Not rendering correctly? View this email as a web page here.
PCI-Monitor-Banner-1.png
 In This Issue: 25 January 2017
  • Free PCI Awareness training - 24 hours only
  • Coming soon: SAQ updates
  • Nomination period for 2017-2019 Board of Advisors now open
  • Agenda for PCI Middle East and Africa Forum
  • Two locations for ISA training in March

As always, if you have questions, concerns, or suggestions on how to improve this weekly communication for POs, please email us at: pcimonitor@pcissc.org.


PCI NEWS & PROGRAM UPDATES

FREE Awareness Training in Support of Data Privacy Day
The Council applauds the National Cyber Security Alliance’s initiative to raise awareness and encourage global collaboration on data protection. Breach incidents underscore the increasingly complex challenge of securing sensitive data, and the need for a global cross-industry approach to data security that involves strong law enforcement, advances in technology and industry collaboration on effective security standards. As a Data Privacy Day Champion, today the Council announced a number of initiatives to educate the marketplace in support of Data Privacy Day.

PCI Awareness training helps companies educate employees who handle cardholder data on the fundamentals of payment security. The Council is offering FREE Awareness eLearning to the first 1,000 people to register from noon 26 January – noon 27 January. Learn more about the training offering by visiting the Council’s special landing page.

Additional efforts to support Data Privacy Day include the release of two new cybersecurity resources to educate businesses on data protection:

  • Defending Against Ransomware provides tips and resources for protecting against the fastest growing malware threat today.
  • Best Practices for Securing E-commerce can help online businesses understand their threats, in light of growing card-not-present (CNP) fraud, and determine the best resources and solutions to protect their data. The resource was developed by a PCI Special Interest Group, and will be available on the PCI SSC website on 31 January

 > View the Data Privacy Day Press Release

 
data-privacy-logo-monitor.jpg

Coming Soon: SAQ Updates
On 30 January the PCI SSC will publish minor updates to Self-Assessment Questionnaires (SAQ), the validation tools that eligible merchants and service providers use to report the results of their PCI Data Security Standard (PCI DSS) self-assessment. The changes clarify points of confusion PCI SSC has heard from industry stakeholders since the SAQs were updated to align with PCI DSS version 3.2 in April 2016.

There is a transition period to allow merchants time to review changes to applicable SAQs and prepare to adopt them. Merchants may continue to use the SAQs published in April 2016 until 30 September 2017. Starting on 1 October 2017, merchants will need to use the updated SAQs. Prior to 1 October 2017, merchants can use either the April 2016 or the January 2017 version of the SAQs.

The updated SAQs will be available in the Document Library on the PCI SSC website on 30 January. The PCI Council encourages you to review the key changes to these SAQs to understand and prepare for how you and/or your merchant customers may be impacted by these.

As a reminder, merchants should contact their acquirer or the applicable payment brand(s) to understand if they are eligible or required to submit an SAQ, and if so, which SAQ is appropriate for their environment. The SAQ Instructions and Guidelines document also provides additional guidance about the PCI DSS self-assessment process and the different SAQs.

 
survey.jpg

PARTICIPATION OPPORTUNITIES

Nomination Period for 2017-2019 Board of Advisors Now Open
Nominations are now being accepted for 2017-2019 Board of Advisors. As strategic partners, members of the PCI SSC Board of Advisors play an active role in improving data security around the world.

Demonstrate your expertise and leadership and impact payment security globally. Provide your industry, regional and technical insight to PCI Council plans and projects. Shape the global industry standards and resources that deliver practical on-the-ground solutions for protecting payment card data. Consider running for the Board of Advisors.

 > Nominate yourself or a colleague for Board of Advisors

 
make-global-monitor.jpg

Cape Town Awaits
Atlantic Ocean… Indian Ocean. Explore both while you are in Cape Town. A beautiful location for a day of networking and learning. Check out the agenda for the Middle East and Africa Forum being held on 29 March in Cape Town. Then pack your bags – hope to see you there.

 >Register here
 >Book your hotel room
cape-town2.jpg

TRAINING

Want to be an Assessor?
We have classes on two continents in March – choose Internal Security Assessor (ISA) training in Austin, Texas or Cape Town, South Africa. The two-day class is being held in these cities on 27-28 March. Space is limited – register today to better understand the current PCI DSS.

Here’s what a previous attendee had to say about ISA training:

“It was great to listen to the instructor - with his vast knowledge and experience. He did a good job of turning the subject matter into an enjoyable and thought provoking course. I found it enlightening to learn about common misconceptions and how the precise wording of a requirement is critical to assessing compliance.”
- Dubai training attendee

 >Apply now

isa.gif
 

Events

Merchant Payments Ecosystem 2017
16 Feb – Berlin, Germany
Presenter: Jeremy King

Travel Technology Europe Show
22 Feb – Olympia, London
Presenter: Jeremy King

Segurinfo
14 March – Buenos Aires, Argentina
Presenter: Carlos Caetano

MAC Conference
22 March – Las Vegas, NV
Presenter: Troy Leach

PCI Middle East & Africa Forum
29 March – Cape Town, South Africa

Stay up to date with PCI Security Standards Council! Follow us today.

linkedin-rounded.png twitter-rounded.png blog-rounded.png