We had our first PCI-DSS V3.0 training, with a total of 15 participants from various industries ranging from Oil and Gas, Payment (of course) and service organisations participating. It was held in our Training area in PKF HQ at the penthouse floor of 1 Mont Kiara.
We spent the day covering various topics, from the basics of PCI-DSS, its history, history of breaches, a deep dive into the 12 requiremens, V3.0 differences and changes and more importantly, implementation scenarios. SAQs (Self Assessment Questionnaires), a constant source of consternation amongst our clients were also covered in detail, and examples of which industry or business model would fit which SAQ was given.
The final part was probably the most fun. We went through scenario by scenario and broke down the attack and defence scenarios of the Target Retail Breach in 2013.
Thank you, all participants for making the training interesting and fun, especially not an easy task given the dryness of PCI requirements – specifically after a heavy lunch.
Additional training materials for V3.0 is found at this link.