The PCI Conference for Merchants took place on 10th June 2009 in London, providing a platform for members to talk to multiple suppliers in one place, and for end users to network and interact with other end users facing similar challenges.
The conference also enabled suppliers to gain a better understanding of their users’ needs and improve the delivery of their services. The event allowed large enterprise-level organisations a unique opportunity to experience the Forum’s structured ‘sharing and facilitated debate’ approach to problem solving and solution implementation.
The full report includes discussions and presentations on how to be prepared before bringing in expensive auditors, implementing and maintaining a successful compliance programme and a technical surgery with the view from the council and payment brand Visa, a call recording expert and a Qualified Security Assessor.
Covering essential compliance areas such as approach, project management, fines, costs and funding, mapping and scoping, gap analysis and remediation, QSAs, compensating controls, wireless networks, open source software and maintenance post compliance, the report will give security professionals approaching PCI a first class reference guide and summary for the board.
Now available to purchase!
Executive Summary £125.00
Educational Seminar sessions from Verisign, nuBridges and Protiviti £125.00
Full PCI bundle (includes full output report and summary, educational seminar sessions) £450.00
“QSAs are expensive, so don’t bring them in until you need to. Do a ‘mock’ exam before involving the QSA to establish any areas that the QSA may want to ask you about that you haven’t already thought of.”
“Use the internal talent within your organisation to become compliant, and then call in the external experts. When identifying where your data is, if you don’t need it, bin it and then protect that reduced amount of data. Segregating data will help to protect it and manage it.”
“Even if you’re 20% or 30% compliant you can still be comprised, so it’s more important to secure your valuable, critical assets and sensitive data, as this would make a big difference and meet more urgent requirements.”
“While it’s nice to work with a one-stop-shop, the advice received is not always well rounded or objective. Often you are not presented with an open source solution, but rather a limited scope of commercial solutions.”
This product was added to our catalog on Tuesday 04 August, 2009.
