SlideShare a Scribd company logo

Linked In

G
gmanish1234

SISA\'s PCI DSS implementation workshop and importance.

1 of 7
® SISA and CPISI logo are the registered Trademarks of SISA Information Security PCI Implementation Workshop (India, Bahrain, Kuwait, United Kingdom, Malaysia, Singapore, Taiwan, Dubai, United States) © 2010 by SISA Information Security page 1
SISA Background  SISA : Information Security Specialists  Three Competency Centers namely Consulting, Training and Products. Fifteen Intellectual Property Rights in Information Security Space.  Headquartered in India with subsidiaries in Delaware-USA, Kula Lumpur-Malaysia, Manila-Philippines and Bahrain.  Customer Footprint in over 21 Countries spread across Banks, Information Technology, Insurance, Telecom and Retail.  Recognized by CERT India as specialist Information Security firm.  PCI Compliance - first M-Commerce, first BPO, first Bank in CEMEA, first Bank in Asia, first Merchant in Asia, etc. Over 23 Banks for PCI in Middle East, Certify the payment brand company ….
Competency Matrix Consulting Training Products • PCI QSA Validation Services (PCI-DSS) •OCTAVE (SEI-CMU) Security Risk Assessment •SMART-RA.COM • PCI ASV Scanning Services (PCI-DSS) Workshop •MANAGEPCI.COM • PA QSA Validation Services (PA-DSS) •Information Security Risk Assessment •DDT (Data Discovery Tool) • PCI Assurance Services (SAQ) workshop (CISRA) •SISASMART IT-GRC • Risk Assessment (IS-RA) •PCI DSS Implementation Workshop (CPISI) •SISASMART Audit Management Tool • Privacy and Standards Compliance (ISO •ISO 27001 Implementation Workshop •SISASMART Survey Management 27001, GLBA, HIPAA, DPA, COBITFISMA, BS •Business Continuity Management Workshop 25999) •Secure Coding in Dot-Net • Application Pen Test and Code Review •Awareness Sessions • Network VA and Pen Test • Forensics
Payment Card Industry Actors – “Card Present” Issuing Processor Acquire. Processor Issuer Acquirer (Merchant Bank) Cardholder Merchants
Payment Card Fraud Evolution 1983 Re-embossed counterfeit fraud 1988 Re-encoded counterfeit fraud 1989 Card not present fraud/ fraud applications 1991 Never received issued fraud 1992 Merchant fraud 1994 Identity Theft 2000 Skimmed counterfeit 2002 Communications interception Now Server Hacking/ E-Business Merchant server hacking/ Chip sniffing and card counterfeit/ Fake terminals Future ????
Compliance Requirement Shared by All Payment Brands • Any Entity that stores, processes and/or transmits Account Data must comply with the PCI Data Security Standard (DSS). Account Data consists of cardholder data and sensitive authentication data • Entities include, but are not limited to: – Merchants – Acquirers – Service Providers – Trusted Third Parties • Each brand has their own set of compliance requirements based on this general requirement. - Requirements for validation of compliance vary by payment brand. © 2010 by SISA Information Security page 6
Join SISA’s PCI DSS Implementation Workshop And be Certified as CPISI(Certified Payment Card Industry Security Implementer). Mail at: manish.m@sisa.in/ training@sisa.in Reach Me at: +91-9538923863 Regards: Manish Mahapatra Assistant Manager SISA Information Security(P) Ltd. © 2010 by SISA Information Security page 7

Recommended

Selling SAAS To Indian Businesses
Selling SAAS To Indian BusinessesSelling SAAS To Indian Businesses
Selling SAAS To Indian BusinessesNextBigWhat
 
Famílias anónimas
Famílias anónimasFamílias anónimas
Famílias anónimasFrancisco Vilaça Lopes
 
SEO
SEOSEO
SEOconkave
 
TWC Brand Ambassador Tweets
TWC Brand Ambassador TweetsTWC Brand Ambassador Tweets
TWC Brand Ambassador TweetsMay Bohon
 
Pegasus Spyware - What You Need to Know
Pegasus Spyware - What You Need to KnowPegasus Spyware - What You Need to Know
Pegasus Spyware - What You Need to KnowSkycure
 
Accessibility Clickjacking, Devastating Android Vulnerability
Accessibility Clickjacking, Devastating Android Vulnerability Accessibility Clickjacking, Devastating Android Vulnerability
Accessibility Clickjacking, Devastating Android Vulnerability Skycure
 
Aprendizaje autonomo
Aprendizaje autonomoAprendizaje autonomo
Aprendizaje autonomoleonel de la rosa
 
How to register a trademark
How to register a trademarkHow to register a trademark
How to register a trademarkNextBigWhat
 

