Making a Holiday Special For All The Right Reasons

Slides:



Advertisements
Similar presentations
Evolving Challenges of PCI Compliance Charlie Wood, PCI QSA, CRISC, CISA Principal, The Bonadio Group January 10, 2014.
Advertisements

Mobile Payment Security The Good, the Bad and the Ugly
Troy Leach April 2012 The PCI Security Standards Council.
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
JEFF WILLIAMS INFORMATION SECURITY OFFICER CALIFORNIA STATE UNIVERSITY, SACRAMENTO Payment Card Industry Data Security Standard (PCI DSS) Compliance.
PCI Compliance Roundtable Update Presented by the PCI Compliance Task Force.
PCI Compliance Forrest Walsh Director, Information Technology California Chamber of Commerce.
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance Commonwealth of Massachusetts Office of the State Comptroller March 2007.
GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Payment Processing Online and Within Dynamics GP PCI Compliance and Secure Payment Processing.
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.
Around the World, Around the Corner WorldPay for Small Business.
Why Comply with PCI Security Standards?
PCI and how it affects College Stores… ROBIN MAYO | PCIP ECOMMERCE MANAGER EAST CAROLINA UNIVERISTY.
PCI's Changing Environment – “What You Need to Know & Why You Need To Know It.” Stephen Scott – PCI QSA, CISA, CISSP
Payment Card Industry Data Security Standard (PCI DSS) By Roni Argetsinger
PCI 3.0 Boot Camp Payment Card Industry Data Security Standards 3.0.
Website Hardening HUIT IT Security | Sep
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
Your cybersecurity breach will happen! Here’s what to do to mitigate your risk Thursday, 25 September 2014.
Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:
DATE: 3/28/2014 GETTING STARTED WITH THE INTEGRITY EASY PCI PROGRAM Presenter : Integrity Payment Systems Title: Easy PCI Program.
PCI: As complicated as it sounds? Gerry Lawrence CTO
FIVE STEPS TO REDUCE THE RISK OF CYBERCRIME TO YOUR BUSINESS.
© 2014 CustomerXPs Software Pvt Ltd | | Confidential 1 Tentacles of Fraud #StarfishBanks CustomerXPs Software Private Limited.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Introduction To Plastic Card Industry (PCI) Data Security Standards (DSS) April 28,2012 Cathy Pettis, SVP ICUL Service Corporation.
Walter Conway, QSA 403 Labs, LLC Sneak Preview: What to Expect from PCI DSS v. 2.0  Changes  Clarifications  Guidance.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
Cyber Security & Fraud – The impact on small businesses.
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
Information Assurance Market Research June Executive Summary Small response rate (n=43) General low awareness of information security controls and.
PCI Compliance: The Gateway to Paradise PCI Compliance: The Gateway to Paradise.
Customer Interface for wuw.com 1.Context. Customer Interface for wuw.com 2. Content Our web-site can be classified as an service-dominant website. 3.
ThankQ Solutions Pty Ltd Tech Forum 2013 PCI Compliance.
The rising standards of EU Mobile Payments October 2015 Jeremy King, International Director.
Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.
Langara College PCI Awareness Training
BUSINESS CLARITY ™ PCI – The Pathway to Compliance.
Cybersecurity Test Review Introduction to Digital Technology.
The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit.
CompTIA Security+ Certification Exam SY COMPTIA SECURITY+SY0-401 Q&A is a straight forward,efficient,and effective method of preparing for the new.
LESSON 12 Business Internet. Electronic business, or e-business, is the application of information and communication technologies (ICT) in support of.
PCI 3.1 Boot Camp Payment Card Industry Data Security Standards 3.1.
PCI COMPLIANCE & A/R AUTOMATION 101 Nodus Technologies, Inc.
Paypal PayPal is an e-commerce business allowing payments and money transfers to be made through the Internet. With a PayPal account, you can send and.
EMV.
Cyber Insurance Risk Transfer Alternatives
ELECTRONIC PAYMENT SYSTEM
PCI DSS Improve the Security of Your Ecommerce Environment
PCI-DSS Security Awareness
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance
Payment card industry data security standards
Internet Payment.
Current ‘Hot Topics’ in Information Security Governance Auditing
Unfortunately, any small business could face the risk of a data breach or cyber attack. Regardless of how big or small your business is, if your data,
Information is at the heart of any University, and Harvard is no exception. We create it, analyze it, share it, and apply it. As you would imagine, we.
I have many checklists: how do I get started with cyber security?
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance
Connor Griesemer and Kevin Wu
PCI Compliance : Whys and wherefores
PCI DSS Erin Carrick.
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance
Third-party Payment options, PayPal Implementation
What are they and how can you stop them? 24th March 2012
Network Security Best Practices
What is BankMobile? A process to select how to receive student refunds and student payroll payments It is fast, secure, and convenient. Go to:
Goddard Chamber September 12th, 2019 Hosts: John Ash & Jon Grover
PCI, PII & 2015 Accounting.
Presentation transcript:

