Security SIG: Compliance with Payment Card Industry Security Mandate



  • The Monthly Meeting of the Security SIG



    Compliance with Payment Card Industry Security Mandate

    The last several years have seen an unprecedented assault on personal and financial data that customers have entrusted to retailers, banks, service providers and credit card companies. The Payment Card Industry Security Data Standard, or PCI, protects cardholders and businesses by establishing standard practices for processing, storing and transmitting credit card data. This presentation explores the compliance requirements for PCI data security, participation and validation requirements, and selection requirements for selecting a PCI compliance service vendor. It also provides a live demonstration for QualysGuard PCI. Based on industry-leading on-demand vulnerability management and policy compliance technology, QualysGuard PCI provides an online PCI self-assessment questionnaire, pre-defined PCI scanning on all external systems, and automated report generation with online filing.


    About The Presenters

    Terry Ramos \ Director, Strategic Development, Qualys

    Terry Ramos, the Director of Strategic Development for Qualys helps drive the strategic direction, market alignment, partnerships, and integrated technologies. Terry has been involved with the Payment Card Industry (PCI) Data Security Standard from the beginning. At Qualys, he spearheaded the PCI initiative to develop and bring to market a solution that will help organizations automate the PCI process and achieve compliance. Terry has 15 years experience in IT industry with the last seven specifically focused on information security. Prior to joining Qualys, Terry was a Regional Technical Manager at VeriSign, responsible for Sales Engineering in the Enterprise Sales Division. Before VeriSign, Terry was a Senior Technical Security Manager at SBC where helped design SBC’s perimeter security infrastructure and network security architecture. Terry is a frequent speaker at security conferences and forums. He has also authored a number of related articles in the fields of network and information security. Terry holds CISSP certification.

    Bernie Weidel \ PCI Product Manager, Qualys

    Bernie Weidel, Product Manager for QualysGuard PCI is responsible for evaluating customer/partner requirements, integrating them into the product, and driving PCI to market. Bernie has been developing methods to achieve and evidence compliance since 2000, when he designed a HIPAA compliance program for Scarborough Insurance Agency. Prior to joining Qualys, Bernie was an Infrastructure Security Project Manager at Adobe Systems where he implemented, managed and streamlined SOX and PCI compliance programs. He was also responsible for various aspects of security such as Web Application Security, Database Security, PDA Security and Vulnerability Management. Before Adobe, Bernie worked for Symbol Wireless Technologies as a Wireless Systems Analyst; designing, installing and troubleshooting/fine tuning Enterprise Wireless Networks. Bernie holds MCP, CCNA and CWNA certifications.

    Event Logistics


    Cubberley Community Center
    4000 Middlefield Road, Room H-1
    Palo Alto, CA


    6:30 - 7:00 p.m. Registration / Networking / Refreshments / Pizza
    7:00 - 9:00 p.m. Presentation and Discussion


    $15 at the door for non-SDForum members
    No charge for SDForum members
    No registration required

    More on the Security SIG...