Recommended

Selling SAAS To Indian Businesses
Selling SAAS To Indian BusinessesSelling SAAS To Indian Businesses
Selling SAAS To Indian BusinessesNextBigWhat
 
Famílias anónimas
Famílias anónimasFamílias anónimas
Famílias anónimasFrancisco Vilaça Lopes
 
SEO
SEOSEO
SEOconkave
 
TWC Brand Ambassador Tweets
TWC Brand Ambassador TweetsTWC Brand Ambassador Tweets
TWC Brand Ambassador TweetsMay Bohon
 
Pegasus Spyware - What You Need to Know
Pegasus Spyware - What You Need to KnowPegasus Spyware - What You Need to Know
Pegasus Spyware - What You Need to KnowSkycure
 
Accessibility Clickjacking, Devastating Android Vulnerability
Accessibility Clickjacking, Devastating Android Vulnerability Accessibility Clickjacking, Devastating Android Vulnerability
Accessibility Clickjacking, Devastating Android Vulnerability Skycure
 
Aprendizaje autonomo
Aprendizaje autonomoAprendizaje autonomo
Aprendizaje autonomoleonel de la rosa
 
How to register a trademark
How to register a trademarkHow to register a trademark
How to register a trademarkNextBigWhat
 
5 Steps to Reduce Your Window of Vulnerability
5 Steps to Reduce Your Window of Vulnerability5 Steps to Reduce Your Window of Vulnerability
5 Steps to Reduce Your Window of VulnerabilitySkybox Security
 
Schizophrenia
SchizophreniaSchizophrenia
SchizophreniaDr. Jagadeesh Mangamoori
 
RESTful Web Processing Service
RESTful Web Processing ServiceRESTful Web Processing Service
RESTful Web Processing ServiceTheodor Foerster
 
Hacking routers as Web Hacker
Hacking routers as Web HackerHacking routers as Web Hacker
Hacking routers as Web HackerМихаил Фирстов
 
Cuadro comparativo
Cuadro comparativoCuadro comparativo
Cuadro comparativojavier mondragon
 
SQL Reporting Services
SQL Reporting ServicesSQL Reporting Services
SQL Reporting Servicesneha mittal
 
PPT OF LG
PPT OF LGPPT OF LG
PPT OF LGRAMASWARUP MISHRA
 
HBL PCI DSS Remediation Case Study
HBL PCI DSS Remediation Case StudyHBL PCI DSS Remediation Case Study
HBL PCI DSS Remediation Case StudyFareed Hosain
 
Pupila de Argyll Robertson
Pupila de Argyll RobertsonPupila de Argyll Robertson
Pupila de Argyll RobertsonMyriam Del Río
 
eMarketer Webinar: Key Digital Trends for 2016
eMarketer Webinar: Key Digital Trends for 2016eMarketer Webinar: Key Digital Trends for 2016
eMarketer Webinar: Key Digital Trends for 2016eMarketer
 
Programa Nacional de Vacinação 2017
Programa Nacional de Vacinação 2017Programa Nacional de Vacinação 2017
Programa Nacional de Vacinação 2017Mgfamiliar Net
 

More Related Content

Viewers also liked

5 Steps to Reduce Your Window of Vulnerability
5 Steps to Reduce Your Window of Vulnerability5 Steps to Reduce Your Window of Vulnerability
5 Steps to Reduce Your Window of VulnerabilitySkybox Security
 
RESTful Web Processing Service
RESTful Web Processing ServiceRESTful Web Processing Service
RESTful Web Processing ServiceTheodor Foerster
 
SQL Reporting Services
SQL Reporting ServicesSQL Reporting Services
SQL Reporting Servicesneha mittal
 
HBL PCI DSS Remediation Case Study
HBL PCI DSS Remediation Case StudyHBL PCI DSS Remediation Case Study
HBL PCI DSS Remediation Case StudyFareed Hosain
 
Pupila de Argyll Robertson
Pupila de Argyll RobertsonPupila de Argyll Robertson
Pupila de Argyll RobertsonMyriam Del Río
 
eMarketer Webinar: Key Digital Trends for 2016
eMarketer Webinar: Key Digital Trends for 2016eMarketer Webinar: Key Digital Trends for 2016
eMarketer Webinar: Key Digital Trends for 2016eMarketer
 
Programa Nacional de Vacinação 2017
Programa Nacional de Vacinação 2017Programa Nacional de Vacinação 2017
Programa Nacional de Vacinação 2017Mgfamiliar Net
 

Viewers also liked (11)

5 Steps to Reduce Your Window of Vulnerability
5 Steps to Reduce Your Window of Vulnerability5 Steps to Reduce Your Window of Vulnerability
5 Steps to Reduce Your Window of Vulnerability
 
