Policy execution consumes your resources time, is a myth
Spare 2 minutes to find out!
Let's Talk
Get certified auditors for framework & implementation
Spare 2 minutes to find out!
Let's Talk
Our audit reports help you to the achieve compliance certificate
Spare 2 minutes to find out!
Let's Talk
what is PCI DSS?
PCI DSS is the Payment Card Industry Data Security Standard that was set to maintain a secure way to process credit card payments online by mandating security around storage and transmission of cardholder’s data and reducing data thefts.
The PCI standard has 12 high-level requirements which the organization has to follow in order to stay PCI compliant.
Benefits of PCI DSS Compliance
Build trust and boost the confidence of your customers
Boosting customer’s trust in your security
Prevents data breaches
Avoiding penalties/fines imposed by banks or card companies
Recent hacks
WannaCry: Ransomware attack(2017)
Affected more than 200,000 computers across 150 countries, with damages ranging up to billions of dollars.
Boston Children’s Hospital DDoS attack (2016)
DDoS attack led to donations page being shut down and an estimated 300,000 dollars lost in repairs.
Risk of “medjacking”
The security flaw that researchers discovered in General Electric respirators and anaesthesia machines.
PCI DSS Principles
PCI DSS is the global data security standard adopted by the payment card brands for all entities that process, store or transmit cardholder data. The 12 requirements set forth by the PCI SSC are both operational and technical, and the core focus of these rules is to protect cardholder data at all times.
All requirements pertain to a principle, and these principles are:
Maintain firewall to protect consumer data
Secure network
Protect and encrypt cardholder data transmissions
Data protection
Maintain secure systems by targeting vulnerabilities.
Risk management
Restrict access to cardholder data by a need-to-know basis.
Access control
Regularly monitor networks and track access to resources, maintain a policy that addresses security.
Maintenence
Do you know?
98%
of cyber attacks rely on social engineering.
43%
of IT professionals said they have been targetted by social engineering schemes.
21%
of current or former employees use social engineering to gain financial advantage for revenge, curiosity or fun.
Want a quick PCI DSS
assessment?
WSA Approach
WSA adopts a phased approach to implement the PCI DSS compliance.
Phase 1: Information Gathering and Gap Assessment
Kick off meeting
Scoping-
Understanding the business flow
Identify and define the PCI DSS scope for compliance
Gap Assessment- Review the compliance requirements versus the scope
Phase 2: Security Assessment Phase
Risk assessment
Vulnerability Assessment and Penetration Testing of the infrastructure and applications in scope
LAN Segmentation Testing
Firewall Ruleset Review
Phase 3: Remediation Phase
Consulting on How to mitigate the Gaps
PCI DSS Awareness training
Review Policies and Procedures
Modify or Create Policies and Procedures
Support for closure of the Gaps
Phase 4: Certification Phase
Prepare staff and service providers for final PCI DSS assessment
QSA Assessment
Take a peek into sample report
Our deliverables are comprehensive in nature that address both technical and business audiences.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok