Conferences / Workshop
ISO 22301 - A closer look With the increasing reliance on IT systems and processes, the need for Business Continuity and Disaster Recovery has never been higher... Mr.Sahoo was invited to speak on this interesting subject during the ISACA conference 2013. in this well received talk, he articulates on the background to ISO22301, the background to the standard, the various components, critical success factors and ofcourse the interesting Q&A.
CSI IT 2020
VISTA InfoSec declared “Best Information Security Company of the Year” by the Computer Society of India - CSI at their annual IT2020 Conference held in Mumbai on Oct 14, 15 2016. This is the second such recognition we have got in this year. At the same event, I was also inducted into the CSI "Hall of Fame" for significant contribution to the InfoSec community. The award was given by the Chairman of CSI. It was a tough contest in which the organisers checked the company’s past performanc
ISACA 20178th - 9th July, 2017
The theme for this conference was "Demystifying Security in a Digitized Economy." Over two days, speakers at this year’s conference, ranging from highly acclaimed CSOs of the country, to experts and policymakers from the government will enthrall the audience with their expertise in securing this digital transformation. Mr. Narendra Sahoo spoke on "Demystifying PCI DSS - Do’s and Don’ts for BFSI Sector" to increase your understanding of PCI DSS general practices and how you could safeguard your company’s repute.
PCI Security Standards Council Asia - Pacific Community Meeting17th - 18th May, 2017
PERHAPS THE LARGEST point of confusion with regards to the Payment Card Industry Data Security Standard (PCI DSS) and cloud computing is the question of upon whose shoulders does compliance fall and till what level?
In 2015-16, several cloud providers began asserting that their clouds were validated as PCI DSS compliant. That's all well and good, but unfortunately this validation does not trickle down to the providers' customers who deploy servers within the provider's infrastructure. If your organization wants to migrate PCI DSS in-scope systems to public cloud, there are several things to consider. When a cloud service provider says it's been validated as PCI DSS compliant, what does that mean for the enterprise customer? According to security experts, organizations shouldn't expect a PCI-validated cloud provider to relieve them of their PCI obligations. To be PCI DSS compliant, tenants still have PCI obligations.
The points were covered during the session.
1. Various models of Cloud offerings available in the industry. What could be the best possible option for you.
2. Understanding the difference between what a Cloud Provider promises and what you can actually expect.
3. SLA requirements
4. Audit points for a PCI Cloud
Certified PCI Compliance Specialist (CPCS)8th - 9th April, 2017
Mr. Narendra Sahoo conducted a 2-day Workshop on Certified PCI Compliance Specialist (CPCS) for participants registered via ISACA. The main goal of the workshop was to offer individuals the depth of knowledge necessary to understand PCI requirements and make informed decisions for compliance.