Understand the implications of PCI DSS Version 2.0 and what it means to your organisation

To Register: click here

Objectives:

• Gain an in-depth understanding of the PCI DSS standard as well as its relation to other PCI standards such as PTS DSS and PA DSS.
• A unique opportunity to take a QSA Auditor's perspective on gap analysis, remediation and assessment issues.
• Save time and reduce cost in preparation for a formal On-site Validation Assessment or completion of a Self Assessment Questionnaire.
• Through better understanding and deeper knowledge make informed decisions about insourcing vs outsourcing, open source vs. commercial.
• Learn how to avoid the pitfalls of achieving and maintaining compliance.
• Interactive Q&A sessions, 2 workshops and case studies will enable participants to demystify questions specific to their organisation and environments.

Who should attend:

Although anyone may attend this PCI DSS training course, day 2 is better suited to those who have already carried out a gap analysis and the emphasis will be more on the technical aspects. Preferably delegates with a working knowledge of IT security and/or card payment systems.

Overview
Sessions are run by trainers with who have many years of practical information security experience and most importantly, are considered to be PCI DSS experts. The trainers are able to provide supplier agnostic advice and are specialists in new technology areas such as the impact of virtualisation and end-to-end encryption on PCI compliance, with representation on the PCI Security Standards Council and close links to the card schemes. 

Day one will allow delegates to familiarise themselves with the security landscape which led to the creation of the PCI DSS and ultimately the release of the PCI DSS version 2.0. It will then discuss requirements for merchants and the validation process, answering important questions about outsourcing. Finding the data, reducing scope and using compensating controls will also be discussed in depth finishing with a view on emerging technologies and standards.

Day two is an in-depth look at each requirement of the newly released standard and explaining the implications for organisations, including case studies and allowing discussions / questions throughout the day.

What you can expect

• Training tailored to your needs
• Comprehensive manual of training material
• Valuable insight into the current and newly released PCI DSS subject matter
• Certificate of attendance

Topics covered include

• Security breaches and vulnerability experiences
• Overview of PCI DSS V2.0 and AIS
• Compliance validation process
• Requirements for payment applications
• Cardholder data, finding and eliminating sensitive authentication data
• PCI DSS applicability & scoping
• Compensating controls
• PCI data security standard requirements in-depth

Speakers:

Martin Petrov – PCI DSS Principal Trainer

Martin Petrov is an experienced information systems audit and security professional who is a Certified Information Systems Security Professional (CISSP), Certified Information System Auditor (CISA) and Qualified Security Assessor (QSA). Martin has worked as an Information Security Consultant on various enterprise scale projects for customers such as government agencies, ministries, banks, international corporations, blue chip service providers as well as a number of small and middle sized companies. As a member of teams responsible for the compliance, architecture and management of various organisations Martin has worked on designing, implementing and securing 24/7 IT infrastructures as well as providing 3rd level technical support.

Martin joined One-SEC in 2005, Europe's leading Qualified Security Assessor for the Payment Card Industry as the principle European information security consultant. In August 2007 One-SEC was acquired by the global QSA leader Trustwave where Martin continued as full time PCI DSS auditor and executed over 70 compliance audits for a significant number of European processors, acquiring banks, payment service providers and large merchants. Martin joined Onformonics in September 2008 as a subject matter expert having the highest level of expertise within the Payment Card Industry and has been involved in the design and development of solutions that help organisations implement and maintain a successful compliance management program. Martin‟s extensive network within the industry coupled with expert knowledge and experience has enabled him to provide vendor agnostic advice to organizations on adopting best-practice implementation of compliance programs.

Philip Whittaker – Lead Consultant, Information Security & Governance Manager

Philip Whittaker has over 10 years experience within the information security arena and most recently held the position of PCI DSS subject matter expert within a large FTSE 100 company. Philip's entry into payment card security began working as an Information Security Manager prior to the consolidation of standards that lead to the creation of PCI DSS. Following the inception of the PCI DSS, Philip was able to work with card schemes to develop special classifications for Service Providers and performed the first Managed Hosting Provider assessment in Europe. Working with the PCI DSS and as a QSA, Philip has performed over 75 assessments; specialising in large compliance projects involving acquiring banks, payment service providers and retail organisations.
Philip is able to leverage upon his experience of governance and compliance to allow organisations to develop strategic compliance management programmes, which are closely aligned with the business objectives, whilst helping the organisation to identify their risks and the potential pitfalls in advance so that they may be avoided. In addition to the CISSP certification, Philip holds a Master degree in Electronic and Computer engineering and is a BS 25999 Business Continuity Management Lead Auditor.

How much will it cost to me to attend?

The cost of the 2 day course is £1590 +VAT (£795 per day).

Venue:

Kingsway Hall Hotel
66 Great Queen Street
London
WC2B 5BX