Payment Card Industry Data Security Standard (PCI DSS) webinar series
Despite the prospect of fines and penalties, many merchants are not PCI-compliant. There are many reasons for this, including a lack of awareness, inadequate scoping of the cardholder data environment (CDE) and underestimating the technical complexity of the Standard.
Protect profits by managing payment card risk.
The penalties for failing to take adequate precautions are about to get worse for many organisations. Under new EU legislation, a breach of cardholder data that includes any information that could be used to identify the individual is likely to be liable under both the PCI DSS and the General Data Protection Regulation (GDPR).
To support organisations in their PCI DSS projects, IT Governance has launched a series of webinars to help them manage and reduce their payment card risk.
On-demand PCI DSS webinars
PCI DSS – Challenge or Opportunity?
This webinar discusses the 12 requirements of the PCI DSS (Payment Card Industry Data Security Standard) relating to the storage, transmission and processing of cardholder data.
We outline the major PCI DSS challenges and offer recommendations to help achieve and maintain PCI DSS compliance more effectively. Our consultant will also explain how complying with the Standard can help you meet the requirements of the GDPR (General Data Protection Regulation). We will introduce a set of controls for keeping cardholder data secure, and explain how technologies, processes and procedures can help protect personal data.
Read more >>
Join our consultant to get an overview of the PCI DSS and how it applies to your organisation:
- PCI DSS basics and the steps to becoming compliant.
- The biggest payment security challenges facing organisations.
- Insight to help you achieve and maintain compliance.
- How the PCI DSS can help you meet the requirements of the GDPR.
PCI DSS: Policies and procedures
Requirement 12 of the PCI DSS requires organisations to actively manage their data protection responsibilities by establishing, updating and communicating security policies and procedures aligned with the results of regular risk assessments.
Read more >>
Join our QSAs (Qualified Security Assessors) to understand how to develop PCI policies, including:
- The differences between a policy, a form and a procedure;
- How to identify which policies and clauses you need to address; and
- How to clearly state the tasks and responsibilities your company has when handling payment card data.
PCI DSS: Security testing
PCI DSS compliance, especially for RoCs and some SAQs, requires internal and external vulnerability scans, and frequent penetration tests.
Read more >>
This webinar will cover:
- The Standard’s requirements for security testing;
- The differences between a penetration test and a vulnerability assessment
- The PCI DSS v3.2 requirements for penetration testing and segmentation; and
- How to conduct a penetration testing programme.