Nettitude Blog

PCI-DSS v3.2 is changing, are you ready?

Posted by Amy Tuck on Jan 26, 2018 2:24:55 PM

Being PCI compliant is an integral part of running a business when you deal, in any way, with credit card information. Nettitude audit and assess both service providers and merchants, and we help them maintain compliance year to year. PCI-DSS v3.2 is changing, here is what you need to know.

PCI - DSS - V2.jpg

From February 1st 2018 there are some pretty big requirement changes coming to the PCI-DSS regulation. Up until now all of the changes listed below have been ‘best practices’, however from next month there will be new requirements, so you need to make sure you’re still compliant.

The following changes to PCI-DSS v3.2 go live February 1st:

  • Requirement 3.5.1 — Documented cryptographic architecture
  • Requirement 10.8 —Detection and reporting of critical security controls failure
  • Requirement 10.8.1 —Respond and document failures of any critical security controls
  • Requirement 11.3.4.1 — Six-month penetration testing of segmentation controls
  • Requirement 12.4.1 — Assign responsibility for PCI DSS compliance and create a PCI DSS charter
  • Requirement 12.11.a —Six-month management review of policy and process compliance
  • Requirement 12.11.1 —Documentation of the six-month management review

Here at Nettitude we want to make sure you’re ready for the changes, so if you need to know more about each requirement change and want to check if you’ll be PCI-DSS v3.2 compliant from February 1st get in touch with us today. Our PCI services allow you to run through a full checklist of requirements and we’ll let you know if you meet them, and more importantly, what you need to do if you don’t.

 

Contact us today for a consultation on our website at https://www.nettitude.com/contact-us/ OR email us at solutions@nettitude.com 

About Nettitude

Nettitude is the trusted cyber security provider to thousands of businesses around the world. We stop at nothing to keep your data and business secure in an age of ever-evolving cyber threats.

Our experts use an award winning Threat Intelligence led approach that incorporates real-time data, ensuring that your company is protected at every stage of its journey.

Receive an update when we post!

Recent Posts