2023 finds us in a sustained cybersecurity hiring crisis. With 3.4 million too few experts to meet global demand, it seems the widespread investments in university programs, increased certification access, and upskilling for existing IT professionals isn’t enough to bridge the gap.

PCI 4.0 — the PCI Standards Security Council’s first update since 2018 to the PCI Data Security Standards (PCI DSS) — is a major iteration that shifts away from the traditional point-in-time assessment. Do you remember how an auditor would annually determine the PCI compliance status of a merchant’s or service provider’s system on a specific day in a specific month and assume — somehow — that the snapshot characterized their status all year?