Introduction
▪ The PCI Data Security Standard (PCI DSS) is a global standard that provides a baseline of operational & technical requirements designated to protect payment data. PCI DSS v4.0 is the next evolution of the standard. PCI DSS v4.0 replaces version 3.2.1 to address emerging threats and technologies and enable innovative methods to combat new threats. This version associates the protection of payment data with new controls to address sophisticated cyber attacks.
What’s New in PCI DSS v4.0?
▪ Meeting the security needs in PCI continuously
▪ Promoting security as a continuous process
▪ Adding flexibility and support of additional methodologies to achieve security
Why PCI DSS v4.0 is important?
▪ As threats change, New versions of security practices must evolve.
▪ Ongoing security is crucial to protect the payment data always as criminals never sleep.
▪ Increased flexibility allows more options to achieve a requirement’s objective and supports payment technology innovation.
▪ Enhancing validation methods and procedures
▪ To support transparency and granularity, must have clear validation and reporting options.
Please note that the PCI DSS 3.2.1 expires in March, it's essential to stay updated on the latest
developments and announcements from the PCI Security Standards Council (PCI SSC)
Why CPSP v2.0
▪ The CPSP v2.0 training will cover the entire payment ecosystem and the latest PCI DSS v4.0 standard which will help participants in understanding the intent and objective of each PCI DSS v4.0 requirement. The CPSP v2.0 training will also provide participants with a platform where they can understand a PCI QSA’s (Payment Card Industry Qualified Security Assessor)
perspective of validating a PCI DSS v4.0 requirement. In the past few years, we have seen massive breaches at organizations such as Target and Equifax. In many cases, these organizations were compliant with PCI DSS. Yet, breaches happened, and, in most cases, the breach was notified to the impacted company by an outside agency. Investments in complying with these standards are in addition to technology investments made by companies in anti-viruses, firewalls, security incidents, event management systems, etc.
Objectives of the PCI DSS
compliance program
▪ Building a framework for securing payment card data
▪ Guidance to professionals for protecting customer data
▪ Ensuring security and not just compliance
▪ Going beyond the traditional checklist-based approach for security
▪ Taking a risk-based approach to implementing security controls
▪ Winning end customer’s trust
COURSE FEE:
Regular: $249.00USD
ISACA/ISC2 Members: $199.00USD
Returning Participants: $159.00USD