by Jill Van Hoesen

1. Skeletal Elements of your Organization’s IT Systems Deter, Detect and Defend Against Data Breaches Information Security Program & Payment Card Industry Data Security (PCI DSS) Compliance for Your Business

3. 77 Million Users 10 Million Credit Card Compromised Accounts Losses ??? Millions of Names and Email Addresses of over 2,500 Major Companies Consequences??

4. 94 Million Compromised Accounts 83 Million Dollars in Losses 4 Million Compromised Accounts 100’s of Compromised Accounts 50,000+ Credit Card Transactions Processed Yearly 20,000+ Credit Cards Numbers

6. Essentials Elements of a Successful Information Technology Security Program

30. Payment Card Industry Data Security (PCI DSS) Compliance for Your Business

33. We all can help to Deter, Detect and Defend against ID Theft with these 5 easy steps: Take Stock – Know Where the Info Is Scale Down – Keep Only What is Needed Lock It – Protect the Info We Do Keep Pitch It – Properly Dispose of What We Don’t Plan Ahead – Create a Plan to Response to a Breach

35. The Road to PCI DSS Compliance is dependent on the Merchant Level & Self Assessment Questionnaire (SAQ) Validation Types

37. Self Assessment Questionnaire (SAQ) Validation Types

43. Maintain Information Security Policy Requirement 12 SAQ A,B,C,D Regularly Test Security Systems/Processes Requirement 11 SAQ C,D Track & Monitor Access to Network Resources & CHD Requirement 10 SAQ C,D Restrict Physical Access to CHD Requirement 9 SAQ A,B,C,D Assign Unique ID for each person w/ computer access to CHD Requirement 8 SAQ C,D Restrict CHD Access to Business Need-to-Know Requirement 7 SAQ B,C,D Develop & Maintain Secure Systems/Applications Requirement 6 SAQ C,D Use & Regularly Update Anti-Virus Software Requirement 5 SAQ C,D Encrypt Transmission of CHD across Public Networks Requirement 4 SAQ B,C,D Protect Stored CHD Requirement 3 SAQ B,C,D Change All Defaults Passwords & Security Parameters Requirement 2 SAQ C,D Install & Maintain Firewall Configuration to protect CHD Requirement 1 SAQ C,D Security Requirements for PCI DSS Compliance

45. Prioritized Approach to Pursue PCI DSS Compliance Tool https://www.pcisecuritystandards.org/documents/Prioritized_Approach_PCI_DSS_version1_2.xls

46. PCI Compliance in its simplest form is; if you don’t need the cardholder data - then don’t store it, if you store it, you must protect it.

48. Questions??