Payment Industry Security Maven | PISM

PCI-DSS Standard – Why boot camp ?


Which of these servers can be excluded from the PCI DSS scope ?

Payment Industry Security Maven | PISM

A. Servers with truncated card numbers

B. Servers with encrypted card numbers

C. Servers with hashed card numbers

D. Servers with masked card numbers

Sign up for more details



  • Connector.

    Cybersecurity workforce is expected to rise to 6 million by 2019, with a projected shortfall of 1.5 million

  • Connector.

    Boost your competitive advantage with this industry credential

  • Connector.

    Understand PCI DSS and gain real-world insights on best practices implementation

  • Connector.

    Incubate a thought blast information security program in your organisation


  • Connector.

    Do you really need a QSA to do validate PCI-DSS compliance ?

  • Connector.

    Can you choose, not to encrypt card holder data and still become PCI-DSS compliant ?

  • Connector.

    Do states have laws requiring data breach notifications to the affected parties?

  • Connector.

    The true mettle of PCI DSS lies in implementation and maintenance

pci dss training

Bangalore
5th and 6th August
2017

PCI DSS certification

Kuala Lumpur
17th and 18th March 2017

PCI DSS

Singapore
28th and 29th April 2017

 
PAYMENT INDUSTRY SECURITY MAVEN

“PCI-DSS is one of our favorite information security standards in the offering, and PCI-SSC has construed and implemented an immense technique for defense in depth, which helps implement security in all the verticals of an organization. You could simply use the standard to incubate a thought blast information security program in your organization, even if you do not store, process or transmit cardholder data.”

PROGRAM OVERVIEW


DURATION 2 Days
PCI-DSS Overview An overview of the PCI-DSS Standard will be covered in this session including the terminologies used will be discussed.
PCI-DSS v3.1 – 101 Overview on the PCI-DSS lifecycle and the adoption of changes in technology by the PCI-DSS standards will be discussed in detail.
PCI-DSS Requirements How the PCI-DSS requirements are pertinent in an environment and the various challenges, conceptions and techniques will be suggested
Current Industry Trends and Challenges What are the challenges in the industry in implementing PCI-DSS controls and how it overcome with commonplace technology controls.
Real Time Solutions The session will be interactive in conduct and will include discussion of various tools, techniques and solutions, for meeting the intent of the requirements defined in the PCI-DSS standard.
QSA Opinion – Intent vs Implementation The session will also discuss the role of a QSA in construing the intent of the requirement while evaluating the controls which have been implemented.
Scenarios The entire standard will be presented as scenario based analysis

PROGRAM HEURISTICS


The speakers are highly experienced QSA’s and have conducted the PCI-DSS sessions worldwide and has trained professionals across various verticals.
The session will be designed around a classroom based awareness, which will enable the teams interact with each other as a whole.
The teams are requested to interact with the trainers, who have experience as a QSA having certified numerous organizations.
HANDOUTS

All the material which will be presented to the teams will be made available in the handouts given to the teams. All the extra reads and the suggested reading links and references will also be included.

The PCI-DSS v3.1 standards warrants the requirements of various documents in the form of forms, approvals, justifications, change management, policies and procedures. While much of these documents are specific to each organization, a template for all the documents which are common, with respect to the PCI-DSS requirements will be shared with the attendees.
A pre-read of the PCI-DSS standards and associated terminologies is encouraged, though not mandatory. This helps the session aim at the changes, techniques for implementation and its other core focusses, rather than focussing on the requirements themselves.
The audience are encouraged to cite real time scenarios and bottlenecks of implementation to seek the QSA advise on any impending issues.
We came to understand the standards and the approach to be taken to secure our assets,”THE DATA”
It’s always useful to look into security from security team perspective
It was very good , they were able to explain the standards through scenarios
The highlight of the workshop was the test.