The time has come.
The PCI Council has released a revision to PCI DSS version 3.2. Here’s what you need to know.
The revision was published May 17, 2018. The Council has emphasized that the revision will be minor and that “there will be no new requirements in this revision.”
Rather than introducing new requirements, PCI DSS v3.2.1 is intended “remove the effective date introduced in version 3.2 for several new requirements and the Secure Sockets Layer (SSL)/early Transport Layer Security (TLS) migration requirements.”
As you may know, there were specific new requirements in version 3.2 that specify an adoption date of February 1, 2018. These dates have now passed and version 3.2.1 simply removes this wording.
In addition to updating the language around these requirements, the revision is intended to “fix minor typographical errors, punctuation, and format issues.”
On the whole, PCI DSS v3.2.1 is not a cause for concern. It introduces no new expectations and falls directly in line with the plan set forth in version 3.2.
If you need PCI DSS guidance, we’d love to help. Our team of information security professionals can walk you through the entire process from readiness to completed assessment.
Click here to contact us and learn more about how we can help you meet your PCI readiness goals.