The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards.
Defined by the Payment Card Industry Security Standards Council (PCI SSC), the standard was created to increase controls around cardholder data to reduce credit card fraud. Validation of compliance is done annually - by an external Qualified Security Assessor (QSA) for organizations handling large volumes of transactions, or by Self Assessment Questionnaire (SAQ) for companies handling smaller volume.
About this workshop
The Payment Card Industry Security Standards Council (PCI SSC) develops, maintains and manages the PCI Security Standards, which include
- Data Security Standard (DSS)
- Payment Application Data Security Standard (PA DSS)
- PIN Transaction Security (PTS) requirements.
The Council works to educate stakeholders about the PCI Security Standards, operates programs to train and qualify security professionals in assessing and achieving compliance with PCI Security Standards, and promotes awareness of the need for payment data security to the public.
Benefits
On completion of this workshop, participants will get a better understanding of how
- PCI DSS applies to any entity that stores, processes, and/or transmits cardholder data.
- To build and maintain a secure IT network
- To protect cardholder data
- To maintain a vulnerability management program
- To implement strong access control measures
- To regularly monitor and test networks
Who should attend
This workshop is meant for professionals responsible for PCI-DSS implementation / compliance in any organization.
- Managers overseeing PCI-DSS compliance
- External auditors performing PCI-DSS validation
- Security professionals operating in a PCI-DSS compliant environment
- Internal auditors desiring to validate interim
In general, all entities that store, process or transmit card holder data are required to comply with this global data security standard which covers rules about encryption and protection of card data.
Workshop Outline
- Introduction: Protecting Card Holder Data
- Overview of PCI requirements
- How to Comply with PCI DSS
- Security Controls and Process for PCI DSS Requirements