PCI DSS 4.0 – Everything You Need to Know About The Transformational Changes Required of Your Business


The Payment Card Industry Security Standards Council recently released version 4.0 of its Data Security Standard (PCI DSS 4.0). The new version—which brings major changes to the payments ecosystem—places an increased focus on targeted risk analysis, organizational maturity and governance. It also makes PCI DSS compliance a continuous effort, rather than an annual snapshot exercise, and introduces a customized approach to PCI assessments, enabling businesses to implement alternative technical and administrative controls that meet the customized approach objective.

Join members of McDermott’s Global Privacy & Cybersecurity team and Alan Gutierrez-Arana of RSM US as they discuss how merchants, service providers, issuers, acquirers, and any other businesses that store, process, or transmit payment cardholder data should begin planning for PCI DSS 4.0.

Discussion topics will include:

  • How businesses must prepare for the increased legal risks of PCI DSS 4.0’s obligations.
  • The structural changes required to convert to PCI DSS 4.0 and the PCI assessment requirements.
  • When businesses should consider involving legal counsel and other consultants to assess their transition to PCI DSS 4.0.

Dig Deeper

Webinar / Speaking Engagements / September 15, 2022

Risk Assessments Lessons Learned, Part II: Privacy

New York, NY / McDermott Event / June 16, 2022

McDermott’s InsurTech Summit NYC

Paris, France / Sponsored Events / June 15-18

Viva Technology

Webinar / Speaking Engagements / June 7, 2022

Risk Assessments Lessons Learned, Part I: Cybersecurity

Webinar / McDermott Event / June 2, 2022

Transfer Impact Assessment Webinar

Trier, Germany / Speaking Engagements / June 22, 2022

ERA Summer Course on European Data Protection Law

Get In Touch