Moscow Poly IT-faculty and “Infosystemy Jet” company invite everyone on the webinars, dedicated to data security.
The registration is available via the link (in Russian).
May 26, 19:00.
PCI DSS standard.
PCI DSS (Payment Card Industry Data Security Standard) – is a common safety standard, which is essential for goods and services providers who receive plastic cards as a payment method. When the bank card industry breached the digital space, there appeared the first plastic cards, ATMs and POS-terminals, which could interact with the new type of cards, it became evident that the data must be protected from fraudulences and thefts. Digital money needed protection no less than physical currency. The centralization of inner payment programs requirements helped to unite the safety requirements and the PCI DSS standard appeared in 2004.
The agenda:
· Why it is necessary to follow the standard`s requirements;
· PCD and BCD code: the core of a plastic card;
· The standard`s area of application;
· A shot info on “the black box”, the main terminology of the standard and the participants of payment: issuers, acquirers, merchants, IPS, service-providers;
· The trip of a bank transaction: authorization, clearing, mutual payments;
· The standard’s sections and main requirements;
· PCI DSS integration process and priority approach: the stages of implementation;
· Security measures, required by the standard;
· Scope concept and subtlety of application. Connected system components and the components, influencing the safety of PCD. Ways of application narrowing. The network segmentation, isolation;
· Ways of validation confirmation;
· QSA – the status acquirement particularities, requirements for teams and staff.
The speaker: Alexander Morkovchin, the group leader.
May 31, 19:00.
CII (critical information infrastructure).
CII is an enterprise infrastructure, working in the fields which are of extremely importance for the government. Due to digital technologies application in different companies, cyber-threats are also applicable to the industry, transport, medicine, financial and scientific sectors. In order to avoid any terminations and disfuntions in these organizations’ activities, the legislation of the Russian Federation determines the security measures for the protection of critical informational infrastructure, located on the territory of the Russian Federation. The webinar will provide insights into the legislation, regulating the CII protection and the actions of the organizations, subject to this legislation.
The agenda:
· The legislation terminology;
· Which enterprises must follow the legislation requirements;
· How to determine the assets to be protected and categorize them according to the criticality of data importance;
· State control and responsibilities for violations in the CII domain;
· What is GosSOPKA and how to connect to it.
The speaker: Elena Beregovaya, a senior consultant on data security.
