Using Pandemic Lessons and Risk Assessments to Prepare for PCI DSS 4.0

Ad blocking detected

Thank you for visiting We have detected you cannot see ads being served on our site due to blocking. Unfortunately, due to the high cost of data, we cannot serve the requested page without the accompanied ads.

If you have installed ad-blocking software, please disable it (sometimes a complete uninstall is necessary). Private browsing Firefox users should be able to disable tracking protection while visiting our website. Visit Mozilla support for more information. If you do not believe you have any ad-blocking software on your browser, you may want to try another browser, computer or internet service provider. Alternatively, you may consider the following if you want an ad-free experience.

Canadian Insider Club
$299/ year*
Daily Morning INK newsletter
+3 months archive
Canadian Market INK weekly newsletter
+3 months archive
30 publication downloads per month from the PDF store
Top 20 Gold, Top 30 Energy, Top 40 Stock downloads from the PDF store
All benefits of basic registration
No 3rd party display ads

* Price is subject to applicable taxes.

Paid subscriptions and memberships are auto-renewing unless cancelled (easily done via the Account Settings Membership Status page after logging in). Once cancelled, a subscription or membership will terminate at the end of the current term.

Using Pandemic Lessons and Risk Assessments to Prepare for PCI DSS 4.0

Understanding the anticipated risk-based approach coming with PCI DSS 4.0 through real world scenarios

PR Newswire

SCHAUMBURG, Ill., Jan. 22, 2021 /PRNewswire/ -- Viviana Wesley, CISM, PCI QSA, ISO 27001 Auditor, and Principal Consultant at HALOCK Security Labs will be presenting at the 2021 NAPCP Commercial Card Payment Virtual Conference taking place on May 10th – 21st, 2021.

The session, Using Pandemic Lessons and Risk Assessments to Prepare for PCI DSS 4.0 provides real examples of how scope reduction technologies have helped organizations manage their risk more easily through a pandemic. HALOCK will also explain the anticipated risk-based approach that is coming with PCI DSS 4.0 and how organizations can prepare for the new standard (and many new requirements) by strengthening their risk processes now. Attendees will learn how:

  • Easy some organizations' remote and on-premise working transitions have been because of Point-to-Point Encryption (P2PE) technology and why.
  • PCI DSS version 4, to be published in 2021, will introduce a risk-based approach to validating compliance.
  • To do risk analysis in a way that regulators expect.

"With everything we've seen this last year, it can become quite overwhelming. The right kind of Risk Assessment can not only help you deal with the ongoing risks of a remote workforce and pandemic but also prepare you for upcoming security requirements. It can help you bridge the communication gap between IT and business, so you can determine what is reasonable security for your organization," said Wesley.

As PCI DSS 4.0 is anticipated to be released mid-2021, businesses should be planning ahead for the operational changes it requires which can include additional budget, resources, and time. Commercial card and payment professionals can enhance their transition strategy through HALOCK's business examples and best practices on how to mitigate risk with the new PCI DSS 4.0 requirements.

The annual NAPCP Commercial Card Payment Conference will bring together professionals from around the world to share perspectives on all Commercial Card and Payment types, including Purchasing Card, Travel Card, One Card, Fleet Card, Ghost Card, Declining Balance Card, ePayables, as well as rapidly evolving B2B fintech products. Experts and practitioners share case studies, successes and thought-provoking ideas in educational sessions and demonstrations, all with an eye for trends and innovation across sectors.

ABOUT HALOCK Security Labs
Founded in 1996, HALOCK Security Labs is a thought-leading information security firm, that combines strengths in strategic management consulting with deep technical expertise. HALOCK's service philosophy is to apply "just the right amount" of security to protect critical assets, satisfy compliance requirements, enhance social responsibility, and achieve corporate goals.  With HALOCK, organizations can establish reasonable security and acceptable risk. HALOCK's services and programs include: Security and Risk Management, Compliance Validation (HIPAA, PCI DSS, CCPA, CMMC-Readiness), Penetration Testing, Incident Response Readiness, Threat Hunting or Managed Detection and Response (MDR), and Security Engineering.

As principal authors of CIS Risk Assessment Method (RAM) and board members of The Duty of Care Risk Analysis (DoCRA) Council, HALOCK offers the unique insight to help organizations define their acceptable level of risk and establish "duty of care" for cybersecurity. Through this risk assessment method, businesses can evaluate cyber risk that is clear to legal authorities, regulators, executives, lay people, and security practitioners.

Cindy Kaplan

Cision View original content to download multimedia:


Copyright CNW Group 2021

Comment On!

Upload limit is up to 1mb only
To post messages to your Socail Media account, you must first give authorization from the websites. Select the platform you wish to connect your account to (via Easy Blurb).