SlideShare a Scribd company logo
1 of 15
PCI 2010: Trends & Technologies Presented by: Dr. Anton Chuvakin Author of the book “ PCI Compliance” Principal at  www.securitywarriorconsulting.com/
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object]
Why is PCI Here? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
PCI DSS is based on fundamental data security practices What is PCI DSS: DSS + Regime ,[object Object],[object Object],Protect Cardholder Data ,[object Object],Maintain an Information Security Policy ,[object Object],[object Object],Regularly Monitor and  Test Networks ,[object Object],[object Object],[object Object],Implement Strong Access Control Measures ,[object Object],[object Object],Maintain a Vulnerability Management Program ,[object Object],[object Object],Build and Maintain a  Secure Network
Ceiling vs Floor ,[object Object],[object Object],[object Object],[object Object]
Laggards vs Leaders ,[object Object],[object Object],[object Object]
PCI War: Security vs Compliance ,[object Object],[object Object],[object Object]
Myth 7 – PCI Is Enough Security  (from “PCI Myths and Misconceptions” by Anton Chuvakin) ,[object Object],[object Object],[object Object],Reality:  Again, PCI is  basic  security, it is a  necessary, NOT sufficient .  PCI is also about  cardholder data security , not the rest of private data, not your intellectual property, not SSNs, etc. It also covers  confidentiality , and NOT integrity and availability of data.
PCI and Security Today ,[object Object],[object Object],[object Object],[object Object]
PCI 2010 ,[object Object],[object Object],[object Object],[object Object],[object Object]
Quick PCI Action Items ,[object Object],[object Object],[object Object]
Get More Info! ,[object Object],[object Object],[object Object]
About Anton Chuvakin ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],For more:  http://www.chuvakin.org
More on Anton ,[object Object],[object Object],[object Object],[object Object],[object Object]
Anton’s Security Warrior Consulting Services ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

More Related Content

What's hot

Mobile Devices and Internet of Things
Mobile Devices and Internet of ThingsMobile Devices and Internet of Things
Mobile Devices and Internet of ThingsPaul Hastings
 
Privacy by Design: White Papaer
Privacy by Design: White PapaerPrivacy by Design: White Papaer
Privacy by Design: White PapaerKristyn Greenwood
 
Blockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceBlockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceEryk Budi Pratama
 
Small but Not Forgotten: Cybersecurity for the Small Firm Presented by Accell...
Small but Not Forgotten: Cybersecurity for the Small Firm Presented by Accell...Small but Not Forgotten: Cybersecurity for the Small Firm Presented by Accell...
Small but Not Forgotten: Cybersecurity for the Small Firm Presented by Accell...Accellis Technology Group
 
The CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss PreventionThe CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss PreventionDigital Guardian
 
Privacy frameworks 101
Privacy frameworks 101Privacy frameworks 101
Privacy frameworks 101Saumya Vishnoi
 
Anton Chuvakin on Security Data Centralization
Anton Chuvakin on Security Data CentralizationAnton Chuvakin on Security Data Centralization
Anton Chuvakin on Security Data CentralizationAnton Chuvakin
 
GDPR project board deck (example)
GDPR project board deck (example)GDPR project board deck (example)
GDPR project board deck (example)Tommy Vandepitte
 
Convince your board: How to prepare your business for List X
Convince your board: How to prepare your business for List XConvince your board: How to prepare your business for List X
Convince your board: How to prepare your business for List XDave James
 
Windstream Managed Network Security Ebook
Windstream Managed Network Security EbookWindstream Managed Network Security Ebook
Windstream Managed Network Security EbookIdeba
 
[null] Iso 27001 a business view by Sripathi
[null] Iso 27001   a business view by Sripathi[null] Iso 27001   a business view by Sripathi
[null] Iso 27001 a business view by SripathiPrajwal Panchmahalkar
 
Windstream Managed Network Security Infographic
Windstream Managed Network Security InfographicWindstream Managed Network Security Infographic
Windstream Managed Network Security InfographicIdeba
 
Keep your data safe and be compliant via a 360° approach
Keep your data safe and be compliant via a 360° approachKeep your data safe and be compliant via a 360° approach
Keep your data safe and be compliant via a 360° approachNagib Aouini
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceAdrian Dumitrescu
 
Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...
Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...
Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...FinTech Belgium
 
