PCI Monthly Update: December News, Deep Dive into Requirement 8, and QSA Q&A

PCI Monthly Update: December News, Deep Dive into Requirement 8, and QSA Q&A

From Cybersecurity Sense by LBMC

January 11, 2024 · 36 min · Season 5 · Episode 1

About this episode

This episode covers the latest PCI updates, an in-depth analysis of Requirement 8, and insights from QSA experts.

Join us for the latest episode of our PCI Monthly Update podcast, where we explore the latest developments in the world of payment card industry security. We begin with a news segment highlighting the PCI SSC's TRA Guidance. Next, we delve into Requirement 8 of the PCI DSS, dedicated to identifying users and authenticating access to system components. We'll explore the intricate details of this requirement, covering sub-requirements 8.1 to 8.6. These discussions will include processes for user identification, strict management of user and administrator accounts, strong authentication methods, and the implementation of multi-factor authentication (MFA) to ensure the security of cardholder data environments (CDE). Our QSA Q&A segment then addresses a critical question: Do all accounts need to comply with these requirements? We'll provide clarity on the scope, applicability, and exceptions, helping listeners understand the nuances of compliance. Tune in for a comprehensive review of December's PCI updates, an in-depth analysis of Requirement 8, and valuable insights from our QSA experts. This episode is a must-listen for professionals seeking to stay informed and improve their…

Topics covered

  • payment card industry security
  • PCI compliance
  • user authentication
  • multi-factor authentication
  • Requirement 8
  • QSA Q&A

Keywords

  • PCI SSC
  • Requirement 8
  • user identification
  • authentication methods
  • multi-factor authentication
  • compliance
  • cardholder data security

Mentioned in this episode

Organizations: PCI SSC

Books & works: PCI DSS

More episodes of Cybersecurity Sense

Explore listener stats, chart rankings, contacts and more on the Cybersecurity Sense podcast page.