You've requested...

GRSee PCI-DSS 4.0 Compliance for Guardicore

By: Akamai View more from Akamai >>

If a new window did not open, click here to view this asset.

Download this next:

Ready, Set, Comply: Gearing Up for PCI DSS 4.0 Compliance

By:

Type: Talk

Explore the evolving landscape of compliance through our interactive webinar, focusing on the new PCI DSS 4.0 standards. In this session, Mark Carrizosa, our esteemed Director of Information Security and owner for the Akamai Global PCI program, takes on the auditor's role in a simulated live audit, while Chris Trynoga simultaneously demonstrates how Akamai Guardicore Segmentation adeptly navigates the evolving compliance challenges of PCI 4.0. This webinar aims to clarify and simplify the complexities involved in adhering to the new standards, offering an in-depth examination of the procedures and tactics for seamless compliance navigation. Gain hands-on experience with the most current compliance strategies and acquire thorough knowledge on the critical elements of PCI DSS 4.0, all through a mix of expert discussions and real-time demonstrations. Whether you're new to the compliance scene or a veteran looking to update your practices with the newest standards, this webinar is designed to elevate your understanding and application of compliance measures. During the session you will:: - Understand the nuances and requirements of PCI DSS 4.0 from experienced professionals. - Learn how to leverage Akamai Guardicore Segmentation for efficient and effective compliance with the latest standards. - Enhance your understanding of PCI DSS 4.0 and how to apply it to your compliance efforts. Note: The simulated audit scenario presented is designed for educational purposes to illustrate proactive compliance strategies with PCI DSS 4.0. Individual results may vary.

These are also closely related to: "GRSee PCI-DSS 4.0 Compliance for Guardicore"

  • Cover

    Download

    Accelerate Your Compliance with the Latest PCI DSS Standards

    By:

    Type: Video

    As the use of payment card data has evolved and become more widespread, the methods and techniques that attackers use to access, harvest, and sell that data have evolved in concert. The Payment Card Industry Data Security Standard, or PCI DSS, has adapted in turn, forcing companies to update their policies and their software. The latest standards, PCI DSS 4.0 and 4.0.1, include several new security requirements and updated guidance to address current threats and technologies. In this on-demand video webinar, sponsored by Akamai, you’ll learn the importance of: Streamlining workflows for security and compliance teams Reducing the auditing burden with purpose-built and dedicated PCI capabilities Receiving and logging actionable PCI alerts for events related to compliance Consolidating vendors to meet PCI requirements with Akamai’s comprehensive portfolio of security solutions.

  • Cover

    Download

    Are Your Developers Ready For PCI-DSS 4.0?

    By:

    Type: Video

    The latest version of the Payment Card Industry Data Security Standard (PCI DSS), version 4.0, was released in March 2022. Although the requirements won't take effect until 2025, it's crucial to start preparing now. Director of Application Security Mike Burch discusses the new PCI-DSS v4.0, including: - An Explanation of PCI-DSS - An Overview of PCI-DSS v4.0 Requirements - Review of PCI-DSS Requirement 6 - How to Get Developers Trained to be Compliant with PCI-DSS Continuous secure coding training for your SDLC can meet many updates and new requirements in PCI DSS v4.0. By leveraging Security Journey's training platform, organizations can drive PCI training success by providing highly effective, engaging, and customizable training programs that enable employees to learn and apply the best practices for securing payment card information. Read More: https://www.securityjourney.com/post/what-you-need-to-know-about-secure-coding-training-for-pci-dss-v4.0-requirements

Find more content like what you just read:

  • Improving PCI Program Design Models for Public Sector

    By:

    Type: Talk

    The Payment Card Industry Security Standards Council (PCI SSC) instituted a major rewrite of the Payment Card Industry Data Security Standard Version 4.0 (PCI DSS v4.0) that helps public sector agencies protect their payment processing environment, and to describe how to apply the new standard. With the PCI DSS v4.0 deadline approaching, public sector agencies need to prepare to meet the new standard by the mandatory timelines. Verizon published the 2023 Payment Security Report (PSR) white paper that describes an integrated methodology of best practices that agencies can follow to manage a successful PCI DSS v4.0 program. During this webinar, we will discuss: - What public sector agencies need to know about the new PCI DSS v4.0 standard - How to manage the transition from the previous versions of PCI DSS to the new standard - Industry best practices that can be used to manage and maintain a successful PCI DSS v4.0 program - Steps agencies can take to accelerate the adoption of an effective PCI DSS v4.0 program

    Download

  • How to Be PCI DSS Compliant: Tips, Tools, and Processes

    By:

    Type: Talk

    PCI DSS is a set of security policies that protects credit card data and transactions. If your business processes credit card payments, you are likely required to comply. Demonstrating your PCI DSS compliance is no easy feat, but it can be made a lot easier with the right tools and processes in place. Join Mikiann McIntosh, Risk & Compliance Engineer, and Kyle Dimitt, Compliance Research Engineer, for this on-demand webinar outlining everything you need to know for your PCI DSS compliance efforts. Through their conversation, you’ll learn: • What PCI DSS compliance is and an overview of requirements • Actionable steps to become PCI compliant • How to demonstrate PCI compliance with a SIEM

    Download

  • How to achieve PCI DSS security compliance using a SOC

    By:

    Type: Video

    The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards set by the PCI Security Standards Council to protect cardholder data. The PCI DSS applies to all entities that store, process, and/or transmit cardholder data. In this webinar, we’ll review the 12 security compliance checklist items that PCI has mandated for 2016-2017.

