USA
India
APAC
Middle East
Global
Facebook
Linkedin 
X
Youtube
Adopt a forensics-driven learning approach for better data security and compliance
We help you ensure a robust security posture
In today’s evolving payments landscape, most of the organizations are failing to maintain their security compliance due to poorly trained or untrained employees for securing the critical data
As per SISA's 2020
report
From the recent PFI investigations, SISA has observed 38% of the organizations were compliant at the time of the breach. On further analysis, we found two root causes for most of the data breach.
We help you make security a priority
44.1% of the respondents, from the breached organization, agreed that the poorly trained or untrained employees as the major cause while 18.56% of the respondents agreed that the lack of technical safeguards and the security processes as a core reason.
Being a pioneer in payment security excellence, SISA has curated CPISI, a Certified Payment Industry Security Implementer workshop, to scale with the data security standards and incorporate learnings from data breaches as PCI Forensic Investigator for more than a decade.
CPISI is a comprehensive program designed to impart knowledge on the policies and procedures of PCI implementation.
The 2-day workshop helps to bridge the gap in the awareness of organizations towards implementing effective PCI security controls and ease the PCI DSS compliance journey.
Undergoing Certified Payment Industry Security Implementer workshop plays a crucial role in upholding better data security. The PCI training helps every Information Security stakeholder in proactive PCI implementation across functions and act against threats in advance that may occur at any point in time.
CPISI 2 Day Workshop Agenda
Day 1
- Information Security Principles
- Data classification and Technology
- Corporate Governance
- Understanding payment ecosystem
- PCI DSS Family of Standards
- Network Engineering, Segmentation & Scoping - Req 1
- Apply Secure Configurations to All System Components - Req 2
- Protect stored Account Data - Req 3
- Protect Cardholder Data with Strong Cryptography During Transmission Over Open, Public Networks - Req 4
- Protect All systems and Networks from Malicious Software - Req 5
- Email Comprise and Learnings (Case Study)
Day 2
- Develop and Maintain Secure Systems and Software - Req 6
- Restrict Access to System Components and Cardholder Data by Business Need to Know - Req 7
- Identify Users and Authenticate Access to System Components - Req 8
- Restrict Physical Access to Card Holder Data - Req 9
- Log and Monitor All Access to System Components and Cardholder Data - Req 10
- Test Security of Systems and Networks Regularly - Req 11
- Support Information Security with Organizational Policies and Programs-Req 12
- Targeted Risk Analysis
- Wallet application Comprise and Learnings (Case Study)
CPISI 3 Day Workshop Agenda
Day 1
- Information Security Principles
- Data classification and Technology
- Corporate Governance
- Understanding payment ecosystem
- PCI DSS Family of Standards
- Network Engineering, Segmentation & Scoping - Req 1
- Apply Secure Configurations to All System Components - Req 2
Day 2
- Protect stored Account Data - Req 3
- Protect Cardholder Data with Strong Cryptography During Transmission Over Open, Public Networks - Req 4
- Protect All systems and Networks from Malicious Software - Req 5
- Develop and Maintain Secure Systems and Software - Req 6
- Restrict Access to System Components and Cardholder Data by Business Need to Know - Req 7
- Email Comprise and Learnings (Case Study)
- Wallet application Comprise and Learnings (Case Study)
Day 3
- Identify Users and Authenticate Access to System Components - Req 8
- Restrict Physical Access to Card Holder Data - Req 9
- Log and Monitor All Access to System Components and Cardholder Data - Req 10
- Test Security of Systems and Networks Regularly - Req 11
- Support Information Security with Organizational Policies and Programs-Req 12
- Targeted Risk Analysis
- Mock Examination
- Insiders Threats and Learnings (Case Study)
- 12.5 million unique card data breach & Learnings (Case Study)
SISA’s CPISI Authorized Trainers
Prajwal Ramakrishne Gowda
Sr. Consultant
Prajwal is the Senior Consultant and RAC Lead for Asia-Pacific and South-SAARC region at SISA.
He has been involved in Payment Card Industry and Payment Application Data Security Standard, ISO 27001 Controls Gap Analysis, ISMS & Risk Analysis & Management Practices like OCTAVE and ISO 27005, Information Security Audit and Network Security.
Nandan Yadav
Risk and Compliance Consultant
Nandan is one of the PCI QSA at SISA leading the Delhi-NCR region.
He has provided consultations, audited and certified leading e-commerce, IT, BPOs, payment gateway, service providers, etc. on PCI DSS Compliance.
He has also successfully implemented PCI Compliance and share his experience through CPISI workshops.
Key Takeaways
- A complete overview about 12 requirements
- Gain implementation knowledge from real case scenarios and recent payment data breaches
- Understand the roots of two new standards, PCI PIN Security and PCI 3DS
- Understand the concepts of payment ecosystem and PCI DSS security controls
Who can participate?
Information security professionals, security analysts and higher management from the following industries:
- Payment Gateways and Service Providers
- Banking
- eCommerce & mCommerce merchants and retailers
- IT & ITES
CPISI Exclusive
- CPISI course is designed by payment security specialists to address the pain points in effective PCI standards implementation
- A comprehensive course including the essence of SISA’s PFI breach investigations
- Sessions will be taken by trainers with immense experience in handling compliance in Banking, Fin-tech, E-commerce, IT and ITES
Workshop Participants Testimonial
Trainers stress on participation by candidates made the session lively and enjoyable.
Very useful information and relevant to today’s
status.
The training was very useful to understand the payment card industry standard.
The trainer was very knowledgeable and the workshop helped us to gain knowledge necessary for both personal and business development.
Trainers are SME’s, competent and knowledgeable enough to understand, respond and clarify participants queries.
My second CPISI and this was the best.
Request a Call
Validate your certificate
Please Note: Certified Payment-Card Industry Security Implementer (CPISI) is an independent payments industry certification offered by SISA for payment security professionals, relating to the Payment Card Industry Data Security Standard (PCI DSS).
The PCI DSS is managed and developed by the PCI Security Standards Council (PCI SSC), who provides its own PCI DSS training and certification programs. SISA is not affiliated with or endorsed by PCI SSC.
For more information about PCI DSS, kindly check PCI SSC’s website at https://www.pcisecuritystandards.org.
Related Articles
Infosec Report
SISA Top 5 Forensics Driven Learnings 2020
Whitepaper
DIGITIZATION IN UAE | An Answer to the Rising Threats and Vulnerabilities
Whitepaper
RBI Issues Master Direction on Digital Payment Security Controls
SISA is a Leader in Cybersecurity Solutions for the Digital Payment Industry. As a Global Payment Forensic Investigator of the PCI Security Standards Council, we leverage forensics insights into preventive, detective, and corrective security solutions, protecting 1,000+ organizations across 40+ countries from evolving cyberthreats.
Our suite of solutions from AI-driven compliance, advanced security testing, agentic detection/ response and learner focused-training has been honored with prestigious awards, including from Financial Express, DSCI-NASSCOM and The Economic Times.
With commitment to innovation, and pioneering advancements in Quantum Security, Hardware Security, and Cybersecurity for AI, SISA is shaping the future of cybersecurity through cutting-edge forensics research.