Making a Holiday Special For All The Right Reasons Jeremy King International Director PCI Security Standards Council

PCI Security Standards Council

I Need a Holiday!!!! Taxi or transfer Face to face Hotel Travel Agent On-line Flights Telephone Hire car Excursions and extras Credit card details sent to at least 6 different organisations Insurance

At the Airport Excess Baggage Fees Upgrades New Ticket Changes to Ticket Changes to Itinerary Duty Free Eating and Drinking

On the Aircraft Buying Food and Drink Buying Duty Free Other Products / Services Making a Phone Call Internet on Board

Problems Lost Luggage Damaged Luggage Delayed Flights Cancelled Flights Unexpected Diversions

Join the Loyalty Fraud Prevention Association, (LFPA) Today Buying Additional Loyalty Points Using Points and Value Join the Loyalty Fraud Prevention Association, (LFPA) Today

At the Hotel: Checking In Used to be so much easier. There was our side of the counter and your side. People knew where they stood, literally.

Check-in 21st Century

Services in the Hotel

One Hotel or a Chain Interlinked networks means criminals gaining access to just one site, gains access to the entire global hotel network.

So What Does All This Mean For Security?

PCI is Like Running an Aircraft It is all about Security, not just Compliance

Not Everything In Life Ends Up As You Originally Planned! However 640 years later: It is a tower It is still standing People can climb the tower It contains bells The bells ring It is still leaning

But You Cannot Always Defend Against Every Eventuality! But knowing the threat there can make a huge difference

Cloud Computing Can be great or just grey and confusing.

Encryption Is a great way to improve security.

So Where Does This All Leave Us People Process Technology And a bit of luck

Why PCI? The World is Under Cyber Attack

How Much Data Are We Losing… Source: Databreachindex.com

PCI Security Standards Council Standards, Best Practices, Training, Certification, Educational Resources Merchant & Payment Service Provider Environments Payment Equipment Payment Software Standards for payment equipment, payment software and standards for everyone in the ecosystem who handles payment information. To maintain trust and integrity that payments are secure, we certify the equipment used throughout the payments chain. We certify people who are responsible for maintaining secure environments – internal security people and external assessors and investigators. Our standards are: Effective: A third-party report investigated major data breaches over the past ten years and found none were compliant with PCI Standards at the time of breach. The PCI Standards work. Comprehensive: The Standards cover wide variety of payment security challenges, from password complexity to proper protection of EMV chip terminals, to e-commerce, and mobile payments. Industry-tested: PCI maintains lists of independent, lab-tested applications and devices to help organizations choose technology that is and verified to protect cardholder data. Certification – Equipment, Service Providers, Assessors, Investigators Training – Assessors, Investigators

New: Best Practises for Securing E-commerce

New: Best Practises for Cloud Computing Being Updated 2017 by Special Interest Group

PCI DSS Scoping and Network Segmentation Guide

PCI Guidance and Best Practices Building a security awareness program Protecting against malware Skimming prevention Defending against phishing attacks Working with third parties Maintaining PCI DSS compliance Accepting payments with a mobile phone PCI DSS compliance in the cloud All of our standards, best practices, FAQs are available on the website in our document library – Free to all that are interested in learning more and being a part of the solution. Continuously Developing documents and resources. Simplify security for the Small Business marketplace Including FAQs and tips for small merchant environments The U.S. National Institute for Standards and Technology found a vulnerability in the old software, which is used by about 90 percent of ecommerce merchants. There hasn’t been a major breach resulting from the vulnerability yet. But we expect some enterprising criminal will soon. And we don’t want anyone to be the one in the papers The Council published very specific guidance on interim risk mitigation approaches, migration recommendations and alternative options for strong cryptographic protocols. Available at: www.pcisecuritystandards.org

To Sum Up: Why PCI? You are a priority target Doing nothing is not an option PCI Standards are the best set of security requirements available This must start at the very top of your organisation Remember; People, Process and Technology is what matters Just buying the technology is not the answer

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.