    Download

  • 2022 Payment Security Report (PSR)

    By:

    Type: Talk

    The latest update to the flagship Payment Card Industry Data Security Standard (PCI DSS) will help organizations ensure that data security controls remain relevant and more effective in a shifting landscape. It’s the most significant update to the PCI DSS since its initial release in 2004. In this webinar you’ll learn about: • the three stages of PCI DSS compliance program failure. • how to formulate your goals and objectives, identify necessary requirements to meet them and remove constraints. • how organizations can best prepare for a successful transition to PCI DSS 4.0 with a focused, logical approach to solving complex challenges.

    Download

  • Preparing for PCI DSS v4.0 Client-Side Protection Requirements

    By:

    Type: Replay

    The Payment Card Industry (PCI) Security Standards Council released a revised version of its Data Security Standard, PCI DSS 4.0, which delineates the minimum-security requirements that merchants must meet when they store, process, and transmit cardholder data. PCI DSS v3.2.1 will be retired on 31 March 2024 after which PCI DSS v4.0 will be the only active version. Many of new requirements in PCI DSS are best practices until 31 March 2025, after which they are required and must be fully considered as part of any PCI DSS v4.0 assessment. Join members from the PCI Security Standards Council and F5 as they outline the new PCI DSS 4.0 e-commerce requirements, how to prepare, and steps you can take now to meet the new client-side requirements (6.4.3 and 11.6.1) to ensure the integrity of e-commerce web pages that handle payments. Attend this webinar to learn: - How digital skimming and Magecart attacks are conducted and why they are successful - What new PCI DSS 4.0 client-side requirements (6.4.3 and 11.6.1) were added to address these challenges - Best practices and resources available for meeting those requirements - Timelines you should be aware of and the steps you can take now

    Download

  • Navigating the new PCI DSS 4.0 client-side and API requirements

    By:

    Type: Replay

    The Payment Card Industry (PCI) Security Standards Council released a revised version of its Data Security Standard, PCI DSS 4.0, which delineates the minimum-security requirements that merchants must meet when they store, process, and transmit cardholder data. This brings significant changes to the payments security ecosystem and compliance standards, emphasizing governance, organizational maturity, technical controls, and targeted risk analysis to a greater extent. Is your organization prepared for the transition to PCI DSS 4.0? Join this webinar to gain valuable insights that will help you adapt to the new PCI DSS v4.0 requirements, enhance your compliance journey, and ensure the security and trust of your payment ecosystem. Key takeaways: - How digital skimming and Magecart attacks are conducted and why they are successful - What new PCI DSS 4.0 client-side and API requirements were added to address these challenges - Best practices and resources available for meeting those requirements Timelines you should be aware of and the steps you can take now

    Download

  • Preparing for PCI DSS 4.0: What You Need to Know

    By:

    Type: Talk

    The clock is ticking on PCI DSS v3.2.1. On 31 March 2024, PCI DSS v3.2.1 will be retired, making the transition to PCI DSS v4.0 essential for organizations involved in payment data security. Join us to gain valuable insights, practical tips, and expert guidance to ensure your organization's successful transition to PCI DSS v4.0. Our panel of experts including the PCI Security Standards Council will guide you through the essential steps for a seamless transition, including: - The importance of starting the transition process now to ensure a smooth and efficient shift to PCI DSS v4.0 before the retirement of v3.2.1. - The significance of maintaining existing security controls, even as you implement changes for PCI DSS v4.0, to ensure ongoing protection of payment data. - How to navigate the changes in PCI DSS v4.0 by understanding the requirements, mapping them against current security controls, and analyzing their impact on your organization. - Customized approaches for PCI DSS v4.0 validation, considering your organization's security strategy and risk management approach. Live attendees will earn 1.5 CPE credits on this webinar. Register now to secure your spot and prepare your organization for the future of PCI DSS!

    Download

  • Optimize the implementation of PCI-DSS v4.0 on endpoint security

    By:

    Type: Talk

    PCI Data Security Standard is a global standard for protecting account data. The latest version PCI-DSS v4.0 was finalized last year. This new standard impacts on every organization and company in the world that accepts debit or credit card payment. In this presentation, industry thought leader Ralph Villanueva will leverage his knowledge and expertise in the PCI-DSS standards to discuss its impact on the enterprise endpoints, and provide recommendations on how to use this framework to optimize endpoint security.

    Download

  • Navigating PCI Compliance Leveraging Deep Observability

    By:

    Type: Video

    The Payment Card Industry Data Security Standard (PCI DSS) sets rigorous global benchmarks for safeguarding credit card and payment transaction data. Achieving compliance can often seem daunting due to its complexity and the lack of a straightforward path. In this webinar, we’ll delve into how Gigamon’s Deep Observability pipeline can simplify and enhance your journey to PCI compliance. We will cover: - Core PCI DSS Requirements: Understand the essential standards for protecting payment data. - Data Generation for Reporting: Learn how to efficiently produce necessary certificates and gain visibility into IoT and Point of Sale (PoS) environments. - Performance Troubleshooting: Discover methods for addressing performance issues and managing SLAs/SLOs to avoid financial penalties. Additionally, we’ll share a real-world case study highlighting how one of our customers successfully utilized the Deep Observability pipeline to achieve PCI compliance and streamline their security operations. Join us to explore practical strategies and solutions for navigating PCI DSS compliance with confidence.

