PCI DSS: The State of Cardholder Data Attacks

In this course, you’ll learn about the criminals’ ways of working from an experienced (PFI) Forensic Investigator and discover what actually happens in the course of a PCI forensic investigation.
Course info
Level
Intermediate
Updated
Jan 16, 2019
Duration
1h 26m
Table of contents
Description
Course info
Level
Intermediate
Updated
Jan 16, 2019
Duration
1h 26m
Description

In this course, PCI DSS: The State of Cardholder Data Attacks, John Elliott and Aaron Willis dive into data breaches and the development of the PCI DSS. Learn all about the criminals’ ways of working from an experienced PFI, discover the control failures that typically give criminals the opportunity to mount a successful attack, and discover what actually happens in the course of a PCI forensic investigation. By the end of this course, you’ll have a solid understanding of how these criminals operate and an inside glimpse of a PCI forensic investigation.

About the author
About the author

John Elliott is a data protection specialist. He helps organizations comply with regulations in a sensible and pragmatic way, balancing business needs, risk and regulations.

More from the author
PCI DSS: Infrastructure Security
Intermediate
1h 50m
Oct 21, 2019
More courses by John Elliott
About the author

Along with being the senior Forensic Analyst at SecurityMetrics, Aaron Willis has over 25 years of diverse experience in all aspects of IT security, business intelligence, data mining, SaaS consulting, and programming.

Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hello. My name is John Elliott. Welcome to the course, PCI DSS: Data Breaches and Attacks. I'm a data protection specialist with a particular interest in protecting payment card data. I was Visa Europe's representative on the Payment Card Industry Security Standards Council, which means I had the pleasure of contributing to the many of the PCI standards including PCI DSS. And I'm Aaron Willis, and I'm a PCI Forensic Investigator working for SecurityMetrics. I'm the person who gets called in when a payment data breach has happened. I'm also an expert in forensic investigations and teach at Utah Valley University. In this course, we delve into the parts of PCI payment security I hope you never experience, data breaches. We're going to find out the common ways that criminals stole payment card data from other merchants and what it would've taken to stop them. First off, you learn the things you need to do when you think a breach has happened, how quickly you respond, and what you can do to limit the damage. Next, you'll discover what happens when someone like me, a Forensic Investigator, walks through your door, what we are going to do, why we're going to do it, and how you can help us. Then we're going to dive into some of the breaches I've seen and helped clear things up. We'll discuss how the criminals broke in, what PCI DSS requirements were missing, and how the attack could have been stopped. By the end of this course, you'll have a great understanding of how breaches happen and what you need to do if you suffer a data breach. We do hope you'll join us for the PCI DSS: Data Breaches and Attacks course, here at Pluralsight.