The way we do business continues to evolve, and with that, the requirements to remain compliant continue to evolve as well. PCI-DSS is no exception — as of March 2024, PCI-DSS 4.0 will introduce some significant changes. These differences are largely minor but could be very impactful for organizations depending on how they previously approached PCI-DSS 3.2.1.
Today’s uncertain economy has presented an array of problems to organizations of every size and across all industries. In the world of tech titans alone, 70,000 jobs have been lost over the past year. It’s safe to say that businesses have laid off and lost talented and experienced professionals from their rosters. We feel losing talent more acutely in cybersecurity and privacy as risk of cyberattacks and breaches may cost the global economy $10.5 trillion annually by 2025.
India’s new Digital Personal Data Protection Act, 2023 (DPDP Act) was given assent by the President of India on August 11, 2023, marking a significant development in data protection legislation. This Act, which supersedes Section 43A of the IT Act, 2000 and the SPDI Rules, 2011, brings about considerable changes to the norms of data protection. The DPDP Act is lean and principle-based, with details around implementation to be set out in future rules.
Numerous U.S.-based companies that operate online have customers from the European Union (EU) or other parts of the European Economic Area (EEA). If your business engages with these customers, it is subject to the EU’s General Data Protection Regulation (GDPR). This extensive data privacy regulation has an impact on many U.S. entities due to its extraterritorial reach.
