PCI Staff Awareness and Training
Staff awareness and training is fundamental for effective information security management and for meeting regulatory and compliance requirements. In order for an organisation to comply with the Standard, a formal security awareness programme must be implemented.
Personnel must be trained upon being hired, and receive refresher training at least once per year. Employees must also acknowledge that they have read and understood the security policy and procedures at least once per year.
Why is security awareness important?
One of the biggest risks to an organisation’s information security is often not a weakness in the technology control environment but an action, or inaction, by employees and other personnel that can lead to security incidents. For example, disclosing information that could be used in a social engineering attack, failing to report observed unusual activity and accessing sensitive information unrelated to the user’s role without following the proper procedures.
Did you know?
Among companies that have experienced data breaches, internal actors were responsible for 43% of data loss, half of which were intentional and half accidental (McAfee, Grand Theft Data).
IT security practitioners are nearly split - 51% to 49% who poses the greatest threat: external adversaries versus trusted insiders (Trustwave, 2017 Security Pressures Report).
50% of companies now believe security training and awareness for both new and current employees is a priority (Dell, Protecting the organization against the unknown - A new generation of threats).
Helping you to develop a comprehensive security awareness training plan
We offer staff awareness and training courses (both classroom and in-house) for all staff, from foundation-level to advanced courses for IT practitioners and lead implementers seeking compliance with the Standard.
Part of the ITG e-learning staff awareness suite, this online course is designed to increase employees’ awareness of the Payment Card Industry Data Security Standard (PCI DSS) requirements, and to provide clear and simple explanations of what companies and individual employees must do to meet those requirements.
Buy now >>
- Avoid employee actions that might lead to a data breach.
Developed by a Qualified Security Assessor (QSA), this one-day training course builds a clear understanding of the PCI DSS and allows you to plan a cost-effective, time-efficient compliance project.
Buy now >>
- Delivers practical guidance on how the Standard applies to your organisation.
This three-day course provides practical coverage of all aspects of implementing a PCI DSS compliance programme.. Successful candidates will be awarded the PCI DSS Implementation (PCI IM) qualification by the International Board for IT Governance Qualifications (IBITGQ).
Buy now >>
- Become a subject matter expert to facilitate compliance
Acknowledged leader in PCI DSS and cyber security training.
Practical hands-on approach delivered by experienced practitioners.
Structured learning paths accommodate delegates with various levels of knowledge.
Delivered at our public training centres or as in-house training sessions.
Focused on improving knowledge, developing skills and awarding certification
Guaranteed booking – we will never cancel any of your courses.
Speak to an expert
Please contact us for further information or to speak to an expert.