Signs It's Time to Modernize Your Identity Management Software
Signs It's Time to Modernize Your Identity Management SoftwareSigns It's Time to Modernize Your Identity Management Software
Signs It's Time to Modernize Your Identity Management SoftwareScott Kortright
 
PCI DSS introduction by khaled mosharraf,
PCI DSS introduction by khaled mosharraf,PCI DSS introduction by khaled mosharraf,
PCI DSS introduction by khaled mosharraf,Khaled Mosharraf
 
Trustable Tech Mark / Magic Monday at Casa Jasmina Torino
Trustable Tech Mark / Magic Monday at Casa Jasmina TorinoTrustable Tech Mark / Magic Monday at Casa Jasmina Torino
Trustable Tech Mark / Magic Monday at Casa Jasmina TorinoPeter Bihr
 
Worry free security breach - Gemalto
Worry free security breach - GemaltoWorry free security breach - Gemalto
Worry free security breach - GemaltoHarry Gunns
 

What's hot (20)

Mobile Devices and Internet of Things
Mobile Devices and Internet of ThingsMobile Devices and Internet of Things
Mobile Devices and Internet of Things
 
Privacy by Design: White Papaer
Privacy by Design: White PapaerPrivacy by Design: White Papaer
Privacy by Design: White Papaer
 
Blockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceBlockchain for Accounting & Assurance
Blockchain for Accounting & Assurance
 
Small but Not Forgotten: Cybersecurity for the Small Firm Presented by Accell...
Small but Not Forgotten: Cybersecurity for the Small Firm Presented by Accell...Small but Not Forgotten: Cybersecurity for the Small Firm Presented by Accell...
Small but Not Forgotten: Cybersecurity for the Small Firm Presented by Accell...
 
The CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss PreventionThe CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss Prevention
 
Privacy frameworks 101
Privacy frameworks 101Privacy frameworks 101
Privacy frameworks 101
 
Anton Chuvakin on Security Data Centralization
Anton Chuvakin on Security Data CentralizationAnton Chuvakin on Security Data Centralization
Anton Chuvakin on Security Data Centralization
 
GDPR project board deck (example)
GDPR project board deck (example)GDPR project board deck (example)
GDPR project board deck (example)
 
Convince your board: How to prepare your business for List X
Convince your board: How to prepare your business for List XConvince your board: How to prepare your business for List X
Convince your board: How to prepare your business for List X
 
Windstream Managed Network Security Ebook
Windstream Managed Network Security EbookWindstream Managed Network Security Ebook
Windstream Managed Network Security Ebook
 
[null] Iso 27001 a business view by Sripathi
[null] Iso 27001   a business view by Sripathi[null] Iso 27001   a business view by Sripathi
[null] Iso 27001 a business view by Sripathi
 
Windstream Managed Network Security Infographic
Windstream Managed Network Security InfographicWindstream Managed Network Security Infographic
Windstream Managed Network Security Infographic
 
Keep your data safe and be compliant via a 360° approach
Keep your data safe and be compliant via a 360° approachKeep your data safe and be compliant via a 360° approach
Keep your data safe and be compliant via a 360° approach
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest Relevance
 
Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...
Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...
Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...
 
Signs It's Time to Modernize Your Identity Management Software
Signs It's Time to Modernize Your Identity Management SoftwareSigns It's Time to Modernize Your Identity Management Software
Signs It's Time to Modernize Your Identity Management Software
 
PCI DSS introduction by khaled mosharraf,
PCI DSS introduction by khaled mosharraf,PCI DSS introduction by khaled mosharraf,
PCI DSS introduction by khaled mosharraf,
 
Privacy by design
Privacy by designPrivacy by design
Privacy by design
 
Trustable Tech Mark / Magic Monday at Casa Jasmina Torino
Trustable Tech Mark / Magic Monday at Casa Jasmina TorinoTrustable Tech Mark / Magic Monday at Casa Jasmina Torino
Trustable Tech Mark / Magic Monday at Casa Jasmina Torino
 
Worry free security breach - Gemalto
Worry free security breach - GemaltoWorry free security breach - Gemalto
Worry free security breach - Gemalto
 

Similar to PCI 2010: Trends and Technologies

PCI DSS-based Security: Is This For Real? by Dr. Anton Chuvakin
PCI DSS-based Security: Is This For Real? by Dr. Anton ChuvakinPCI DSS-based Security: Is This For Real? by Dr. Anton Chuvakin
PCI DSS-based Security: Is This For Real? by Dr. Anton ChuvakinAnton Chuvakin
 
