PCI in 2009 a look at the legal and practical aspects of the DSS

358 views

Published on

Panel discussion slides from the session: PCI in 2009: A Look at the Legal and Practical Aspects of the DSS at the RSA 2009 conference. Panelists: Joel Kazin, David Navetta, Ben Rothke.

Published in: Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
358
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

PCI in 2009 a look at the legal and practical aspects of the DSS

  1. 1. PCI in 2009: A Look at the Legal and Practical Aspects of the DSS Joel Kazin, CPA, CISA, CISM, CISSP - Jefferson Wells David Navetta, Esq., CIPP – InfoSecCompliance LLC Ben Rothke, CISSP, PCI QSA - BT Professional Services 04/23/09 | Session ID: GOL304 Session Classification: Intermediate
  2. 2. Agenda Panelists’ Opening Remarks Introduction Self Moderated Panel Discussion Questions and Answers
  3. 3. Introduction
  4. 4. Panelists’ Opening Statements
  5. 5. Panelists’ Discussion
  6. 6. PCI DSS Topics <ul><li>Contractual nature of the standard </li></ul><ul><li>PCI DSS as a minimum standard of due care </li></ul><ul><li>Breach of contract – 3 rd party beneficiary </li></ul><ul><li>Resolving ambiguities in the standard </li></ul><ul><li>Potentially Risky Practices </li></ul><ul><li>PCI Compliance False Sense of Security -- Safe Harbor? </li></ul><ul><li>Is anything wrong with PCI? </li></ul>
  7. 7. Questions and Answers
  8. 8. APPLY <ul><li>Educate management regarding risk even if you are PCI DSS compliant </li></ul><ul><li>Determine who is contractually liable in event of a breach </li></ul><ul><li>Determine how PCI DSS compliance fits within your risk management strategy </li></ul><ul><li>Remember you can be PCI DSS complaint and still suffer a breach </li></ul>
  9. 9. Contact Information Joel Kazin CPA, CISA, CISM, CISSP Jefferson Wells [email_address] 914-564-1484 David Navetta, Esq., CIPP InfoSecCompliance, LLC [email_address] 303-325-3528 Ben Rothke CISSP, PCI QSA BT Professional Services [email_address] 973-489-0838

×