What Has to be Known: Changes Required for Your Business - McDermott

PCI DSS 4.0 – Everything You Need to Know About The Transformational Changes Required of Your Business


The Payment Card Industry Security Standards Council recently released version 4.0 of its Data Security Standard (PCI DSS 4.0). The new version—which brings major changes to the payments ecosystem—places an increased focus on targeted risk analysis, organizational maturity and governance. It also makes PCI DSS compliance a continuous effort, rather than an annual snapshot exercise, and introduces a customized approach to PCI assessments, enabling businesses to implement alternative technical and administrative controls that meet the customized approach objective.

Join members of McDermott’s Global Privacy & Cybersecurity team and Alan Gutierrez-Arana of RSM US as they discuss how merchants, service providers, issuers, acquirers, and any other businesses that store, process, or transmit payment cardholder data should begin planning for PCI DSS 4.0.

Discussion topics will include:

  • How businesses must prepare for the increased legal risks of PCI DSS 4.0’s obligations.
  • The structural changes required to convert to PCI DSS 4.0 and the PCI assessment requirements.
  • When businesses should consider involving legal counsel and other consultants to assess their transition to PCI DSS 4.0.

Dig Deeper

Cambridge, United Kingdom / Speaking Engagements / July 1-3, 2024

Privacy Laws & Business | 37th International Conference

Webinar / McDermott Event / June 6, 2024

EU Data Act | Impact for Japanese Companies

Washington, DC / Speaking Engagements / May 8-10, 2024

2024 Privacy + Security Spring Academy

Paris, France / McDermott Event / May 30, 2024

New Cybersecurity Challenges (NIS II, CRA, DORA) in the EU and UK

Get In Touch