Spirit of PCI DSS by Dr. Anton Chuvakin
Spirit of PCI DSS by Dr. Anton ChuvakinSpirit of PCI DSS by Dr. Anton Chuvakin
Spirit of PCI DSS by Dr. Anton ChuvakinAnton Chuvakin
 
PCI DSS Myths 2010: Why Are They STILL Alive by Dr. Anton Chuvakin
PCI DSS Myths 2010: Why Are They STILL Alive by Dr. Anton ChuvakinPCI DSS Myths 2010: Why Are They STILL Alive by Dr. Anton Chuvakin
PCI DSS Myths 2010: Why Are They STILL Alive by Dr. Anton ChuvakinAnton Chuvakin
 
What PCI DSS Taught Us About Security by Dr. Anton Chuvakin
What PCI DSS Taught Us About Security by Dr. Anton ChuvakinWhat PCI DSS Taught Us About Security by Dr. Anton Chuvakin
What PCI DSS Taught Us About Security by Dr. Anton ChuvakinAnton Chuvakin
 
Pci Europe 2009 Underside Of The Compliance Ecosystem
Pci Europe 2009   Underside Of The Compliance EcosystemPci Europe 2009   Underside Of The Compliance Ecosystem
Pci Europe 2009 Underside Of The Compliance Ecosystemkpatrickwheeler
 
What do I really need to do to STAY compliant with PCI DSS?
What do I really need to do to STAY compliant with PCI DSS?What do I really need to do to STAY compliant with PCI DSS?
What do I really need to do to STAY compliant with PCI DSS?Anton Chuvakin
 
Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...
Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...
Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...i2Coalition
 
Data Security For Compliance 2
Data Security For Compliance 2Data Security For Compliance 2
Data Security For Compliance 2Flaskdata.io
 
PCI DSS Done RIGHT and WRONG by Anton Chuvakin and Branden Williams
PCI DSS Done RIGHT and WRONG by Anton Chuvakin and Branden WilliamsPCI DSS Done RIGHT and WRONG by Anton Chuvakin and Branden Williams
PCI DSS Done RIGHT and WRONG by Anton Chuvakin and Branden WilliamsAnton Chuvakin
 
A Plan For Physical And Digital Security Protocols
A Plan For Physical And Digital Security ProtocolsA Plan For Physical And Digital Security Protocols
A Plan For Physical And Digital Security ProtocolsKim Moore
 
How to Gain Visibility and Control: Compliance Mandates, Security Threats and...
How to Gain Visibility and Control: Compliance Mandates, Security Threats and...How to Gain Visibility and Control: Compliance Mandates, Security Threats and...
How to Gain Visibility and Control: Compliance Mandates, Security Threats and...Anton Chuvakin
 
The Easy WAy to Accept & Protect Credit Card Data
The Easy WAy to Accept & Protect Credit Card DataThe Easy WAy to Accept & Protect Credit Card Data
The Easy WAy to Accept & Protect Credit Card DataTyler Hannan
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
PCI 2.0 What's Next for PCI DSS by Dr. Anton Chuvakin
PCI 2.0 What's Next for PCI DSS  by Dr. Anton ChuvakinPCI 2.0 What's Next for PCI DSS  by Dr. Anton Chuvakin
PCI 2.0 What's Next for PCI DSS by Dr. Anton ChuvakinAnton Chuvakin
 
Nt1310 Project Design
Nt1310 Project DesignNt1310 Project Design
Nt1310 Project DesignErin Adams
 
Practical Strategies to Compliance and Security with SIEM by Dr. Anton Chuvakin
Practical Strategies to Compliance and Security with SIEM by Dr. Anton ChuvakinPractical Strategies to Compliance and Security with SIEM by Dr. Anton Chuvakin
Practical Strategies to Compliance and Security with SIEM by Dr. Anton ChuvakinAnton Chuvakin
 
PCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step GuidePCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step GuideAlienVault
 
PCI Compliance Report
PCI Compliance ReportPCI Compliance Report
PCI Compliance ReportHolly Vega
 

Similar to PCI 2010: Trends and Technologies (20)