    Download

  • PCI DSS v4.0 - Navigating the Seven Cs

    By:

    Type: Talk

    Webinar: PCI DSS v4.0— Navigating the Seven Cs Join us for the third installment of our webinar series, as we help companies act with confidence in light of significant updates to the flagship Payment Card Industry Data Security Standard (PCI DSS v4.0). Earlier in the series, we discussed the impact of PCI DSS v4.0, how to interpret key components and how to develop a plan to meet complex requirements. Now, we chart our course to conquer the “seven Cs” — the top constraints that most businesses face as they move forward in their transition. One of the most important things businesses must do to be successful is to take action now — and our panel is ready to show you how. Join our panelists. Host: Sam Junkin, Verizon Global Lead for Governance, Risk and Compliance Matt Arntsen, Regional Lead for US PCI Delivery, Payment Security Practice, Americas, Verizon Ciske van Oosten, Lead Author of the Payment Security Report and Head of Global Business Intelligence, Verizon Cyber Security Consulting Peggy Nolan, CEO, Payment Card Assessments, LLC

    Download

  • Virtual certainty: How to ensure you are meeting PCI DSS compliance

    By:

    Type: Video

    Establishing and sustaining compliance with the Payment Card Industry Data Security Standard (PCI DSS) in virtualized cloud environments has never been simple, but now it raises a host of new challenges. Join your fellow professionals to look at the PCI DSS and its new virtualization guidelines, and discover a series of best practices for efficiently and effectively complying with these standards. The webinar will discuss why encryption is such a critical requirement for ensuring data isolation in multi-tenant environments, explores the PCI requirements around key management, and unveils important strategies for efficiently complying with these rules.

    Download

  • PCI DSS 4.0: Compliance in a Rapidly Evolving Payment Landscape

    By:

    Type: Talk

    No matter how big or small, every company must adhere to PCI compliance standards. In today's digital environment, protecting client data is essential, and the Payment Card Industry (PCI) Data Security Standard (DSS) is made to do just that. Businesses need to stay current with the most recent PCI compliance rules as the world of digital transactions changes and cybercrime increases. PCI DSS has not undergone a significant upgrade in almost a decade. The switch to 4.0 will be difficult for many businesses due to new controls, modifications to the reporting format, availability of a "customizable approach," and other factors. Most importantly, PCI DSS's primary change and focus for this webinar is the enhanced flexibility it offers organizations of all industries, depending on their needs. In this webinar, we will be going over the following topics: • What is the Goal of PCI DSS V4.0? • Why the update to PCI DSS V4.0 • What are the key changes for PCI DSS V4.0? • What do you need to do to Prepare for PCI V4.0? • How do you Keep Employees and Your Organization PCI Compliant? Join our webinar session as we have Juan Carlos Hernandez, the Practice Leader for PCI at 24By7Security, talk about PCI compliance and why it's crucial. He will also review many of PCI 4.0's main changes so that your company can comply with the new requirements by the deadline. This is an excellent opportunity to learn from one of the best in the business! SAVE YOUR SPOT TODAY! Who Should Attend?  CISOs  CTOs  Compliance Officers  Security Officers Do you need CPE/ CEU Credits? Attending this webinar may make you eligible for CEUs or CPE credits at some professional associations. Please check with your professional association and its policies to see if you may apply for CEUs or CPE credits for this webinar. After viewing the entire webinar, you can download a certificate of completion from BrightTALK.

    Download

  • Mapping the Cloud Control Matrix (CCM) 4.0 to PCI DSS 4.0

    By:

    Type: Replay

    Join us for an informative webinar as we delve into the recent release of the Cloud Control Matrix (CCM) version 4.0 by the Cloud Security Alliance (CSA) and its mapping to the latest iteration of the Payment Card Industry Data Security Standard (PCI DSS) version 4.0. In this session, we will explore the intricacies of these essential industry standards and how their alignment can enhance security and compliance within the cloud environment. Our expert panelists will discuss the key changes and updates in both the CCM 4.0 and PCI DSS 4.0 standards, highlighting their significance in today's evolving cybersecurity landscape. Through practical insights and real-world examples, attendees will gain a deep understanding of the intersection between cloud security best practices and payment card data protection. Whether you are a cloud service provider, a PCI DSS-compliant organization, or a security professional seeking to bolster your knowledge, this webinar offers a valuable opportunity to stay current with industry trends and best practices. Don't miss the chance to explore the synergy between CCM 4.0 and PCI DSS 4.0 and how it can drive your organization's security posture to new heights.

    Download

  • Go Beyond Excel, The Path to Efficient PCI Compliance for Tier 1 Merchants

    By:

    Type: Replay

    Organizations have an ethical responsibility and contractual obligation to protect the sensitive payment card information of their customers. Join this informative webinar to learn how Tier 1 merchants can ease their burden to comply with PCI DSS. Join industry experts, Dawn Gustafson and Kirk Hogan, as they cover: • Critical updates from PCI DSS versions 3.2.1 to 4.0. • Drawbacks of traditional compliance tools like Excel and a comparison to an integrated solution approach. • Identify the advantages of an integrated solution approach. • Opportunities to unlock the future of your PCI program.