Schizophrenia
SchizophreniaSchizophrenia
Schizophrenia
 
RESTful Web Processing Service
RESTful Web Processing ServiceRESTful Web Processing Service
RESTful Web Processing Service
 
Hacking routers as Web Hacker
Hacking routers as Web HackerHacking routers as Web Hacker
Hacking routers as Web Hacker
 
Cuadro comparativo
Cuadro comparativoCuadro comparativo
Cuadro comparativo
 
SQL Reporting Services
SQL Reporting ServicesSQL Reporting Services
SQL Reporting Services
 
PPT OF LG
PPT OF LGPPT OF LG
PPT OF LG
 
HBL PCI DSS Remediation Case Study
HBL PCI DSS Remediation Case StudyHBL PCI DSS Remediation Case Study
HBL PCI DSS Remediation Case Study
 
Pupila de Argyll Robertson
Pupila de Argyll RobertsonPupila de Argyll Robertson
Pupila de Argyll Robertson
 
eMarketer Webinar: Key Digital Trends for 2016
eMarketer Webinar: Key Digital Trends for 2016eMarketer Webinar: Key Digital Trends for 2016
eMarketer Webinar: Key Digital Trends for 2016
 
Programa Nacional de Vacinação 2017
Programa Nacional de Vacinação 2017Programa Nacional de Vacinação 2017
Programa Nacional de Vacinação 2017
 

Linked In

  • 1. ® SISA and CPISI logo are the registered Trademarks of SISA Information Security PCI Implementation Workshop (India, Bahrain, Kuwait, United Kingdom, Malaysia, Singapore, Taiwan, Dubai, United States) © 2010 by SISA Information Security page 1
  • 2. SISA Background  SISA : Information Security Specialists  Three Competency Centers namely Consulting, Training and Products. Fifteen Intellectual Property Rights in Information Security Space.  Headquartered in India with subsidiaries in Delaware-USA, Kula Lumpur-Malaysia, Manila-Philippines and Bahrain.  Customer Footprint in over 21 Countries spread across Banks, Information Technology, Insurance, Telecom and Retail.  Recognized by CERT India as specialist Information Security firm.  PCI Compliance - first M-Commerce, first BPO, first Bank in CEMEA, first Bank in Asia, first Merchant in Asia, etc. Over 23 Banks for PCI in Middle East, Certify the payment brand company ….
  • 3. Competency Matrix Consulting Training Products • PCI QSA Validation Services (PCI-DSS) •OCTAVE (SEI-CMU) Security Risk Assessment •SMART-RA.COM • PCI ASV Scanning Services (PCI-DSS) Workshop •MANAGEPCI.COM • PA QSA Validation Services (PA-DSS) •Information Security Risk Assessment •DDT (Data Discovery Tool) • PCI Assurance Services (SAQ) workshop (CISRA) •SISASMART IT-GRC • Risk Assessment (IS-RA) •PCI DSS Implementation Workshop (CPISI) •SISASMART Audit Management Tool • Privacy and Standards Compliance (ISO •ISO 27001 Implementation Workshop •SISASMART Survey Management 27001, GLBA, HIPAA, DPA, COBITFISMA, BS •Business Continuity Management Workshop 25999) •Secure Coding in Dot-Net • Application Pen Test and Code Review •Awareness Sessions • Network VA and Pen Test • Forensics
  • 4. Payment Card Industry Actors – “Card Present” Issuing Processor Acquire. Processor Issuer Acquirer (Merchant Bank) Cardholder Merchants
  • 5. Payment Card Fraud Evolution 1983 Re-embossed counterfeit fraud 1988 Re-encoded counterfeit fraud 1989 Card not present fraud/ fraud applications 1991 Never received issued fraud 1992 Merchant fraud 1994 Identity Theft 2000 Skimmed counterfeit 2002 Communications interception Now Server Hacking/ E-Business Merchant server hacking/ Chip sniffing and card counterfeit/ Fake terminals Future ????
  • 6. Compliance Requirement Shared by All Payment Brands • Any Entity that stores, processes and/or transmits Account Data must comply with the PCI Data Security Standard (DSS). Account Data consists of cardholder data and sensitive authentication data • Entities include, but are not limited to: – Merchants – Acquirers – Service Providers – Trusted Third Parties • Each brand has their own set of compliance requirements based on this general requirement. - Requirements for validation of compliance vary by payment brand. © 2010 by SISA Information Security page 6
  • 7. Join SISA’s PCI DSS Implementation Workshop And be Certified as CPISI(Certified Payment Card Industry Security Implementer). Mail at: manish.m@sisa.in/ training@sisa.in Reach Me at: +91-9538923863 Regards: Manish Mahapatra Assistant Manager SISA Information Security(P) Ltd. © 2010 by SISA Information Security page 7