20 November – 21 November 2019
In the year 2014 around 800 million card data records have been reported to be stolen. Financial institutions, merchants, service providers have been targets of massive data compromises. Considering the recent card breaches that have occurred in our industry, you would appreciate that organization is required to pay greater emphasis to “EFFECTIVE IMPLEMENTATION of PCI requirements”
It’s a hands-on 2 days’ workshop aimed primarily at enabling participants to get hands on knowledge on how to implement PCI Standards effectively in your organization.
- You will gain a clear understanding of the various requirements of the Payment Card Industry Standards, and learn the intent behind each of its requirements. The workshop is intended to provide practical solutions that have been used to adhere to the PCI requirements in a cost effective and sustainable manner.
- If your organization is already PCI compliant, this PCI implementation workshop will help you learn how to maintain your PCI compliant status effectively and minimize the possibility of card breach and resulting in a secure PCI environment.
- Certified Payment Card Industry Security Implementer (CPISI) is a certification that will be provided by SISA Information Security for participants who pass the exam at the end of the workshop. This program has been running since 2008 and there are over 5,000 certified CPISI professionals across 30 countries.
Implementation team of the PCI DSS project – Team members from Networking, Application Development, Project Management, Information Security, Risk, IT Infrastructure, Compliance, Business, etc.
Note: Certified Payment Card Industry Security Implementer (CPISI) is an independent payments industry certification offered by SISA (http://sisainfosec.com/) for payment security professionals, relating to the Payment Card Industry Data Security Standard (PCI DSS). The PCI DSS is managed and developed by the PCI Security Standards Council (PCI SSC), which provides its own PCI DSS training and certification programs. SISA is not affiliated with or endorsed by PCI SSC. For more information about PCI SSC and the PCI DSS see https://www.pcisecuritystandards.org.
- Introduction to Payment Ecosystem
- Compliance Validation, Requirements and Process
- Compliance Overview
- PCI Risk Assessment
- Scoping Process and De-scoping tools and techniques including but not limited to point to point encryption and tokenization
- Network Segmentation
- Implementation techniques and tools for protecting Cardholder Data
- Secure Payment Application Development
- Payment industry accepted access control practices
- SIEM and Log Management
- Payment security challenges on mobile and security best practices
- Virtualization and Cloud and their impact on Payment Security
Training Mode: Interactive, workshop style with case studies
CPISI Certification Online Examination (one hour)
“A must course in this technology world, where security is a great concern.”
“Trainers are SME’s, competent and knowledgeable enough to understand, respond and clarify participants queries.”
“My second CPISI and this was the best”
“Very useful information and relevant to today’s risks”
“Trainers stress on participation by candidates made the session lively and enjoyable.”
“The training was very useful to understand the payment card industry standard.”
“The trainer was very knowledgeable and the workshop helped us to gain knowledge necessary for both personal and business development.”
“It was a great experience. The trainer is very knowledgeable and enthusiastic. I am glad I attended this.”
CPISI Authorized Trainer
PCI Qualified Security Assessor, ISO 27001 Lead Auditor, MS (Cyber Laws & Information Security)
Himanshu Shewale is a PCI QSA and holds Master’s Degree in Cyber Laws and Information Security from Indian Institute of Information Technology, Allahabad. He is currently working as a Senior Consultant at SISA and involved in Information Security Audit and Risk Assessment Services.
He is well-versed with the Information Security Requirements of various compliance standards like PCI-DSS, ISO 27001, HIPAA and NIST, use of effective control-integrated frameworks and models such as COBIT maturity model, ITIL and Implementing Standards, frameworks and information security best practices. He has good knowledge of vulnerability assessment, penetration testing, and hardening of the network devices, firewalls, OS and applications.
He has conducted training as lead trainer and conducted trainings in Infosys, Cognizant, KPMG, Payment Cloud Technologies, CtrlS Hyderabad, Atom technologies, to name a few and various 50+ workshops across India and abroad.