18 September – 19 September 2019
In the year 2014 around 800 million card data records have been reported to be stolen. Financial institutions, merchants, service providers have been targets of massive data compromises. Considering the recent card breaches that have occurred in our industry, you would appreciate that organization is required to pay greater emphasis to “EFFECTIVE IMPLEMENTATION of PCI requirements”
It’s a hands-on 2 days’ workshop aimed primarily at enabling participants to get hands on knowledge on how to implement PCI Standards effectively in your organization.
- You will gain a clear understanding of the various requirements of the Payment Card Industry Standards, and learn the intent behind each of its requirements. The workshop is intended to provide practical solutions that have been used to adhere to the PCI requirements in a cost effective and sustainable manner.
- If your organization is already PCI compliant, this PCI implementation workshop will help you learn how to maintain your PCI compliant status effectively and minimize the possibility of card breach and resulting in a secure PCI environment.
- Certified Payment Card Industry Security Implementer (CPISI) is a certification that will be provided by SISA Information Security for participants who pass the exam at the end of the workshop. This program has been running since 2008 and there are over 5,000 certified CPISI professionals across 30 countries.
Implementation team of the PCI DSS project – Team members from Networking, Application Development, Project Management, Information Security, Risk, IT Infrastructure, Compliance, Business, etc.
Note: Certified Payment Card Industry Security Implementer (CPISI) is an independent payments industry certification offered by SISA (http://sisainfosec.com/) for payment security professionals, relating to the Payment Card Industry Data Security Standard (PCI DSS). The PCI DSS is managed and developed by the PCI Security Standards Council (PCI SSC), which provides its own PCI DSS training and certification programs. SISA is not affiliated with or endorsed by PCI SSC. For more information about PCI SSC and the PCI DSS see https://www.pcisecuritystandards.org.
- Introduction to Payment Ecosystem
- Compliance Validation, Requirements and Process
- Compliance Overview
- PCI Risk Assessment
- Scoping Process and De-scoping tools and techniques including but not limited to point to point encryption and tokenization
- Network Segmentation
- Implementation techniques and tools for protecting Cardholder Data
- Secure Payment Application Development
- Payment industry accepted access control practices
- SIEM and Log Management
- Payment security challenges on mobile and security best practices
- Virtualization and Cloud and their impact on Payment Security
Training Mode: Interactive, workshop style with case studies
CPISI Certification Online Examination (one hour)
“A must course in this technology world, where security is a great concern.”
“Trainers are SME’s, competent and knowledgeable enough to understand, respond and clarify participants queries.”
“My second CPISI and this was the best”
“Very useful information and relevant to today’s risks”
“Trainers stress on participation by candidates made the session lively and enjoyable.”
“The training was very useful to understand the payment card industry standard.”
“The trainer was very knowledgeable and the workshop helped us to gain knowledge necessary for both personal and business development.”
“It was a great experience. The trainer is very knowledgeable and enthusiastic. I am glad I attended this.”
Prajwal Ramakrishne Gowda
CPISI Authorised Trainer
PCI Qualified Security Assessor (PCI QSA), ISO 27001 LA, CPISI-S
Prajwal is currently the Lead PCI Assessor for Asia Pacific and South SAARC region at SISA. He has done PCI DSS Onsite Audits and Consulting across UK, Asia Pacific, Middle East and US. Risk Assessment: OCTAVE / NIST SP 800‐30/ISO27005, PCI SAQ, E‐Ticket Audit, VAPT. He has been involved in Payment Card Industry and Payment Application Data Security Standard, ISO 27001 Controls Gap Analysis, ISMS & Risk Analysis & Management Practices like OCTAVE and ISO 27005, Information Security Audit and Network Security.
Prajwal has been a part of multiple projects relating to Payment Brands, Payment Gateways, Third Party Processors, ATM Applications, IT Companies, Software Development, Ecommerce and m‐Commerce organizations, Tele Communications and BPOs.