PCI DSS-based Security: Is This For Real? by Dr. Anton Chuvakin
PCI DSS-based Security: Is This For Real? by Dr. Anton ChuvakinPCI DSS-based Security: Is This For Real? by Dr. Anton Chuvakin
PCI DSS-based Security: Is This For Real? by Dr. Anton Chuvakin
 
Spirit of PCI DSS by Dr. Anton Chuvakin
Spirit of PCI DSS by Dr. Anton ChuvakinSpirit of PCI DSS by Dr. Anton Chuvakin
Spirit of PCI DSS by Dr. Anton Chuvakin
 
PCI DSS Myths 2010: Why Are They STILL Alive by Dr. Anton Chuvakin
PCI DSS Myths 2010: Why Are They STILL Alive by Dr. Anton ChuvakinPCI DSS Myths 2010: Why Are They STILL Alive by Dr. Anton Chuvakin
PCI DSS Myths 2010: Why Are They STILL Alive by Dr. Anton Chuvakin
 
What PCI DSS Taught Us About Security by Dr. Anton Chuvakin
What PCI DSS Taught Us About Security by Dr. Anton ChuvakinWhat PCI DSS Taught Us About Security by Dr. Anton Chuvakin
What PCI DSS Taught Us About Security by Dr. Anton Chuvakin
 
Pci Europe 2009 Underside Of The Compliance Ecosystem
Pci Europe 2009   Underside Of The Compliance EcosystemPci Europe 2009   Underside Of The Compliance Ecosystem
Pci Europe 2009 Underside Of The Compliance Ecosystem
 
What do I really need to do to STAY compliant with PCI DSS?
What do I really need to do to STAY compliant with PCI DSS?What do I really need to do to STAY compliant with PCI DSS?
What do I really need to do to STAY compliant with PCI DSS?
 
Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...
Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...
Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...
 
PCI Myths
PCI MythsPCI Myths
PCI Myths
 
Data Security For Compliance 2
Data Security For Compliance 2Data Security For Compliance 2
Data Security For Compliance 2
 
PCI DSS Done RIGHT and WRONG by Anton Chuvakin and Branden Williams
PCI DSS Done RIGHT and WRONG by Anton Chuvakin and Branden WilliamsPCI DSS Done RIGHT and WRONG by Anton Chuvakin and Branden Williams
PCI DSS Done RIGHT and WRONG by Anton Chuvakin and Branden Williams
 
A Plan For Physical And Digital Security Protocols
A Plan For Physical And Digital Security ProtocolsA Plan For Physical And Digital Security Protocols
A Plan For Physical And Digital Security Protocols
 
Myths of PCI DSS
Myths of PCI DSSMyths of PCI DSS
Myths of PCI DSS
 
How to Gain Visibility and Control: Compliance Mandates, Security Threats and...
How to Gain Visibility and Control: Compliance Mandates, Security Threats and...How to Gain Visibility and Control: Compliance Mandates, Security Threats and...
How to Gain Visibility and Control: Compliance Mandates, Security Threats and...
 
The Easy WAy to Accept & Protect Credit Card Data
The Easy WAy to Accept & Protect Credit Card DataThe Easy WAy to Accept & Protect Credit Card Data
The Easy WAy to Accept & Protect Credit Card Data
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
 
PCI 2.0 What's Next for PCI DSS by Dr. Anton Chuvakin
PCI 2.0 What's Next for PCI DSS  by Dr. Anton ChuvakinPCI 2.0 What's Next for PCI DSS  by Dr. Anton Chuvakin
PCI 2.0 What's Next for PCI DSS by Dr. Anton Chuvakin
 
Nt1310 Project Design
Nt1310 Project DesignNt1310 Project Design
Nt1310 Project Design
 
Practical Strategies to Compliance and Security with SIEM by Dr. Anton Chuvakin
Practical Strategies to Compliance and Security with SIEM by Dr. Anton ChuvakinPractical Strategies to Compliance and Security with SIEM by Dr. Anton Chuvakin
Practical Strategies to Compliance and Security with SIEM by Dr. Anton Chuvakin
 
PCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step GuidePCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step Guide
 
PCI Compliance Report
PCI Compliance ReportPCI Compliance Report
PCI Compliance Report
 

More from Anton Chuvakin

Meet the Ghost of SecOps Future by Anton Chuvakin
Meet the Ghost of SecOps Future by Anton ChuvakinMeet the Ghost of SecOps Future by Anton Chuvakin
Meet the Ghost of SecOps Future by Anton ChuvakinAnton Chuvakin
 
