In this course, PCI DSS: The State of Cardholder Data Attacks, John Elliott and Aaron Willis dive into data breaches and the development of the PCI DSS. Learn all about the criminals’ ways of working from an experienced PFI, discover the control failures that typically give criminals the opportunity to mount a successful attack, and discover what actually happens in the course of a PCI forensic investigation. By the end of this course, you’ll have a solid understanding of how these criminals operate and an inside glimpse of a PCI forensic investigation.
Along with being the senior Forensic Analyst at SecurityMetrics, Aaron Willis has over 25 years of diverse experience in all aspects of IT security, business intelligence, data mining, SaaS consulting, and programming.
Course Overview Hello. My name is John Elliott. Welcome to the course, PCI DSS: Data Breaches and Attacks. I'm a data protection specialist with a particular interest in protecting payment card data. I was Visa Europe's representative on the Payment Card Industry Security Standards Council, which means I had the pleasure of contributing to the many of the PCI standards including PCI DSS. And I'm Aaron Willis, and I'm a PCI Forensic Investigator working for SecurityMetrics. I'm the person who gets called in when a payment data breach has happened. I'm also an expert in forensic investigations and teach at Utah Valley University. In this course, we delve into the parts of PCI payment security I hope you never experience, data breaches. We're going to find out the common ways that criminals stole payment card data from other merchants and what it would've taken to stop them. First off, you learn the things you need to do when you think a breach has happened, how quickly you respond, and what you can do to limit the damage. Next, you'll discover what happens when someone like me, a Forensic Investigator, walks through your door, what we are going to do, why we're going to do it, and how you can help us. Then we're going to dive into some of the breaches I've seen and helped clear things up. We'll discuss how the criminals broke in, what PCI DSS requirements were missing, and how the attack could have been stopped. By the end of this course, you'll have a great understanding of how breaches happen and what you need to do if you suffer a data breach. We do hope you'll join us for the PCI DSS: Data Breaches and Attacks course, here at Pluralsight.