What's next for PCI DSS?

The latest version (v1.2) of the PCI DSS will be released in October 2008. Seems like a long time away, but it will be here before you know it! Being proactive in thinking of your compliance will help you better plan and budget for compliance related tasks so you can focus on your business. According to an Aberdeen research analysis of PCI compliance, the majority of online merchants underestimate the budget for compliance and underestimate how long it will take to reach compliance. So plan ahead and be prepared!

The specifics about the new standard have been kept quiet as the working groups are still meeting. However, there are three areas that will now be specifically addressed: wireless transmissions, payment applications, and hacker [penetration] testing. Payment application changes have already gone into effect as well as making requirement 6.6 mandatory.

What steps are you making to prepare for PCI DSS v1.2?
What do you foresee as the future of PCI DSS in the next couple years?

The latest news and insight into v1.2