SANS Webinar: The Future of Log Centralization for SIEMs and DFIR – Is the En...
SANS Webinar: The Future of Log Centralization for SIEMs and DFIR – Is the En...SANS Webinar: The Future of Log Centralization for SIEMs and DFIR – Is the En...
SANS Webinar: The Future of Log Centralization for SIEMs and DFIR – Is the En...Anton Chuvakin
 
SOC Lessons from DevOps and SRE by Anton Chuvakin
SOC Lessons from DevOps and SRE by Anton ChuvakinSOC Lessons from DevOps and SRE by Anton Chuvakin
SOC Lessons from DevOps and SRE by Anton ChuvakinAnton Chuvakin
 
Hey SOC, Look LEFT! by Anton Chuvakin RSA 2023 Booth
Hey SOC, Look LEFT! by Anton Chuvakin RSA 2023 BoothHey SOC, Look LEFT! by Anton Chuvakin RSA 2023 Booth
Hey SOC, Look LEFT! by Anton Chuvakin RSA 2023 BoothAnton Chuvakin
 
20 Years of SIEM - SANS Webinar 2022
20 Years of SIEM - SANS Webinar 202220 Years of SIEM - SANS Webinar 2022
20 Years of SIEM - SANS Webinar 2022Anton Chuvakin
 
10X SOC - SANS Blue Summit Keynote 2021 - Anton Chuvakin
10X SOC - SANS Blue Summit Keynote 2021 - Anton Chuvakin10X SOC - SANS Blue Summit Keynote 2021 - Anton Chuvakin
10X SOC - SANS Blue Summit Keynote 2021 - Anton ChuvakinAnton Chuvakin
 
SOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
SOCstock 2020  Groovy SOC Tunes aka Modern SOC TrendsSOCstock 2020  Groovy SOC Tunes aka Modern SOC Trends
SOCstock 2020 Groovy SOC Tunes aka Modern SOC TrendsAnton Chuvakin
 
SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC Anton Chuvakin
 
Modern SOC Trends 2020
Modern SOC Trends 2020Modern SOC Trends 2020
Modern SOC Trends 2020Anton Chuvakin
 
Anton's 2020 SIEM Best and Worst Practices - in Brief
Anton's 2020 SIEM Best and Worst Practices - in BriefAnton's 2020 SIEM Best and Worst Practices - in Brief
Anton's 2020 SIEM Best and Worst Practices - in BriefAnton Chuvakin
 
Five SIEM Futures (2012)
Five SIEM Futures (2012)Five SIEM Futures (2012)
Five SIEM Futures (2012)Anton Chuvakin
 
RSA 2016 Security Analytics Presentation
RSA 2016 Security Analytics PresentationRSA 2016 Security Analytics Presentation
RSA 2016 Security Analytics PresentationAnton Chuvakin
 
Five Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Five Best and Five Worst Practices for SIEM by Dr. Anton ChuvakinFive Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Five Best and Five Worst Practices for SIEM by Dr. Anton ChuvakinAnton Chuvakin
 
Five Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Five Best and Five Worst Practices for SIEM by Dr. Anton ChuvakinFive Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Five Best and Five Worst Practices for SIEM by Dr. Anton ChuvakinAnton Chuvakin
 
Log management and compliance: What's the real story? by Dr. Anton Chuvakin
Log management and compliance: What's the real story? by Dr. Anton ChuvakinLog management and compliance: What's the real story? by Dr. Anton Chuvakin
Log management and compliance: What's the real story? by Dr. Anton ChuvakinAnton Chuvakin
 
On Content-Aware SIEM by Dr. Anton Chuvakin
On Content-Aware SIEM by Dr. Anton ChuvakinOn Content-Aware SIEM by Dr. Anton Chuvakin
On Content-Aware SIEM by Dr. Anton ChuvakinAnton Chuvakin
 
Making Log Data Useful: SIEM and Log Management Together by Dr. Anton Chuvakin
Making Log Data Useful: SIEM and Log Management Together by Dr. Anton ChuvakinMaking Log Data Useful: SIEM and Log Management Together by Dr. Anton Chuvakin
Making Log Data Useful: SIEM and Log Management Together by Dr. Anton ChuvakinAnton Chuvakin
 

More from Anton Chuvakin (20)

Meet the Ghost of SecOps Future by Anton Chuvakin
Meet the Ghost of SecOps Future by Anton ChuvakinMeet the Ghost of SecOps Future by Anton Chuvakin
Meet the Ghost of SecOps Future by Anton Chuvakin
 
SANS Webinar: The Future of Log Centralization for SIEMs and DFIR – Is the En...
SANS Webinar: The Future of Log Centralization for SIEMs and DFIR – Is the En...SANS Webinar: The Future of Log Centralization for SIEMs and DFIR – Is the En...
SANS Webinar: The Future of Log Centralization for SIEMs and DFIR – Is the En...
 
