Security Weekly Podcast Network (Video)
Technology
Version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS) puts greater emphasis on application security than did previous versions of the standard. It also adds a new “customized approach” option that allows merchants and other entities to come up with their own ways to comply with requirements, and which also has implications for application security. Specifically, PCI DSS 4.0 requires that by March 31, 2025, more testing of public-facing applications related to payment processing or other activities be considered “in scope” for compliance. Generally, any system that touches payment-card data is in scope for PCI DSS compliance, whether or not the system or function is public-facing. We'll talk through what organizations should have gotten done by March 31, 2024, and what needs to happen by March 31, 2025.
Segment Resources: https://info.obsglobal.com/pci-4.0-resources
Show Notes: https://securityweekly.com/psw-825
Hardware Hacking - PSW #809
Lessons from 10 years running the first cyber-exclusive investment firm - Bob Ackerman - ESW #342
Extracting Data from ChatGPT, Vulns Around AI, Secure AI Guidance, LogoFAIL, BLUFFS - ASW #265
Surprise Cam Nudes, Staples, Turtle, Apple, 23andme, P2Pinfect, Gmail, Jason Woods - SWN #346
All the News -- Just Six Months Later - ASW #265
Uber CISO Speaks Out as CISOs Draft Letters to the CEO, CMO, and CCO - BSW #330
Real Edge Computing Use Cases from the AT&T Cybersecurity Insights Report - Theresa Lanowitz, Mark Freifeld - BSW #330
AI and Ransomware dominate the news cycles - ESW #341
Cybertruck, Okta, Google, Black Basta, Zoom, Unitronics, Aaran Leyland, and More - SWN #345
Cybercrime is booming: understanding why and what we can do about it - Keith Jarvis - ESW #341
Vulnerability Reporting, Zyxel, GPS Spoofing - PSW #808
Non-profits need security too - Kelley Misata - ESW #341
AI, LLMs and Some Hardware Hacking - Matthew Carpenter - PSW #808
AI and LLMs - Think of the Children - Josh More - PSW #808
Randstorm, Nothing Chats, Platform Engineering, PyPI Security Audit - ASW #264
Chimera, Aliquippa, FNF, Lazarus, DARPA, Namedrop, Google, Aaran Leyland, and More - SWN #344
Starting with Appsec -- Is It More of a Position or a Process? - ASW #264
Another CISO Scapegoat as SEC Welcomes CISOs to the Big Leagues - BSW #329
1% Leadership - Andy Ellis - BSW #329
Spying & Cyber Warfare - SDL - SWN Vault
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Lex Fridman Podcast