    Download

  • Avoiding PCI DSS v4.0 Confusion. New Methods for Predictable Outcomes

    By:

    Type: Talk

    The Payment Card Industry Security Standards Council (PCI SSC) recently made an extensive update to the PCI Data Security Standard (DSS) version 4.0. This major release brings significant changes with compliance requirements, including how to validate and report on compliance. It will help organizations ensure that data security controls remain relevant and more effective in a shifting payment security landscape. The Verizon 2023 PSR white paper introduces an advanced security program design consisting of an integrated set of management methods, models and frameworks. This integrated set of management methods is designed to harness the combined capabilities within your organization and establish better management of your PCI security program by helping you plan, design, and improve every aspect of your program. Join to hear from our payment security experts behind the latest whitepaper and get the insight on how to prepare to successfully navigate PCI DSS v4.0. - What you need to know about PCI DSS v4.0 - How to manage the transition - How to economically operate and sustain a successful program - Action point - what to do next

    Download

  • Session 2: PCI DSS 4.0: Raising the Bar

    By:

    Type: Talk

    In today’s ever changing digital landscape, organizations must be prepared to deal with the increasing threats and risks associated with credit card transactions. Regardless of size, companies who store, process, or transmit credit card data must have the appropriate safeguards in place to protect that data. Compliance with the Payment Card Industry Data Security Standard (PCI DSS) is not only mandatory but essential to providing a standard and consistent framework to provide that protection. Version 4.0 of the PCI DSS framework represents the most significant upgrade in nearly a decade.  The adoption of version 4.0 will be challenging for many companies as they navigate the changes to reporting format, implementation of new controls, availability of the new “customized approach”, changes to the Self-Assessment Questionnaires, and other factors.  During this session, we will review the following topics and how they can impact readiness for PCI DSS version 4.0: -What remains consistent within the PCI DSS landscape -The key goals of PCI DSS Version 4.0 -Key changes within Version 4.0 -The “Customized Approach” -Key changes to the SAQs (Self-Assessment Questionnaires) -Preparing for Version 4.0 CPE credit available for qualifying live attendees only. You must answer at least three polling questions during the live event. CPE will be emailed to qualifying attendees within 1 week after the live event. CPE Credit: 1.0. Field of Study: Information Technology. Program Level: Beginner/Intermediate. Delivery Method: Group Internet-Based. Prerequisites/Advance Preparation: None. Elements of Engagement: Poll Questions

    Download

  • Four Common Trends in PCI DSS 4.0 Compliance

    By:

    Type: Video

    Gene Yoshida examines real-world case studies and expert perspectives to offer strategies to navigate the complexities of modern payment card security and every facet relating to the PCI DSS 4.0 mandate.

    Download

  • How to bolster your authentication strategy for PCI DSS 4.0

    By:

    Type: Talk

    The primary point for most cyber attacks—phishing, ransomware, and data theft—due to stolen credentials, making the need for stronger authentication practices imperative. The Payment Card Industry Data Security Standard (PCI DSS) holds organizations worldwide accountable for implementing higher levels of cybersecurity to safeguard sensitive information like payment card information (PCI), employee and customer personal identifiable information (PII). With PCI DSS v3.2.1 sunsetting at the end of March 2024, meeting version PCI DSS v4.0 will be top of mind across industries like financial services, retail, hospitality, telcos—truly any and all entities involved in payment processing. Attend this webinar to learn about: - Embracing the move to PCI DSS 4.0 compliance guidelines and what this means for your authentication strategy - How not all forms of multi-factor authentication (MFA) are created equal - The need for adopting phishing-resistant MFA using device-bound passkeys for user access to critical systems and customer-facing digital services - Prioritizing cybersecurity investments to protect against cyber threats. Confidentiality and Data Processing: The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

    Download

  • 2022 Payment Security Report (PSR) for SMB

    By:

    Type: Talk

    No matter which industry you operate in or what size business you have—small, medium or large—you need to meet the payment card industry (PCI) security compliance requirements and validate compliance annually if you accept card payments and process, transmit or store cardholder data (CHD). In this webinar you’ll learn about: - How do you choose your goals and objectives? - How do you choose what to prioritize and what to spend time on? - How to navigate the changing requirements introduced by PCI DSS version 4.0

    Download

  • PCI DSS v4.0: achieving more with limited resources

    By:

    Type: Talk

    The Payment Card Industry Security Standards Council (PCI SSC) instituted a major rewrite of the PCI Data Security Standard (DSS) in v4.0 which becomes mandatory on March 31, 2024. Small and Medium sized businesses (SMB) may typically have smaller PCI security compliance environments to manage, compared to large enterprises, but they typically also have fewer resources to apply to the design and management of security compliance programs. SMB organizations benefit from designing PCI security programs that achieve more results with less. An agile approach to PCI security program management helps SMBs succeed. The impact of PCI DSS v4.0 on SMB organizations How to improve your program design to increase focus and productivity How to design your program to be more economical How to achieve more with less - achieve success with limited resources The next steps

    Download

  • PCI DSS v4.0: achieving more with limited resources

    By:

    Type: Talk

    The Payment Card Industry Security Standards Council (PCI SSC) instituted a major rewrite of the PCI Data Security Standard (DSS) in v4.0 which becomes mandatory on March 31, 2024. Small and Medium sized businesses (SMB) may typically have smaller PCI security compliance environments to manage, compared to large enterprises, but they typically also have fewer resources to apply to the design and management of security compliance programs. SMB organizations benefit from designing PCI security programs that achieve more results with less. An agile approach to PCI security program management helps SMBs succeed. The impact of PCI DSS v4.0 on SMB organizations How to improve your program design to increase focus and productivity How to design your program to be more economical How to achieve more with less - achieve success with limited resources The next steps

    Download

  • Operationalizing an Effective PCI Segmentation Architecture

    By:

    Type: Video

    PCI DSS requires 100% compliance at all times. But maintaining compliance and executing the recommendations on scoping and segmentation can be difficult. Watch as PCI segmentation expert, Vivian Tero, explains the current state of PCI compliance, shares customer insights on critical capabilities for effective PCI segmentation, and demonstrates key Illumio capabilities.

    Download

  • Serious Business PCI DSS 4.0 Compliance After April 1st

    By:

    Type: Talk

    Join us for an exclusive, conversational webinar, "Serious Business: PCI DSS 4.0 Compliance After April 1st." Complying with PCI DSS 4.0 truly is “serious business.” In fact, not being compliant with PCI DSS 4.0 (which is the mandated standard beginning April 1st, 2024) has major consequences. Non-compliance can result in losing your ability to accept credit cards, monthly fines, and liability for fraudulent charges, or even having to close your business. PCI DSS 4.0 has brought significant changes, presenting new challenges and opportunities for businesses worldwide. Now, it's crucial to understand what lies ahead in this evolving regulatory environment. Our PCI Practice Leader, Juan Carlos Hernandez, a seasoned professional and compliance specialist, is here to guide you to PCI DSS 4.0 Compliance. Gain invaluable insights and actionable strategies tailored to help you thrive amidst the regulatory shifts. Key Topics: 1. Understanding PCI DSS 4.0 Changes: Delve into the latest updates of PCI DSS 4.0. From enhanced authentication to advanced encryption protocols, grasp the nuances reshaping compliance standards. 2. Overcoming Compliance Hurdles: Explore common challenges and learn how to overcome them effectively. Our speaker will share practical tips to fortify your security posture and ensure seamless compliance. 3. Crafting Your Compliance Strategy: Every organization is unique. Discover how to develop your compliance strategy, in collaboration with your leadership, in alignment with your specific needs and resources. 4. Proactive Risk Management: Stay ahead of potential security threats by implementing proactive risk management strategies. Identify vulnerabilities, address them promptly, and safeguard your organization against data breaches and penalties. Join us as we unravel the complexities of PCI DSS 4.0 compliance and empower your organization to navigate the regulatory terrain with confidence.

    Download

  • PCI-DSS 4.0 Explained: Enhancements, Challenges, and APIs

    By:

    Type: Replay

    Join us for a webinar discussing the challenges organizations face in transitioning to PCI-DSS 4.0 and implementing new security measures. We will explore the updates to the security framework and the critical need to secure APIs to protect sensitive payment information. Don't miss this opportunity to learn about the latest in PCI-DSS 4.0 and how to effectively adapt to these new standards.

    Download

  • PCI DSS v4.0—Time for Action

    By:

    Type: Talk

    Join us for the follow-up exploration of the latest update to the flagship Payment Card Industry Data Security Standard (PCI DSS). In our first webinar, we discussed the impact of PCI DSS v4.0 and the key components of developing a plan to meet the new compliance requirements. Now, we turn our focus to the steps and success factors for correctly interpreting the increasingly complex requirements. Our panel will explore early execution strategies and will talk with leadership from the popular retailer, Target, about how they’re achieving transition success. Join our panelists: Host: Matt Arntsen, Senior Manager, Payment Security Practice – Americas, Verizon Ciske Van Oosten, Lead Author of the Payment Security Report and Head of Global Business Intelligence, Verizon Cyber Security Consulting Emma Sutcliffe, SVP, Standards Officer, PCI Security Standards Council Lauren Holloway, Director, Data Security Standards, PCI Security Standards Council Tony James, Director, Payment Security, Target

    Download

  • Prepare for PCI DSS v4.0 with Confidence

    By:

    Type: Replay

    As regulatory mandates and frameworks continue to emerge, cybersecurity leaders must continue to adapt to more than just the latest threat actor TTPs. Next up in our “Crafting Your Compliance Blueprint” series: complying with PCI DSS v4.0. Implementing the new PCI DSS v4.0 assessment and reporting requirements can be challenging, but are in place to empower cybersecurity leaders to proactively address evolving threats to card data and payment systems while ensuring proper scrutiny on the organization's critical controls, assets, operations, and security posture. Join Christopher Strand (Global Risk Officer) and Brian Contos (Chief Strategy Officer, Sevco Security) as they discuss: - How PCI DSS v4.0 assessment themes differ from its predecessor’s (3.2.1) and what to prioritize in the lead up to March 2025 when new requirements become mandatory - Best practices for analyzing your attack surface, prioritizing the gaps you find, and conducting risk assessments as a process - Actionable recommendations to help enforce and prove controls within PCI DSS v4.0 assessments to enable better and accelerated collection and communication of compliance and security policy Save your seat today!

    Download

  • PCI DSS 4.0 - the New Client-Side Security Frontier

    By:

    Type: Talk

    March of 2025 will mark a pivotal moment in cybersecurity, as PCI DSS 4.0 introduces requirements to combat payment data theft from web browsers. Don't be caught off guard – join our cybersecurity experts and prepare your online organization to thrive in the PCI DSS 4.0 era. Here’s a few of the topics we’ll cover: • A look into PCI DSS 4.0's new client-side security paradigm • Find out how requirements (6.4.3 & 11.6.1) safeguard against fraud and breaches • Busting compliance obligation myths to ensure regulatory adherence

    Download

  • PCI DSS 4.0 - the New Client-Side Security Frontier

    By:

    Type: Replay

    March of 2025 will mark a pivotal moment in cybersecurity, as PCI DSS 4.0 introduces requirements to combat payment data theft from web browsers. Don't be caught off guard – join our cybersecurity experts and prepare your online organization to thrive in the PCI DSS 4.0 era. Here’s a few of the topics we’ll cover: • A look into PCI DSS 4.0's new client-side security paradigm • Find out how requirements (6.4.3 & 11.6.1) safeguard against fraud and breaches • Busting compliance obligation myths to ensure regulatory adherence

    Download

  • PCI Regulations and Compliance Deadlines 2024 - Are you Prepared?

    By:

    Type: Talk

    The PCI Security Standards Council (PCI SSC) is a global forum that brings together payments industry stakeholders to develop and drive adoption of data security standards and resources for safe payments worldwide. The council’s Payment Card Industry Data Security Standard (PCI DSS) defines a set of security standards to ensure the protection of cardholder data. One of the standards defines the Personal Identification Number (PIN) Security requirements. It specifies controls for the secure management, processing, and transmission of PIN data during online and offline payment card transaction processing at ATMs and point-of-sale (POS) terminals. To adapt to the changing spectrum of information security, the council has made a few fundamental changes to the security requirement that drives the Payment Industry. In a series of 2 Webinars we will cover everything you need to know to stay on top of these changes. In our first webinar we will discuss: - PCI PIN 32-9 | Eliminate clear key injection (most direct inject) | Migrate to encrypted injections enabling Remote Key Injections - PCI PIN 18-3 | Key Block Migration - PCI DSS 3.7.4 | Cryptoperiod Requirements - PCI PIN 2-3 | Moving the industry from TDES to AES We will simplify what these changes mean to the day-to-day operations in the payment industry. Our top industry subject matter experts and speakers will: - Review the impact of the upcoming PCI regulations - Clarify implementation dates and milestones - Explain the scope and changes of the regulations - Answer any questions you may have Date & Time: January 17, 2024 9am PST/12pm EST Register now! Part two of the Webinar series will take place in February 2024 and will cover Visa’s PCI PIN changes. Don’t miss it!

    Download

  • A Step-by-Step Plan to Prepare for PCI DSS 4.0

    By:

    Type: Replay

    The latest update to the flagship Payment Card Industry Data Security Standard (PCI DSS) is fast approaching; it’s also the most significant update since the Standard’s initial release in 2004. Join us to learn how to address, prepare for and meet these evolving security standards with confidence. Our panel of experts will discuss the implications and impact of PCI DSS 4.0. We’ll take a look at: • The payment security landscape as it stands now • Top challenges businesses may face with the new update • Critical aspects that make up a manageable preparedness strategy focusing on goals and objectives, resource alignment, stakeholder involvement, timeline guidance, and compliance A PCI security compliance management program is a complex system with many moving parts. Organizations must apply focus—and truly know which objectives to prioritize. How do you sort out the important changes from the trivial? Don’t miss this critical discussion, where we’ll explore how your organization can prepare to address these landmark changes.

    Download

  • Defending against client-side browser attacks

    By:

    Type: Replay

    Whether you call them browser supply chain attacks, 3rd party dependency attacks, Magecart style attacks, or anything else, compromised JavaScript dependencies are hard to detect, even with the best security teams. Compromised dependencies, such as in an analytics plugin, a chatbot, or a credit card payment tool, can compromise your users’ security and data – not to mention run afoul of regulations like PCI DSS compliance. Join this session to see our client-side security in action and learn how to integrate defense against browser supply chain attacks into your app security posture to: - Monitor and track 3rd party scripts loaded in your web apps - Alert on changes to those dependencies - Comply with client-side security requirements in regulations like PCI DSS

    Download

  • Defending against client-side browser attacks

    By:

    Type: Replay

    Whether you call them browser supply chain attacks, 3rd party dependency attacks, Magecart style attacks, or anything else, compromised JavaScript dependencies are hard to detect, even with the best security teams. Compromised dependencies, such as in an analytics plugin, a chatbot, or a credit card payment tool, can compromise your users’ security and data – not to mention run afoul of regulations like PCI DSS compliance. Join this session to see our client-side security in action and learn how to integrate defense against browser supply chain attacks into your app security posture to: - Monitor and track 3rd party scripts loaded in your web apps - Alert on changes to those dependencies - Comply with client-side security requirements in regulations like PCI DSS

    Download

  • A strategic approach for PCI DSS 4.0

    By: Cloudflare

    Type: White Paper

    "The shift to the cloud and to hybrid work made PCI compliance more complex in many ways. And with PCI DSS 4.0 rolling out, it is more essential than ever for organizations to find a way to streamline compliance.Download this whitepaper to learn about:

    Download

  • A Step-by-Step Plan to Prepare for PCI DSS 4.0

    By:

    Type: Talk

    The latest update to the flagship Payment Card Industry Data Security Standard (PCI DSS) is fast approaching; it’s also the most significant update since the Standard’s initial release in 2004. Join us to learn how to address, prepare for and meet these evolving security standards with confidence. Our panel of experts will discuss the implications and impact of PCI DSS 4.0. We’ll take a look at: • The payment security landscape as it stands now • Top challenges businesses may face with the new update • Critical aspects that make up a manageable preparedness strategy focusing on goals and objectives, resource alignment, stakeholder involvement, timeline guidance, and compliance A PCI security compliance management program is a complex system with many moving parts. Organizations must apply focus—and truly know which objectives to prioritize. How do you sort out the important changes from the trivial? Don’t miss this critical discussion, where we’ll explore how your organization can prepare to address these landmark changes. Contact us: paymentsecurity@verizon.com

    Download

  • Secure payment vulnerabilities with Point-to-Point encryption

    By:

    Type: Video

    Everyday consumers assume that when making a purchase, online or in-store, their card data is handed off to a trusted source, with security in place to protect them. However protecting these transactions and the retail payment ecosystem has become increasingly complex, with recent data breaches of large retailers testament to the vulnerabilities. In addition, compliance with PCI DSS fails to address some of these vulnerabilities resulting in potential exploitation with disastrous consequences. To address these security gaps the scope of security needs extending from the merchant, acquirer, switch and bank or card issuers to include the manufacturers of payment terminals at the point of sale and developers of payment application software. Join your fellow professionals to understand how by using Point-to-Point Encryption, card data is encrypted from the earliest possible moment of its capture, and ensures that data remains in an encrypted state consistently until it arrives at the payment gateway. Then understand why many merchants are considering P2PE not only to secure vulnerabilities, but also because it can effectively remove some of the merchant’s own security infrastructures from the scope of compliance with regulations such as PCI DSS. Lastly understand why encryption is only as secure as the encryption keys as when cryptography is used to protect valued data, the risk is transferred from the data to the keys.

    Download

  • Verizon Threat Research Advisory Center MIB:2022 Verizon Payment Security Report

    By:

    Type: Talk

    No matter which industry you operate in or what size business you have—small, medium or large—you need to meet the payment card industry (PCI) security compliance requirements and validate compliance annually if you accept card payments and process, transmit or store cardholder data (CHD). Join us—the Verizon Threat Research Advisory Center – for our Monthly Intelligence Briefing (MIB) for an overview of the newly released 2022 Verizon Payment Security Report (PSR), and discussion on how the changing governance requirements introduced by the new PCI DSS version 4.0, will require a deeper understanding of your operational environment. Discussion points: ● State of the threat - PCI; ● 2022 PSR Key Findings; ● Preparing for the transition to PCI DSS 4.0; Next we will have Abdul Abufilat, from our VTRAC - Threat Intelligence team go through the monthly “Ransomware Roundup”, which details industry & geographic effects, new attack techniques, and emerging ransomware malware threats. And then we'll turn things over to David Kennedy, Managing Principal, Open Source Intelligence to cover: ● Current Intelligence Overview ● Attacks and Threat Indicators ● Latest Malware Trends ● Significant Vulnerabilities If you have any questions related to social attacks and data breaches that you'd like us to cover on the call, please send them to the following email address: Intel.Briefing@verizon.com Then tune in for an information-packed session brought to you by our very own Verizon Threat Research Advisory Center investigators, analysts, assessors, and researchers!

    Download

  • Commerce Chats: Make a Fast Break Toward PCI Script Compliance

    By:

    Type: Replay

    Think your site isn't vulnerable to web scraping attacks? Think again. Malicious actors are eager to compromise your webpage scripts to gain access to customer credentials or credit card information. According to Akamai research, 50% of commerce customers use 3rd party scripts, which can be vulnerable to Magecart style attacks. In this session, we'll discuss the latest PCI DSS 4.0 requirements for script protection so brands can better identify, monitor and manage suspicious and malicious script behavior.

    Download

  • Commerce Chats: Make a Fast Break Toward PCI Script Compliance

    By:

    Type: Replay

    Think your site isn't vulnerable to web scraping attacks? Think again. Malicious actors are eager to compromise your webpage scripts to gain access to customer credentials or credit card information. According to Akamai research, 50% of commerce customers use 3rd party scripts, which can be vulnerable to Magecart style attacks. In this session, we'll discuss the latest PCI DSS 4.0 requirements for script protection so brands can better identify, monitor and manage suspicious and malicious script behavior.