SOC Lessons from DevOps and SRE by Anton Chuvakin
SOC Lessons from DevOps and SRE by Anton ChuvakinSOC Lessons from DevOps and SRE by Anton Chuvakin
SOC Lessons from DevOps and SRE by Anton Chuvakin
 
Hey SOC, Look LEFT! by Anton Chuvakin RSA 2023 Booth
Hey SOC, Look LEFT! by Anton Chuvakin RSA 2023 BoothHey SOC, Look LEFT! by Anton Chuvakin RSA 2023 Booth
Hey SOC, Look LEFT! by Anton Chuvakin RSA 2023 Booth
 
20 Years of SIEM - SANS Webinar 2022
20 Years of SIEM - SANS Webinar 202220 Years of SIEM - SANS Webinar 2022
20 Years of SIEM - SANS Webinar 2022
 
10X SOC - SANS Blue Summit Keynote 2021 - Anton Chuvakin
10X SOC - SANS Blue Summit Keynote 2021 - Anton Chuvakin10X SOC - SANS Blue Summit Keynote 2021 - Anton Chuvakin
10X SOC - SANS Blue Summit Keynote 2021 - Anton Chuvakin
 
SOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
SOCstock 2020  Groovy SOC Tunes aka Modern SOC TrendsSOCstock 2020  Groovy SOC Tunes aka Modern SOC Trends
SOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
 
SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC
 
Modern SOC Trends 2020
Modern SOC Trends 2020Modern SOC Trends 2020
Modern SOC Trends 2020
 
Anton's 2020 SIEM Best and Worst Practices - in Brief
Anton's 2020 SIEM Best and Worst Practices - in BriefAnton's 2020 SIEM Best and Worst Practices - in Brief
Anton's 2020 SIEM Best and Worst Practices - in Brief
 
Generic siem how_2017
Generic siem how_2017Generic siem how_2017
Generic siem how_2017
 
Tips on SIEM Ops 2015
Tips on SIEM Ops 2015Tips on SIEM Ops 2015
Tips on SIEM Ops 2015
 
Five SIEM Futures (2012)
Five SIEM Futures (2012)Five SIEM Futures (2012)
Five SIEM Futures (2012)
 
RSA 2016 Security Analytics Presentation
RSA 2016 Security Analytics PresentationRSA 2016 Security Analytics Presentation
RSA 2016 Security Analytics Presentation
 
Five Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Five Best and Five Worst Practices for SIEM by Dr. Anton ChuvakinFive Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Five Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
 
Five Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Five Best and Five Worst Practices for SIEM by Dr. Anton ChuvakinFive Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Five Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
 
SIEM Primer:
SIEM Primer:SIEM Primer:
SIEM Primer:
 
Log management and compliance: What's the real story? by Dr. Anton Chuvakin
Log management and compliance: What's the real story? by Dr. Anton ChuvakinLog management and compliance: What's the real story? by Dr. Anton Chuvakin
Log management and compliance: What's the real story? by Dr. Anton Chuvakin
 
On Content-Aware SIEM by Dr. Anton Chuvakin
On Content-Aware SIEM by Dr. Anton ChuvakinOn Content-Aware SIEM by Dr. Anton Chuvakin
On Content-Aware SIEM by Dr. Anton Chuvakin
 
Making Log Data Useful: SIEM and Log Management Together by Dr. Anton Chuvakin
Making Log Data Useful: SIEM and Log Management Together by Dr. Anton ChuvakinMaking Log Data Useful: SIEM and Log Management Together by Dr. Anton Chuvakin
Making Log Data Useful: SIEM and Log Management Together by Dr. Anton Chuvakin
 

Recently uploaded

GraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptx
GraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptxGraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptx
GraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptxNeo4j
 
