe to the PCI Perspectives Blog.