Retooling Your PCI-DSS Compliance Approach – ZwillGen Webinar

Published On August 27, 2014 | By Amy Mushahwar | General
TwitterLinkedInFacebookRedditCopy LinkEmailPrint

Headlines such as “Russian Hackers Amass Over a Billion Internet Passwords,” “Hospital network hacked, 4.5 million records stolen” and “One in seven U.S. consumers notified of personal data breaches in 2013” remind us that every company is only a hack, leak or a mistake away from an unwanted data disclosure. So what can you do to help protect your company and its customers?

More troubling that amidst such a heightened data breach environment, consumers are sending mixed signals. Experian and the Ponemon Institute’s “Aftermath of a Mega Data Breach: Consumer Sentiment” indicates that the increase in consumer data breach notifications and related media coverage has caused consumers to become more apathetic. Rather than taking immediate action to change passwords and protect themselves, “data breach fatigue” is setting in and keeps some from resetting passwords, being extra vigilant in watching for targeted phishing attacks and taking advantage of credit monitoring products offered when a data breach occurs. Consumer – and even employee – apathy is a ripe environment for a long tail of fraud after a data breach, making proactive security steps all the more important.

Starting in September 2014, ZwillGen will present a Security Boot Camp Series on a variety of information governance and security topics that can help companies retool their proactive security posture, improve their incident response strategy and better document their security diligence. As ZwillGen’s Marc Zwillinger recently stated in Experian’s Annual Data Breach Debrief, “During an incident, it’s important to be able to collect, document and record sufficient information about the data breach and response efforts to ensure that you can explain what occurred during the early phases of the breach and demonstrate that your response was reasonable.” Our Security Boot Camp Series will give your team the tools to do so.

We would love to personalize this series and focus on specific topics of interest as we hear from clients and friends of the firm. If you have a topic suggestion or a specific question, please let us know.

Boot Camp Session One – September 22, 2014
Retooling Your PCI-DSS Compliance Approach
Presented by Amy Mushahwar & Mason Weisz

If your company accepts payment cards or otherwise transmits or stores cardholder data, chances are security concerns keep you up at night. The members of the Payment Card Industry Security Standards Council (made up of representatives from the major card brands: Visa, MasterCard, American Express, Discover and JCB) incorporated the PCI Data Security Standard (PCI-DSS) as the technical requirements of each of their data security compliance programs to help merchants protect valuable customer data. However, as an in-house counsel, CIO or CISO, you may find that making sense of even just the main 112-page PCI-DSS 3.0 document is a daunting task.

This webinar will expand on our existing payment card security alert and focus on topics of interest to both nascent and experienced compliance programs alike, such as:

• Appropriate Data Storage Decommissioning,
• Network Segmentation,
• Internal vs. External Vulnerability Scanning,
• Incident Response, and
• Card Brand Investigation Procedures Post-Breach.

Webinar Time: Monday, September 22nd from 2:30 to 3:30 p.m. EST

This boot camp session will be open to all ZwillGen clients, members of InfraGard, members of the CISO Executive Network and friends of the firm.


For additional questions about the Security Boot Camp Series or Session One – Retooling Your PCI-DSS Compliance Approach, please contact Jennifer Russell:

Featured Photo By Tyler Bolken from Flickr