A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Are You Really PCI DSS Compliant? Case Studies of PCI DSS Failure! - Jeff Foresman Louisville InfoSec 2014 (Hacking Illustrated Series InfoSec Tutorial Videos)

Are You Really PCI DSS Compliant? Case Studies of PCI DSS Failure!"
Jeff Foresman
Louisville InfoSec 2014

Many organizations have achieved PCI DSS compliance but as past breaches have shown, some companies are not really compliant. This presentation is a case study covering many years of assessing companies that thought they were compliant, but did not meet the requirements as they believed. We will review failures in scoping, segmentation, storage of cardholder data, security testing, logging and development. We will also discuss problems organizations will face with implementing the new PCI DSS v3. Each case study will include what should have been done to meet compliance. outline What Attendees Will Learn in This Session 1. Identify common failure points in PCI DSS compliance 2. How to correctly segment and scope a PCI environment 3. How to achieve PCI DSS compliance 4. What is new in the PCI DSS v3 standard Jeff Foresman is a founding partner of Pondurance. Jeff manages our compliance practice that specializes in PCI, HIPAA, ISO 27000 and NIST 800-53 advisory services. He also assists clients with developing and implementing information security programs to meet regulatory compliance. Prior to starting Pondurance, Jeff worked for the PCI Security Council, Fishnet, Verizon Business and Sarcom. In addition to his consulting and management duties, Jeff is also the president of the Central Indiana ISSA Chapter, as well as, being certified as a PCI-QSA, CISSP, CHSP and CEH.

Back to Louisville InfoSec 2013 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast