If you’re not already managing your scope for PCI DSS v3.2.1, you’ll be in for a rude awakening with the requirements in PCI DSS v4.0 that need to be in place by March 31, 2024.
You're running around with your hair on fire because your QSA just informed your CISO that 3,000 call center agents that typed in customer credit card data were in scope…