CPISI 2.0
Good PCI DSS implementation training programs are, of course, critical. But the utility of even the best payment security trainings will be limited if not updated according to the evolving payment forms and emerging regulations and compliances.
CPISI 2.0 goes beyond the traditional PCI DSS payments security training to help you adapt and future-proof your skill set for emerging payment forms and major payment data security regulations to be adopted across the globe. CPISI 2.0 has been developed with the strategic vision of SISA and launched with the guidance of Mr. Viswanath Krishnamurthy, Chief Risk Officer, National Payments Corporation of India (NPCI).
CPISI 2.0 educates cybersecurity personnel to adopt a comprehensive, hybrid risk assessment approach towards payments security across a breadth of payment forms ahead of the outdated ones included in traditional PCI DSS implementation training programs.
In this moment of crisis, SISA has taken a pragmatic step to introduce the CPISI 2.0 payments security training for employees of organizations to focus on a coordinated approach to emerging payment security regulations.
The CPISI 2.0 training program is backed by deep forensics learnings to help businesses strengthen their knowledge core and effortlessly comply with the evolving payment security standards including PCI DSS, P2PE, PCI PIN, and PCI Software Security Framework. From local payment security governance to global, across major markets including India, US, GCC, and Europe, CPISI 2.0 is designed to help companies truly leverage regulatory changes such as PCI, ISO, NIST and SWIFT as a cybersecurity catalyst.
Beyond existing PCI DSS implementation training programs, CPISI 2.0 workshop not only equips you with the correct mix of data security controls, but also prepares you for what is yet to come in the payments security regulations.
Key Differences – Traditional PCI based Training vs. CPISI 2.0
Scope | Traditional PCI DSS based Training | CPISI 2.0 |
Standards Covered | PCI DSS | PCI DSS, ISO 27001, NIST, SWIFT, and Regional Data Security Regulations (includes Central Bank Regulations) |
Level of Details | Card Data basic | Card Data, Payment and Transaction Flow, New Forms of Payments and Technology in Payment and Possible Security Threats |
Security Practices | Based on PCI DSS Only | Best Information Security Practices & Controls Mapping for PCI, ISO, NIST, SWIFT |
Case Study on Breaches | Basic Level of data breach information covered | In-depth breach analysis of 2-3 data breaches (case study will be presented loosely based on 15-20 PFI cases understanding and dissecting the case) |
CPISI 2.0 – Payment Data Security Workshop Agenda
Day 1
- Background of Payment Industry & Payment Industry Variants (UPI, PSD2, Mobile Payments)
- Emerging Technologies in Payment Space
- Breaches and why they happened?
- Formal Payment Security Risk Assessment
- Overview of Payment Security Standards (PCI DSS, SWIFT CSF, Payment Security Guidelines from Central Banks, FFIEC)
Day 2
- Scoping and Perimeter Security Controls
- Protection of Payment Data
- Vulnerability Management Program
- Secure Software Development Program
- Logical and Physical Access Controls, Security Testing, Policies and Procedures
- Master Case Study – Exercise & Preparation for CPISI Exam
CPISI Certification Online Examination (One hour)
CPISI 2.0 Authorized Trainers
Kaushik Pandey
Principal Consultant
Kaushik is the Principal Consultant and Lead Trainer at SISA and has assessed 80+ organizations as per PCI DSS compliance requirement.
Prajwal Ramakrishne Gowda
Sr. Consultant
Prajwal is Sr. Consultant and Lead Trainer who is well-versed with the Information Security Requirements of various compliance standards like PCI-DSS, ISO 27001, and NIST.
Nandan Yadav
Risk and Compliance Consultant
Nandan is one of the PCI QSA at SISA with an extensive experience in organization wide PCI-DSS compliance program.
Participant Testimonial
What participants can achieve from the CPISI 2.0 training?
- Insights from hundreds of forensic investigations conducted by SISA
- Payment Security Training covering emerging standards like PCI, ISO 27001, NIST, SWIFT
- Best Information Security Practices & Controls Mapping for PCI, ISO, NIST, SWIFT
- Plan and strategies for global business information security posture including Regional Data Security Regulations like GDPR, Central Bank Regulations, etc.
- A thorough learning curve that is based on deep digital forensics, driven by tangible business cases, and elucidated using emerging forms of payments
- Case study based learning with real life examples and live illustrations
- Equip businesses with the knowledge and awareness they need to comply with existing payment security regulations while being future-ready, resilient
Please Note: Certified Payment Industry Security Implementer (CPISI) is an independent payments industry certification offered by SISA for payment security professionals, relating to the standards; PCI DSS, ISO 27001, NIST, SWIFT, and Regional Data Security Regulations (including Central Bank Regulations).
The standards mentioned above are managed and developed by the respective council/ provider/ standard holders. They might provide their own training and certification programs. SISA is not affiliated with or endorsed by any of the above council/ provider/ standard holders.
For more information about the mentioned standards, kindly visit their respective websites.