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024Alkin Tezuysal
 
UiPath Studio Web workshop Series - Day 3
UiPath Studio Web workshop Series - Day 3UiPath Studio Web workshop Series - Day 3
UiPath Studio Web workshop Series - Day 3DianaGray10
 
Explore the UiPath Community and ways you can benefit on your journey to auto...
Explore the UiPath Community and ways you can benefit on your journey to auto...Explore the UiPath Community and ways you can benefit on your journey to auto...
Explore the UiPath Community and ways you can benefit on your journey to auto...DianaGray10
 
Technical SEO for Improved Accessibility WTS FEST
Technical SEO for Improved Accessibility  WTS FESTTechnical SEO for Improved Accessibility  WTS FEST
Technical SEO for Improved Accessibility WTS FESTBillieHyde
 
Where developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is goingWhere developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is goingFrancesco Corti
 
SIM INFORMATION SYSTEM: REVOLUTIONIZING DATA MANAGEMENT
SIM INFORMATION SYSTEM: REVOLUTIONIZING DATA MANAGEMENTSIM INFORMATION SYSTEM: REVOLUTIONIZING DATA MANAGEMENT
SIM INFORMATION SYSTEM: REVOLUTIONIZING DATA MANAGEMENTxtailishbaloch
 
UiPath Studio Web workshop series - Day 4
UiPath Studio Web workshop series - Day 4UiPath Studio Web workshop series - Day 4
UiPath Studio Web workshop series - Day 4DianaGray10
 
How to become a GDSC Lead GDSC MI AOE.pptx
How to become a GDSC Lead GDSC MI AOE.pptxHow to become a GDSC Lead GDSC MI AOE.pptx
How to become a GDSC Lead GDSC MI AOE.pptxKaustubhBhavsar6
 
Stobox 4: Revolutionizing Investment in Real-World Assets Through Tokenization
Stobox 4: Revolutionizing Investment in Real-World Assets Through TokenizationStobox 4: Revolutionizing Investment in Real-World Assets Through Tokenization
Stobox 4: Revolutionizing Investment in Real-World Assets Through TokenizationStobox
 
Introduction - IPLOOK NETWORKS CO., LTD.
Introduction - IPLOOK NETWORKS CO., LTD.Introduction - IPLOOK NETWORKS CO., LTD.
Introduction - IPLOOK NETWORKS CO., LTD.IPLOOK Networks
 
AI Workshops at Computers In Libraries 2024
AI Workshops at Computers In Libraries 2024AI Workshops at Computers In Libraries 2024
AI Workshops at Computers In Libraries 2024Brian Pichman
 
Top 10 Squarespace Development Companies
Top 10 Squarespace Development CompaniesTop 10 Squarespace Development Companies
Top 10 Squarespace Development CompaniesTopCSSGallery
 
EMEA What is ThousandEyes? Webinar
EMEA What is ThousandEyes? WebinarEMEA What is ThousandEyes? Webinar
EMEA What is ThousandEyes? WebinarThousandEyes
 
From the origin to the future of Open Source model and business
From the origin to the future of  Open Source model and businessFrom the origin to the future of  Open Source model and business
From the origin to the future of Open Source model and businessFrancesco Corti
 
Emil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptx
Emil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptxEmil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptx
Emil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptxNeo4j
 
Oracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptxOracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptxSatishbabu Gunukula
 
Trailblazer Community - Flows Workshop (Session 2)
Trailblazer Community - Flows Workshop (Session 2)Trailblazer Community - Flows Workshop (Session 2)
Trailblazer Community - Flows Workshop (Session 2)Muhammad Tiham Siddiqui
 
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc
 
UiPath Studio Web workshop series - Day 2
UiPath Studio Web workshop series - Day 2UiPath Studio Web workshop series - Day 2
UiPath Studio Web workshop series - Day 2DianaGray10
 

Recently uploaded (20)

GraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptx
GraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptxGraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptx
GraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptx
 
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
 
UiPath Studio Web workshop Series - Day 3
UiPath Studio Web workshop Series - Day 3UiPath Studio Web workshop Series - Day 3
UiPath Studio Web workshop Series - Day 3
 
Explore the UiPath Community and ways you can benefit on your journey to auto...
Explore the UiPath Community and ways you can benefit on your journey to auto...Explore the UiPath Community and ways you can benefit on your journey to auto...
Explore the UiPath Community and ways you can benefit on your journey to auto...
 
