- La colaboración entre Seguridad y FinOps puede generar beneficios ocultos en la nube
- El papel del CIO en 2024: una retrospectiva del año en clave TI
- How control rooms help organizations and security management
- ITDM 2025 전망 | “효율경영 시대의 핵심 동력 ‘데이터 조직’··· 내년도 활약 무대 더 커진다” 쏘카 김상우 본부장
- 세일포인트 기고 | 2025년을 맞이하며… 머신 아이덴티티의 부상이 울리는 경종
PCI SSC Announces 2023 Special Interest Group Election Results
Following its annual Special Interest Group (SIG) election process, the PCI Security Standards Council has confirmed the winning SIG topic for 2023. The Council’s Participating Organizations voted to select “Scoping and Segmentation for Modern Network Architectures” as the focus for the year ahead.
The objective is to develop guidance to support the secure, consistent, and accurate PCI DSS scoping and segmentation practices for modern network architectures. The SIG considerations will include:
- Determining the impact of zero-trust networks/architectures on PCI DSS scope and network segmentation.
- Defining PCI DSS scope boundaries in micro-segmentation and multi-cloud implementations.
- Developing and maintaining PCI DSS asset inventory for short-term, ephemeral environments.
- Identification of risks associated with implementation of modern network architectures due to configuration complexities.
- Guidance on specific requirements for verifying scoping and segmentation.
SIGs are community-driven initiatives that play a key role in the development of resources for the payment industry. To be successful, SIGs require active participation and contributions from its stakeholders. SIG participants are expected to be actively involved and contribute during scheduled calls.
The new SIG is scheduled to launch in April 2023. The Council is seeking participants that can provide expertise and share experience in cloud technologies, cloud security practices, zero-trust architectures/networks, micro-segmentation, software-defined networks, service meshes, and PCI DSS. Participation in the SIG is open to all PCI Participating Organizations (PO), Qualified Security Assessors (QSA), Approved Scanning Vendors (ASV), Qualified PIN Assessors (QPA), Card Production Security Assessors (CPSA), and Software Security Framework (SSF) Assessors. The Council invites those who are interested in getting involved in this SIG project to register.
If you would like to join the SIG, but are not yet a PCI Participating Organization, learn more about how to join.