PCI DSS v4: What's New

Focused View

John Elliott

1:36:04

266 View

Module 1 - Course Overview

1. Course Overview.mp4

01:39

Module 2 - The Key Changes in PCI DSS 4.0

1. The Timeline for Version Four.mp4

05:18

2. Changes in the Introductory Sections.mp4

12:39

3. The New Structure of PCI DSS 4.0.mp4

04:15

4. Potentially Impactful Clarifications.mp4

07:07

Module 3 - The New Requirements in PCI DSS 4.0

1. Exploring the New Requirements.mp4

05:39

2. Cryptography.mp4

05:18

3. Protecting E-commerce.mp4

04:18

4. Identity and Access Control.mp4

05:04

5. Logging and Vulnerability Scanning.mp4

02:36

6. Phishing and Management.mp4

04:46

7. Service Providers.mp4

02:21

8. New Options in the Assessment.mp4

07:10

Module 4 - The Customized Approach

1. How the Customized Approach Works.mp4

11:50

2. Understanding Objectives and Mischief.mp4

04:48

Module 5 - Planning a PCI DSS 4.0 Transition

1. Impact Assessment and PCI DSS Scope.mp4

05:24

2. Trends in PCI DSS Compliance.mp4

05:52

Description

Version 4.0 of PCI DSS is the first major revision since 2013 and includes 64 new requirements and the option for objective-based security with the customized approach. This course will teach you about all the changes and the transition timeline.

What You'll Learn?

PCI DSS version four is the first major release for nine years, and will affect every organization that stores, processes or transmits payment card data – not least because there are 64 new requirements in the standard with major changes to the encryption of cardholder data, protecting e-commerce websites, system and application accounts, multi-factor authentication, and vulnerability management. In this course, What’s New in PCI DSS 4.0 you’ll discover the important changes to the standard. First, you’ll start with the implementation timeline and that affects how you plan for the changes and your assessments over the next three years. Next, you’ll discover what has changed in all of the twelve principal requirements and meet the 64 new requirements which will be classified based on the degree of change that most organizations will need to be able to meet them. Finally, you'll learn about the new customized approach which is PCI’s term for objective-based security and consider if that is a route that will work for you. By the end of this course, you’ll be able to evaluate the impact of PCI DSS 4.0 on you organization and start planning your transition to this new version of the Payment Card Industry Data Security Standard.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Network Security

Windows Server

John Elliott

Instructor's Courses

John Elliott is a specialist in regulated security and data protection. His fascination is the way that people engage with security directives: whether that’s a company following external regulation, an information security team developing policies, an IT team following them, or a colleague who is just trying to do their job securely. John has led information security and data protection functions in aviation and financial services. He’s represented both Visa Europe and Mastercard on the PCI Security Standards Council, and contributed to many of the PCI standards including PCI DSS v4. He has LLM in Information Rights Law, holds the expected information security certificates (CISSP, CISA , CRISC, CDPSE) and is a Fellow of the British Computer Society - the Chartered Institute for IT.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.