Technical SEO for Improved Accessibility WTS FEST
Technical SEO for Improved Accessibility  WTS FESTTechnical SEO for Improved Accessibility  WTS FEST
Technical SEO for Improved Accessibility WTS FEST
 
Where developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is goingWhere developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is going
 
SIM INFORMATION SYSTEM: REVOLUTIONIZING DATA MANAGEMENT
SIM INFORMATION SYSTEM: REVOLUTIONIZING DATA MANAGEMENTSIM INFORMATION SYSTEM: REVOLUTIONIZING DATA MANAGEMENT
SIM INFORMATION SYSTEM: REVOLUTIONIZING DATA MANAGEMENT
 
UiPath Studio Web workshop series - Day 4
UiPath Studio Web workshop series - Day 4UiPath Studio Web workshop series - Day 4
UiPath Studio Web workshop series - Day 4
 
How to become a GDSC Lead GDSC MI AOE.pptx
How to become a GDSC Lead GDSC MI AOE.pptxHow to become a GDSC Lead GDSC MI AOE.pptx
How to become a GDSC Lead GDSC MI AOE.pptx
 
Stobox 4: Revolutionizing Investment in Real-World Assets Through Tokenization
Stobox 4: Revolutionizing Investment in Real-World Assets Through TokenizationStobox 4: Revolutionizing Investment in Real-World Assets Through Tokenization
Stobox 4: Revolutionizing Investment in Real-World Assets Through Tokenization
 
Introduction - IPLOOK NETWORKS CO., LTD.
Introduction - IPLOOK NETWORKS CO., LTD.Introduction - IPLOOK NETWORKS CO., LTD.
Introduction - IPLOOK NETWORKS CO., LTD.
 
AI Workshops at Computers In Libraries 2024
AI Workshops at Computers In Libraries 2024AI Workshops at Computers In Libraries 2024
AI Workshops at Computers In Libraries 2024
 
Top 10 Squarespace Development Companies
Top 10 Squarespace Development CompaniesTop 10 Squarespace Development Companies
Top 10 Squarespace Development Companies
 
EMEA What is ThousandEyes? Webinar
EMEA What is ThousandEyes? WebinarEMEA What is ThousandEyes? Webinar
EMEA What is ThousandEyes? Webinar
 
From the origin to the future of Open Source model and business
From the origin to the future of  Open Source model and businessFrom the origin to the future of  Open Source model and business
From the origin to the future of Open Source model and business
 
Emil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptx
Emil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptxEmil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptx
Emil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptx
 
Oracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptxOracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptx
 
Trailblazer Community - Flows Workshop (Session 2)
Trailblazer Community - Flows Workshop (Session 2)Trailblazer Community - Flows Workshop (Session 2)
Trailblazer Community - Flows Workshop (Session 2)
 
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
 
UiPath Studio Web workshop series - Day 2
UiPath Studio Web workshop series - Day 2UiPath Studio Web workshop series - Day 2
UiPath Studio Web workshop series - Day 2
 

PCI 2010: Trends and Technologies

  • 1. PCI 2010: Trends & Technologies Presented by: Dr. Anton Chuvakin Author of the book “ PCI Compliance” Principal at www.securitywarriorconsulting.com/
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.

Editor's Notes

  1. Scope! Scope!! Scope!!! PCI DSS is an industry standard that highlights the following: The PCI Data Security Standard is endorsed by the “Participating Brands”: Visa, MasterCard, American Express, Discover Card, JCB and Diners’ Club. Standardized Security Requirements Consistent validation requirements and protocols Common evaluator credentials and approvals Clear procedures for review and reassessment Slide Point of Contact: Eduardo Perez
  2. Scope! Scope!! Scope!!!
  3. Whether someone’s writing a check at the gas station, using an ATM/debit card to pay for groceries, buying a book online, getting cash out of an ATM, paying for dinner with a credit card or using a gift card to purchase something special, chances are the transaction is moved quickly and securely by First Data. First Data processes transaction data of all kinds, harnesses the power of that data, and delivers innovations in secure infrastructure, intelligence and insight for its customers.  From large financial institutions to the merchant around the corner, First Data supports its customers by helping them process and understand the intelligence behind every transaction. For more, visit www.firstdata.com.