PCI DSS Free Resources

However, there are strict rules on using this approach. For more information on how to prepare for compliance with the PCI DSS v4.0, discuss:

• The payment security landscape and how it affects organisations;
• The new PCI DSS v4.0 requirements and how they may benefit organisations;
• Challenges organisations may face with PCI DSS v4.0;
• The steps to prepare for PCI DSS v4.0 compliance; and
• Practical advice and solutions to help you implement and comply with the Standard.

Penetration testing has long been used to help prevent data breaches, understand security weaknesses and test security controls.

This webinar will cover:

• The Standard’s requirements for security testing;
• The differences between a penetration test and a vulnerability assessment;
• The PCI DSS v3.2 requirements for penetration testing and segmentation; and
• How to conduct a penetration testing programme.

Join our Qualified Security Assessor (QSA) to get an overview of the PCI DSS and how it applies to your organisation:

• The basics of the PCI DSS and the steps to becoming compliant;
• The biggest payment security challenges facing organisations;
• QSA insight to help you achieve and maintain compliance; and
• How the PCI DSS can help you meet the requirements of the GDPR.

Organisations preparing for a PCI audit can avoid common pitfalls and oversights that could mean failing it, which would result in excessive remediation and audit costs, and wasted resources.

Join our QSA to get practical insight into how to overcome common obstacles and comply with the Standard:

• Preparing for a successful Report on Compliance (RoC) audit;
• How to identify nonconformities before the audit takes place; and
• How to choose the right QSA.

Get to grips with your SAQ requirements by joining our QSAs to understand:

• The different types of SAQs; and
• The applicability of SAQ types to payment processing scenarios:
  • E-commerce
  • Face-to-face
  • Mail or telephone order

Simplify the certification process by joining our QSAs to understand:

• The importance of determining the system components, people and processes to be included in the scope;
• How to create an accurate data flow diagram to map the movement of cardholder data;
• What to include when mapping the IT infrastructure and external connections; and
• Effective methods to reduce the scope.

Security technologies can only go so far in protecting an organisation and helping maintain compliance. Policies are needed to address the weak link in security: people.

If people don’t know or understand what’s expected of them, they can put cardholder data at risk, regardless of the other security measures you have in place. Policies play an important role in securing data. They are the foundation for everything else as they provide direction and instruction, and assign responsibility.

Join our QSAs to understand how to develop PCI policies, including:

• The differences between a policy, a form and a procedure;
• How to identify which policies and clauses you need to address; and
• How to clearly state the tasks and responsibilities your company has when handling payment card data.