PCI-DSS Version 4 Is In The Works—What Impact Might It Have On Security Operations And The Business' Bottom Line | A One-On-One With Mitch Parker

ITSPmagazine Podcast

English - December 01, 2020 20:49 - 26 minutes - 24.2 MB - ★★★★★ - 15 ratings
Technology education internet business computers digital transformation future technology innovation science hacking Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed

Previous Episode: One World Together – Cybersecurity Symposium For Smart Cities 2020 Opening Keynote Panel | The Cyber Society | With Ann Dunkin, Jessica Santos, And Raimundo Rodulfo

Next Episode: Ambulance Chasers and Charlatans | Indistinguishable From Magic | With Rafal Los And Chris Abramson

Many organizations leverage regulations and standards to help them define their security and privacy programs, and in doing so, spend time and money creating policies, implementing controls, and monitoring for exceptions. But what happens when the regulation or standard changes?

There's a seemingly constant barrage of change in the law and standards—and even in the supporting management/controls frameworks. Depending on where the company is headquartered, where it does business. Also, where its customers reside, where the customers' data resides, what type of customer data the company holds and interacts with—and what industry sector(s) the company operates in. All of this determines which of these regulations and standards they must adhere to. A change in any of these elements means a re-evaluation of the organization's risk profile and implementation of the mitigating controls.

This probably makes sense to many reading this. But what's missing from this equation? More than you may think.

To uncover the potential impact of the business operations, risk management program, security operations, and ultimately the business's bottom line, Sean Martin has a 1:1 chat with Indiana University Health CISO, Mitch Parker. The two look at the v4 PCI-DSS update, currently in development and due to release sometime in the middle of 2021, as the driver for this conversation.

There's a lot to consider—and plan for—when changes occur. Don't get caught with a surprise if you can avoid it. Prepare yourself, your staff, and your peers at the executive level for what's to come.

Guest(s)
Mitch Parker, CISO, Indiana University Health (@mitchparkerciso on Twitter)

Resources

3 blogs related to the pending v4 PCI-DSS standard:

https://blog.pcisecuritystandards.org/pci-dss-looking-ahead-to-version-4.0 https://blog.pcisecuritystandards.org/pci-dss-v4-0-anticipated-timelines-and-latest-updates https://blog.pcisecuritystandards.org/3-things-to-know-about-pci-dss-v4-0-development

This Episode’s Sponsors:

Nintex: https://itspm.ag/itspntweb

Imperva: https://itspm.ag/imperva277117988

To see and hear more Redefining Security content on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-security

Are you interested in sponsoring an ITSPmagazine Channel?
https://www.itspmagazine.com/podcast-series-sponsorships

Twitter Mentions

@mitchparkerciso