On March 31, 2022, the Payment Card Industry Security Standards Council published version 4.0 of its PCI Data Security Standard (PCI-DSS). The updated standards provide significant new guidance on the scope and applicability for requirements that impact small to medium businesses (SMBs). For European Union (EU) SMBs that need to comply with GDPR, and U.S. firms that do business with EU citizens, there is now even greater pressure to avoid even a partial Availability Breach when a cyber-attacker gains unauthorized access to sensitive data, even if a full breach did not occur. Finally, U.S. State Civil Codes have become far more onerous in recent years and extend to remote and satellite offices. Some codes extend to cover remote workers if they have access to personally identifiable information (PII), such as customer or employee data.
This Qualys eBook offers details about: