pci compliance webinars

PCI Compliance is a complex standard to navigate for Merchants and Service Providers given the vast and stringent set of requirements outlined by the PCI Council for businesses to follow. Understanding the standard and implementing security controls from your perspective of the PCI requirements makes the entire process challenging for businesses. Especially, for start-ups having limited resources to navigate and invest in the audit process can be overwhelming.

Addressing these challenges, VISTA InfoSec has been conducting informative webinars and videos on the PCI Standards. The webinar conducted is an initiative to educate Merchants, Services Providers, and other Businesses about the PCI DSS Standard to help them navigate through the process and make the journey of Compliance easier.

Here is the list of compiled top 10 PCI Compliance webinars that will give you an edge over your compliance journey. These informative PCI Compliance webinars will guide you in your efforts of compliance and make it achievable for you. Read on click the webinar links given below to view the video.  

1. PCI DSS 4.0 – What you can expect

PCI-DSS 4.0, is soon to be the latest version of the Payment Card Industry Data Security Standard which is expected to be released in mid-2021 this year. Similar to the other versions of PCI DSS, the latest version to be released will be a comprehensive set of guidelines aimed at securing systems and processes involved in storing, processing, and transmitting credit card data.

With this latest version, PCI SSC is looking at changing the standard to better support businesses in their efforts to safeguard payment card data. The PCI DSS V.4.0 would be a standard that would incorporate industry feedback received from global PCI SSC stakeholders during the 2017 request for comments (RFC) period. Elaborating more on this and how the industry feedback is shaping the PCI DSS V.4.0 we have shared all the details in the webinar.

Click here to watch the webinar :- PCI DSS 4.0 – What you can expect

2. PCI PIN Webinar- Cryptography and key management

PCI PIN Security Standards are requirements established to provide guidelines on protecting PIN during offline and online transactions in ATMs and POS terminals. The standard outlines the procedures required to achieve the highest level of encryption. This is done using Payment HSMs for Key management and cryptographic keys for PIN encryption and decryption.

Sharing details on it and more, we have conducted a webinar that includes the basics of cryptography, the best practices in Key Management, the PCI PIN certification process, and much more. The webinar will answer PCI PIN pertinent queries such as various cryptographic standards utilized for data encryption at rest and in motion, dual/split keys, terminal key management, key injection, etc. Click on the webinar link PCI PIN Webinar- Cryptography and key management below to view the recordings. 

Click here to watch the webinar :- PCI PIN Cryptography and Key Management

3. PA DSS and PCI SSF How they match & how they map

The PA-DSS Standard launched in 2008 is designed to help merchants secure their applications and safeguard cardholder data. It is a standard applicable to software developed by vendors who store, process, or transmit cardholder data and/or sensitive authentication data.

However, the PCI SSC rolled out a new framework to improve the security standards of applications that accepts and uses data in their environment. With the implementation of these new Standards, PA-DSS Standards will slowly phase out by 2022. So, covering the basics, and requirements of PA DSS standards along with explaining what to expect from the new PCI SSF. The webinar will help viewers understand the standards better and make an informed decision in achieving compliance.

Click here to watch the webinar :- PA DSS and PCI SSF How They Match & Map

4. PCI DSS – 5 Simple Technique To Reduce Scope

PCI DSS is a complex Data Security Standard that is designed to protect Cardholder Data. The Standard is broken down into 12 specific requirements that are minimum security features required to be implemented to safeguard payment data. Achieving Compliance with these Standards and requirements is not easy. This is why most businesses look to reduce their scope.

PCI DSS Scoping is of prime importance in PCI DSS, not just because it saves audit cost, but it helps organizations save time and money in managing compliance, and reduces the possibility of a breach. So, to help our viewers and readers with reducing the PCI DSS Compliance scope, we conducted an interesting webinar that provides step-by-step guidance on scoping the CDE, identifying areas where processes or technologies can be consolidated. This includes gathering information, defining a perimeter, and analyzing data flow.

Click here to watch the webinar :- PCI DSS – 5 Simple Technique To Reduce Scope

5.  Achieving PCI DSS in 90 days

PCI DSS is a complex subject to be addressed for Merchants and Service Providers. The entire process of implementing the standard requirements and achieving Compliance is a huge task. Approaching a professional Compliance consultant to navigate through the process is the best option.

 However, as a part of our initiative, to educate and help businesses in their compliance journey, we conducted a short webinar that helps and guides businesses in achieving PCI DSS compliance in 90 days. Click on the webinar link Achieving PCI DSS in 90 days to get some interesting tips from our in-house expert Mr. Narendra Sahoo who holds more than 20 years of experience in the industry. Covering critical details like the scoping process, key pitfalls in PCI DSS compliance, PCI DSS Quick Wins, best practices, and much more we have shared some of the best approaches to be adopted for achieving PCI DSS Compliance in 90 days. 

