- Buy Microsoft Visio Professional or Microsoft Project Professional 2024 for just $80
- Get Microsoft Office Pro and Windows 11 Pro for 87% off with this bundle
- Buy or gift a Babbel subscription for 78% off to learn a new language - new low price
- Join BJ's Wholesale Club for just $20 right now to save on holiday shopping
- This $28 'magic arm' makes taking pictures so much easier (and it's only $20 for Black Friday)
PCI SSC Announces 2023 Special Interest Group Election Results
Following its annual Special Interest Group (SIG) election process, the PCI Security Standards Council has confirmed the winning SIG topic for 2023. The Council’s Participating Organizations voted to select “Scoping and Segmentation for Modern Network Architectures” as the focus for the year ahead.
The objective is to develop guidance to support the secure, consistent, and accurate PCI DSS scoping and segmentation practices for modern network architectures. The SIG considerations will include:
- Determining the impact of zero-trust networks/architectures on PCI DSS scope and network segmentation.
- Defining PCI DSS scope boundaries in micro-segmentation and multi-cloud implementations.
- Developing and maintaining PCI DSS asset inventory for short-term, ephemeral environments.
- Identification of risks associated with implementation of modern network architectures due to configuration complexities.
- Guidance on specific requirements for verifying scoping and segmentation.
SIGs are community-driven initiatives that play a key role in the development of resources for the payment industry. To be successful, SIGs require active participation and contributions from its stakeholders. SIG participants are expected to be actively involved and contribute during scheduled calls.
The new SIG is scheduled to launch in April 2023. The Council is seeking participants that can provide expertise and share experience in cloud technologies, cloud security practices, zero-trust architectures/networks, micro-segmentation, software-defined networks, service meshes, and PCI DSS. Participation in the SIG is open to all PCI Participating Organizations (PO), Qualified Security Assessors (QSA), Approved Scanning Vendors (ASV), Qualified PIN Assessors (QPA), Card Production Security Assessors (CPSA), and Software Security Framework (SSF) Assessors. The Council invites those who are interested in getting involved in this SIG project to register.
If you would like to join the SIG, but are not yet a PCI Participating Organization, learn more about how to join.