PCI DSS Virtual Workshop 2021

Keeping up with the dynamic PCI DSS standard is hard. With recent increases in contactless sales and e-commerce threats along with the anticipated PCI DSS v4.0 release, could you use some guidance on how to optimize your resources for this significant change to your security strategy?

Join us at The Treasury Institute for Higher Education's PCI DSS Virtual Workshop 2021 to get user scenarios and a reasonable security framework to best prepare you for PCI compliance in the year ahead.

REAL-WORLD EXAMPLES – Tuesday, June 15, 2021 | 10:30-11am EDT

What Litigators and Regulators have taught a QSA about PCI Compliance and Reasonable Security

Having a PCI DSS compliant validation does not stop litigators and regulators from suing you after a breach. To reduce the impact of a breach, organizations have to be able to show lawyers that they were using reasonable security.

Attendees will learn:

- What lawyers ask to see after a breach

- How the checkbox approach hurts you after the breach

- How to protect yourself and others

Speaker:

Viviana Wesley, CISM, PCI QSA, ISO 27001 Auditor | Principal Consultant, Governance and Compliance Services

REASONABLE SECURITY – Wednesday, June 16, 2021 | 2:45-3:15pm EDT

DoCRA (Duty of Care Risk Assessment) for PCI DSS: What you should do to prepare

With PCI DSS 4.0 moving towards a risk-based approach, organizations will have to adapt their frameworks. The Duty of Care Risk Assessment (DoCRA) showcases how you can achieve reasonable security and achieve PCI DSS compliance. By balancing mission, objectives, and obligations, companies can streamline their risk strategies based on their specific work environment. The duty of care approach helps prioritize controls and budget while meeting the needs of all interested parties – card holders, regulators, litigators, business, public.

Attendees will learn how to:

- Conduct your risk assessments so you are ready for PCI DSS 4.0

- Estimate the likelihood of risks

- Prepare and respond to regulatory investigations and plaintiffs' lawsuits

Speakers:

- Viviana Wesley, CISM, PCI QSA, ISO 27001 Auditor | Principal Consultant, Governance and Compliance Services

- Chris Cronin, ISO 27001 Auditor | Partner, Governance & Compliance Services

REAL-TIME DISCUSSION – Thursday, June 17, 2021 | 10-10:30am EDT

Live Q&A or discussion on PCI DSS 4.0 and Duty of Care Risk Assessment

A recap of our first 2 sessions and a live discussion with attendees on questions.

SPEAKERS:

- Viviana Wesley, CISM, PCI QSA, ISO 27001 Auditor | Principal Consultant, Governance and Compliance Services

- Chris Cronin, ISO 27001 Auditor | Partner, Governance and Compliance Services

ABOUT THE TREASURY INSTITUTE FOR HIGHER EDUCATION'S PCI DSS VIRTUAL WORKSHOP 2021

The workshop explores the unique PCI compliance challenges facing Higher Education institutions and how institutions can achieve and maintain compliance. It is geared toward business, financial, or IT managers responsible for PCI DSS.

The PCI DSS Virtual Workshop 2021 will focus on preparing for PCI DSS v4.0 and will introduce new sessions about other current and upcoming payment methods.

PCI DSS Requirements

PCI DSS Requirement 5.4.1: Anti-spoofing controls such as DMARC, which stands for Domain-based Message Authentication, Reporting and Conformance, Sender Policy Framework (SPF), and Domain Keys Identified Mail (DKIM) can help stop phishers from spoofing the entity's domain and impersonating personnel.