Which of the following is NOT a requirement of the PCI DSS?

The Payment Card Industry Data Security Standard (PCI DSS) outlines a comprehensive set of requirements aimed at ensuring that all companies that accept, process, store or transmit credit card information maintain a secure environment. To achieve this, several key areas are addressed including building and maintaining a secure network, protecting cardholder data, implementing strong access control measures, and maintaining an information security policy.

The option related to conducting regular market research is not associated with PCI DSS requirements. While understanding market trends and customer behavior can be beneficial for a business, it does not impact the security of payment card processing or data protection practices that PCI DSS is focused on. This is why conducting regular market research is outside the scope of PCI DSS requirements.

The other options—building and maintaining a secure network, protecting cardholder data, and implementing strong access control measures—are all fundamental requirements established by PCI DSS to safeguard sensitive payment information from threats and vulnerabilities.