Payment Card Industry Data Security Standard (PCI DSS) webinar series

Despite the prospect of fines and penalties, many merchants are not PCI-compliant. There are many reasons for this, including a lack of awareness, inadequate scoping of the cardholder data environment (CDE) and underestimating the technical complexity of the Standard.

Protect profits by managing payment card risk.

The penalties for failing to take adequate precautions are about to get worse for many organisations. Under new EU legislation, a breach of cardholder data that includes any information that could be used to identify the individual is likely to be liable under both the PCI DSS and the General Data Protection Regulation (GDPR).

To support organisations in their PCI DSS projects, IT Governance has launched a series of webinars to help them manage and reduce their payment card risk.

On-demand PCI DSS webinars

PCI DSS – Challenge or Opportunity?

This webinar discusses the 12 requirements of the PCI DSS (Payment Card Industry Data Security Standard) relating to the storage, transmission and processing of cardholder data.

We outline the major PCI DSS challenges and offer recommendations to help achieve and maintain PCI DSS compliance more effectively. Our consultant will also explain how complying with the Standard can help you meet the requirements of the GDPR (General Data Protection Regulation). We will introduce a set of controls for keeping cardholder data secure, and explain how technologies, processes and procedures can help protect personal data.


PCI DSS: Policies and procedures

Requirement 12 of the PCI DSS requires organisations to actively manage their data protection responsibilities by establishing, updating and communicating security policies and procedures aligned with the results of regular risk assessments.


PCI DSS: Security testing

PCI DSS compliance, especially for RoCs and some SAQs, requires internal and external vulnerability scans, and frequent penetration tests.