The Payment Card Industry Data Security Standard (PCI DSS) was created to enhance cardholder data security. It is the result of collaboration between the major credit card brands: American Express, Discover, JCB, MasterCard and Visa. Any merchant or service provider that processes, transmits or stores cardholder data is required to comply with the Standard.
With the new General Data Protection Regulation (GDPR) taking effect on 25 May 2018, the penalties for not taking the right precautions to protect personal data are about to get worse for many organisations. They could be looking at a fine of up to €20 million (about £17.8 million) or 4% of annual global turnover – whichever is greater. Under the new EU legislation, a breach of cardholder data is likely to be liable under both the PCI DSS and the GDPR.
IT Governance is launching a new webinar series to support organisations with their PCI DSS projects and help them manage and reduce their payment card risk.
12 December 2017, 3:00 – 4:00 pm (GMT)
This first webinar will outline the 12 requirements of the PCI DSS. Our consultants will explain how compliance with the PCI DSS can help you meet the requirements of the GDPR and we’ll also introduce a set of controls for keeping cardholder data secure.
17 January 2018, 3:00 – 4:00 pm (GMT)
This webinar will focus on helping organisations effectively prepare for a PCI audit and ensure a successful audit outcome. Although the focus will be on organisations that must undergo a PCI audit, many of the steps are relevant to any organisation that needs to meet the requirements of the PCI DSS.
14 February 2018, 3:00 – 4:00 pm (GMT)
Gain the practical knowledge required to identify the right self-assessment questionnaire to obtain full compliance with the PCI DSS.
14 March 2018, 3:00 – 4:00 pm (GMT)
This webinar will provide step-by-step guidance on how to scope the cardholder data environment. This includes information gathering, defining a perimeter and data flow analysis. It will also provide methods for reducing the scope.
9 April 2018, 3:00 – 4:00 pm (BST)
This webinar will cover the security testing guidelines to achieve compliance with the Standard, the differences between a penetration test and a vulnerability assessment, and how to conduct a penetration testing programme.
9 May 2018, 3:00 – 4:00 pm (BST)
Join our Qualified Security Assessors to learn how to develop PCI policies, including the differences between a policy, a form and a procedure, how to identify which policies and clauses you need to address, and how to clearly state the tasks and responsibilities your company has when handling payment card data.