    Download

  • Secure Top 5 Payment Use Cases While Remaining PCI Compliant

    By:

    Type: Talk

    PCI Compliance is crucial for businesses handling financial transactions. It ensures the protection of sensitive customer information, reducing the risk of data breaches and fraud. Adhering to the Payment Card Industry Data Security Standards (PCI DSS) helps maintain customer trust and avoid financial penalties associated with non-compliance. Additionally, it promotes secure transactions and strengthens the overall security framework of the business. Our webinar will focus on PCI compliance and top use cases from the payment ecosystem. From PIN Translation to ATM remote key loading, we’ll help you understand how your organization can leverage Payment Hardware Security Modules (HSMs) to protect sensitive data throughout the transaction lifecycle. Focus of the webinar: - Understanding PCI Compliance - Role of Payment HSMs - Focus on top use cases like PIN Translation, ATM RKL, PIN Verification, and others - Utimaco’s solution for fulfilling different use cases Join our webinar to understand use cases while remaining PCI compliant.

    Download

  • Streamline PCI DSS 4.0 compliance with a unified security approach

    By: Cloudflare

    Type: White Paper

    As PCI DSS 4.0 brings new compliance requirements, organizations need a streamlined approach to address them. This whitepaper outlines how Cloudflare's connectivity cloud can help you meet PCI DSS 4.0 with security, visibility, and automation. Read the full whitepaper to learn more.

    Download

  • PCI DSS 4.0 Myths and Facts from the Assessor's Perspective

    By:

    Type: Video

    Experience the assessor's perspective on the profound shifts introduced by PCI DSS 4.0 and hear their guidance for navigating this substantial transition in the PCI landscape.

    Download

  • PCI DSS 4.0 Cybersecurity Best Practices Webinar

    By:

    Type: Replay

    Any organization that accepts credit cards in the U.S. must comply with the new Payment Card Industry Data Security Standard (PCI DSS) v4.0. The consequences for non-compliance include: • Fines up to $100,000 per month • Increased transaction fees • Termination of merchant agreements • Fees and penalties for data loss • Costs for potential lawsuits • Brand damage and customer loss Join us for a fireside chat with Gene Yoshida, Risk Consultant with a leading Financial Services Firm, on Tue Oct 17 at 8 AM PT to hear about key insights into the latest requirements under v4.0 and how you can ensure cybersecurity compliance. Here’s what you’ll learn by attending: • PCI DSS 4.0 timeline and recommended milestones • New v4.0 mandates as compared to previous versions • Which industries are affected and how • How compliance, IT, and security teams can collaborate to comply • Which solutions will be effective to avoid audit failures, which won’t, and why

    Download

  • PCI DSS 4.0 - Warum Sie jetzt handeln sollten.

    By:

    Type: Talk

    - Herausforderungen bei der Einführung des neuen Standards PCI DSS 4.0 - Was ändert sich? - Wie kann PCI schrittweise eingeführt werden?

    Download

  • 2024 Payment Security Report for Small and Medium Business

    By:

    Type: Talk

    With the introduction of PCI DSS v4.0 in 2022, many organizations realized that they could not continue to keep doing the same activities in terms of program and control evaluation. They could not keep hanging on to an evaluation approach built for past practices and an outdated standard (PCI DSS v3.2.1). Several new and updated controls in PCI DSS v4.0 include more explicit requirements on evidence of compliance to substantiate that the assessed entity developed, implemented and is maintaining processes to support ongoing data security. Join our Verizon experts to learn about: - The challenges organizations like yours face and how to improve your security controls. - The methods and concepts highlighted in this report and how those can help organizations design coherent program performance measurement and evaluation plans

    Download

  • The Platform Approach to PCI

    By:

    Type: Video

    Discover the intricacies of PCI DSS 4.0's technical controls spanning diverse cybersecurity functions. Learn more about a platform-centric perspective on PCI and watch a live product demonstration.

    Download

  • 2024 Payment Security Report for Public Sector

    By:

    Type: Talk

    With the introduction of PCI DSS v4.0 in 2022, many organizations realized that they could not continue to keep doing the same activities in terms of payment security program and control evaluation. They could not keep hanging on to an evaluation approach built for past practices and an outdated standard (PCI DSS v3.2.1). Public sector security teams are under competitive pressure to upgrade their program management efforts. They are held accountable for designing and implementing updated practices aligned with current requirements. Updating your PCI security program—both in terms of design and evaluation—does not need to be a complex, lengthy and costly process. Join our 2024 PSR webinar to hear from our experts about: - how to address the biggest limitations of annual compliance reviews. - how to build specific, measurable and quantifiable metrics to track progress toward goals and objectives. - how to measure program performance and develop the capabilities to keep stakeholders informed on the status and progress of achieving the overall goal of PCI security compliance

    Download

  • A Strategic Approach to Meeting the Newest PCI Requirements in a Cloud-Driven World

    By:

    Type: Talk

    The accelerated shift to the cloud as well as new PCI DSS 4.0 requirements coming into effect by March 2025, present several challenges for financial institutions, ecommerce merchants, and others subject to its regulations. As IT teams have lost control of their digital environments due to an increased reliance on cloud computing and remote work, the process of solving challenges to meet compliance requirements has become more complex. As a result, it is more essential than ever for organizations to find a way to streamline compliance. Join this conversation to learn about: - What’s new and what’s driving PCI DSS 4.0 - Challenges of PCI compliance for today's digital world - Strategies and tools for organizations to address PCI requirements in a scalable and programmable way

    Download