Click here to watch the webinar :- Achieving PCI DSS in 90 days

6. Using PCI DSS for ISO 27001 Compliance

PCI DSS Compliance is an Information Security Standard applicable to organizations dealing with Payment Card details. On the other hand, the ISO/IEC 27001 standard is a specification for an Information Security Management System. Since both focus on information security, the standards can be mapped and integrated for achieving better compliance. Besides mapping PCI DSS and ISO27001 Standard is essential for those who are tasked with conforming to either standard in their organizations.

Elaborating more on this, we have covered a very informative webinar on “Using PCI DSS for ISO27001 Compliance” that shares details on how organizations can achieve ISO27001 with PCI DSS Compliance. Covering critical details like sharing information on PXI DSS and ISO27001 SWOT Analysis and overlaps between both standards, we have briefly explained how achieving compliance is possible. Click on the webinar link to get some interesting insights and views from our in-house expert Mr. Narendra Sahoo who holds more than 20 years of experience in the industry.

The webinar will definitely help viewers understand the standards better and make an informed decision in achieving compliance.

Click here to watch the webinar:- PCI DSS For ISO 27001 Compliance

7. PCI DSS for GDPR Compliance

PCI DSS and GDPR Regulation share somewhat a similar goal when it comes to data protection. While PCI DSS is more focused on securing payment card data, GDPR is more focused on securing the personal data of citizens of the EU. Both the regulations require organizations to protect customer’s confidential data. Having said that, VISTA InfoSec has conducted an online webinar on PCI DSS for GDPR Compliance that explains how a PCI Compliant organization can also achieve GDPR Compliance.

The webinar explains how the journey to GDPR compliance can be more achievable by being PCI DSS compliant. Sharing valuable information such as explaining the control requirements and mapping GDPR and PCI DSS Compliance, we provide informative tips that can help our viewers make their compliance journey a lot easier.

Click here to watch the webinar:- PCI DSS For GDPR Compliance

8. Guidance for PCI DSS Scoping and Segmentation

Scoping and segmentation are an integral part of PCI compliance. Errors at this stage or process of PCI Compliance can cost an organization heavily in terms of failing the PCI audit or worse, a data breach exposing your organization to millions in potential damages. Organizations often struggle in achieving PCI DSS Compliance.

Addressing this, VISTA InfoSec conducted a webinar Guidance for PCI DSS Scoping and Segmentation that guides to help organizations identify the systems that, at a minimum, need to be included in the scope for PCI DSS. Further, critical details pertaining to how segmentation can be used to reduce the systems in PCI DSS scope are explained.

The session is intended for any entity looking to understand scoping and segmentation principles when applying PCI DSS to its environment. Click on the webinar link to get some interesting insights and recommendations that can be used for evaluating and including system components that should be covered by PCI DSS requirements. 

Click here to watch the webinar:- PCI DSS Scoping and Segmentation

9. PCI DSS & the Cloud – Top Risk & Mitigation

Cloud computing is a critically significant part of most businesses online. Although we see an increasing trend of moving data to the cloud environment, most businesses fail to meet the PCI Compliance requirements which is a must for businesses storing their critical cardholder data entirely in the cloud.  An organization needs to maintain PCI DSS Compliance while using cloud services to stay compliant and secure the Cardholder Data Environment.

Discussing more on this in detail and covering more on PCI DSS and Cloud Computing, VISTA InfoSec conducted an informative webinar for their viewers. The webinar  covers details such as various models of Cloud offerings, the SLA requirements, Audit points for a PCI Cloud and much more. Click on the webinar link to get some interesting insights and recommendations that can be used by businesses for achieving compliance.

Click here to watch the webinar:- PCI DSS & Cloud – Top Risk & Mitigation

10. PCI DSS Techniques for Data Leakage Prevention in the PCI Environment

Payment Card Industry Data Security Standards Council is the best practice for securing IT systems and establishing secure processes for the use, storage, and transmission of payment card data. It is one of the best ways to mitigate external threats, unauthorized access, and use of card data which remains to be a major concern. Covering the basics of DLP, the Strategic role of DLP in PCI DSS, Steps to DLP and Integrating DLP, DRM, and IAM, we have discussed the critical aspects of the DLP process.

Click here to watch the webinar:- PCI DSS Techniques for Data Leakage Prevention in PCI Environment

Narendra Sahoo
Narendra Sahoo

Narendra Sahoo (PCI QSA, PCI QPA, CISSP, CISA, and CRISC) is the Founder and Director of VISTA InfoSec, a global Information Security Consulting firm, based in the US, Singapore & India. Mr. Sahoo holds more than 25 years of experience in the IT Industry, with expertise in Information Risk Consulting, Assessment, & Compliance services. VISTA InfoSec specializes in Information Security audit, consulting and certification services which include GDPR, HIPAA, CCPA, NESA, MAS-TRM, PCI DSS Compliance & Audit, PCI PIN, SOC2 Compliance & Audit, PDPA, PDPB to name a few. The company has for years (since 2004) worked with organizations across the globe to address the Regulatory and Information Security challenges in their industry. VISTA InfoSec has been instrumental in helping top multinational companies achieve compliance and secure their IT infrastructure.