Select regional store:

PCI DSS Version 3.0: The Changes Explained - Simply


PCI DSS v3.0 was released on 7 November 2013 and becomes applicable from 1 January 2014, however there will be a 12-month grace period for companies to gear up in order to meet the requirements of the new version. New elements in PCI DSS v3.0 that involve major changes will remain best practice until June 2015, after which they will become mandatory.

PCI 3.0 features changes across all of its 12 requirements of the standard.

So, how will these changes affect the business operations and the current security arrangements of those who were aligned to Version 2?

Attend IT Governance’s webinar on PCI DSS V3.0: The Changes Explained – Simply and get the answers from our resident Qualified Security Assessor, (QSA), Geraint Williams.

PCI DSS V3.0: The Changes Explained – Simply
Date: Tuesday, 26 November 2013
Time: 15:00 GMT
Webinar length:40 mins plus Q&A

Register to attend this webinar here >>

In simple terms, you will get an overview of:

  • what the key differences are between version 2 and version 3
  • what the timelines are for meeting these requirements
  • how the changes may affect you and your business (merchants and service providers)
  • how to maintain PCI DSS compliance as “business as usual”

The webinar will cover the following key changes:

  • rules around penetration testing
  • service provider responsibilities and contractual agreements
  • implications for data storage and backup
  • password and credential requirements
  • malware detection
  • change management
  • the relocation of operational procedure and security policy components

About Geraint Williams, PCI QSA


Geraint is a knowledgeable and experienced senior information security consultant and PCI QSA, with a strong technical background and experience of the PCI DSS and security testing.

He provides consultancy on implementation of the PCI DSS and has conducted audits with a wide range of merchants and service providers. In addition, he has performed penetration testing and vulnerability assessments for numerous organisations. Geraint leads the IT Governance CISSP Accelerated Training Programme along with the PCI Foundation and Implementer Training Courses. He has broad technical knowledge of security and IT infrastructure, including high performance computing and cloud computing. His certifications include CISSP, PCI QSA, CREST Registered Tester, CEH & CHFI.

This website uses cookies. View our cookie policy