JUN 07

Introduction to the Payment Card Industry Data Security Standard (PCI DSS) - By AtoZ Compliance


All other Events(no CPF)




  07 Jun 2017 through 07 Jun 2017


  Online Event

Website URL:


Sponsoring organization:

  AtoZ Compliance


  Business > Finance

Event description:

Key Take Away: This webinar will give you an understanding of PCI DSS its history, high level description, compliance, and impacts to your organization. Overview: The Payment Card Industry Data Security Standard (PCI DSS) is one of few successful industries developed and maintained data security standards. Mandated compliance with a payment network enforced data security standard dates from 2001 when Visa instituted the Cardholder Information Security Program (CISP). It has evolved into the global, card payment industry wide data security standard called PCI DSS. Each major payment network has specific mandates for organizations that must validate PCI DSS compliance. These organizations include financial institutions, third party service providers and merchants of all sizes. The principles specified in PCI DSS can be a guide for all organizations that wish to secure their sensitive data. PCI DSS security requirements can be applied to any sensitive data on your organization’s network. Your organization need not be involved with the payments process to benefit from exposure to PCI DSS. Why Should You Attend: This Webinar will prepare your organization to understand and potentially use PCI DSS to the organization’s benefit. Whether involved in the payments industry or not, this webinar will introduce you to PCI DSS, its impacts and its use in your business. PCI DSS not only supports those in the payments business but provides insight to vendor managers into companies that have validated compliance. It can be used by organizations not directly involved with the payments business. It provides standards for security policies, technologies and ongoing processes that protect systems and networks from breaches and theft of sensitive data. Areas Covered In This Webinar: History of PCI DSS: The history of Visa’s Cardholder Information Security Program (CISP) that lead to the formation of the Payment Card Industry Security Standards Council, the keeper of PCI DSSand other data security standards Overview of PCI DSS: You will learn the 12 major requirements of PCI DSS and what’s contained in each of the major requirements What organizations must validate PCI DSS compliance A full discussion of all organizations that must validate PCI DSS compliance and those that do not have the compliance mandate How is PCI DSS validated? You will learn the difference between a Report on Compliance (ROC), all types of Self-Assessment Questionnaires (SAQ) and attestations of Compliance (AOC). Differences Between PCI DSS v3.1 and v3.2: The major differences in the latest version of PCI DSS, version 3.2 released in April 2016. We will explore the potential impacts Strengths and weaknesses of PCI DSS: As always, there are pluses and minuses. We will give you the value of our experience with PCI DSS, compromises and other influencing factors Risk reduction: How validating compliance reduces risk What your organization should do about PCI DSS: The steps that your organization must take to achieve and maintain PCI DSS compliance Other standards that PCI SSC publishes and manages Sources of information about companies that are PCI DSS compliant There are publically available lists of service providers that are PCI DSS compliant Other data security standards that your organization may want to consult Learning Objectives: • The reason that PCI DSS was created • Why PCI DSS remains a key element in securing the payment system • The use of an Integrated Security Management System (ISMS) • The high level description of the 12 major requirements in PCI DSS • What your organization must do to validate PCI DSS compliance • The steps that your organization should take to assure annual compliance Who Will Benefit: • Executive Positions • Compliance Management Professionals • Risk Management Professionals • Vendor Management Professionals • Data Security Professionals • Network Administrators • Database Administrators • Vendor Management Professionals • Point of Sale Development Professionals • Software Development Professionals • Retail Business Owners • All Businesses that need to protect sensitive data and networks • Merchants, both face-to-face and on-line • Third party payment processors • Any Business accepting payment cards • Financial Institutions such as Credit Unions and Community Banks • Municipalities and other Governmental Entities • Business Ownership Groups • Non Profit Organizations Level: Intermediate For more information, please visit : http://bit.ly/2qhV4vl Email: [email protected] Toll Free: +1- 844-414-1400 Tel: +1-516-900-5509 Speakers Profile: Marc Perl Marc Perl brings over 30 years of professional experience to Teknowlogy Associates. Marc’s diverse experience includes risk management, payments processing, data security, product development, software development and software quality assurance. During 20 years at Visa, he was a key member of Visa’s Risk Management team, where he developed and managed the compliance program for the Payment Card Industry Data Security Standard (PCI DSS) as part of the Cardholder Information Security Program (CISP). Marc led the team that developed the business requirements for Visa’s Point-to Point Encryption (P2PE) solution. Marc continues to conduct risk reviews at financial institutions and processors globally. As a merchant acquiring expert, Marc built and managed Visa’s Integrated Debit platform to support merchants such as Walmart, Radio Shack, Kmart and others. Marc also served as project manager for Visa’s Y2K effort and assisted with the spin-off of Visa’s acquiring processor business into a joint venture with Total Systems Services (TSYS) called Vital Processing Services. In addition to his Visa experience, Marc has consulted with organizations as varied as Visa Inc., Jet Propulsion Laboratories, TSYS Acquiring Solutions and others. His early experience included computer operations, computer programming, creation of software development methodologies and software engineering. Marc holds a BA from California State University at Northridge.

Posting date:

24 May 2017
views | 1 subscribers | Be the first to rate this event


Not-featured (How do I make my event featured?)