- The best foldable phones of 2024: Expert tested and reviewed
- Redefining customer experience: How AI is revolutionizing Mastercard
- The Apple Pencil Pro has dropped down to $92 on Amazon ahead of Black Friday
- This tiny USB-C accessory has a game-changing magnetic feature (and it's 30% off)
- Schneider Electric ousts CEO over strategic differences
PCI SSC Announces 2023 Special Interest Group Election Results
Following its annual Special Interest Group (SIG) election process, the PCI Security Standards Council has confirmed the winning SIG topic for 2023. The Council’s Participating Organizations voted to select “Scoping and Segmentation for Modern Network Architectures” as the focus for the year ahead.
The objective is to develop guidance to support the secure, consistent, and accurate PCI DSS scoping and segmentation practices for modern network architectures. The SIG considerations will include:
- Determining the impact of zero-trust networks/architectures on PCI DSS scope and network segmentation.
- Defining PCI DSS scope boundaries in micro-segmentation and multi-cloud implementations.
- Developing and maintaining PCI DSS asset inventory for short-term, ephemeral environments.
- Identification of risks associated with implementation of modern network architectures due to configuration complexities.
- Guidance on specific requirements for verifying scoping and segmentation.
SIGs are community-driven initiatives that play a key role in the development of resources for the payment industry. To be successful, SIGs require active participation and contributions from its stakeholders. SIG participants are expected to be actively involved and contribute during scheduled calls.
The new SIG is scheduled to launch in April 2023. The Council is seeking participants that can provide expertise and share experience in cloud technologies, cloud security practices, zero-trust architectures/networks, micro-segmentation, software-defined networks, service meshes, and PCI DSS. Participation in the SIG is open to all PCI Participating Organizations (PO), Qualified Security Assessors (QSA), Approved Scanning Vendors (ASV), Qualified PIN Assessors (QPA), Card Production Security Assessors (CPSA), and Software Security Framework (SSF) Assessors. The Council invites those who are interested in getting involved in this SIG project to register.
If you would like to join the SIG, but are not yet a PCI Participating Organization, learn more about how to join.