CPISI – Certified Payment Industry Security Implementer

Adopt a forensics-driven learning approach for better data security and compliance

We help you ensure a robust security posture

In today’s evolving payments landscape, most of the organizations are failing to maintain their security compliance due to poorly trained or untrained employees for securing the critical data

As per SISA's 2020
report

From the recent PFI investigations, SISA has observed 38% of the organizations were compliant at the time of the breach. On further analysis, we found two root causes for most of the data breach.

We help you make security a priority

44.1% of the respondents, from the breached organization, agreed that the poorly trained or untrained employees as the major cause while 18.56% of the respondents agreed that the lack of technical safeguards and the security processes as a core reason.

Being a pioneer in payment security excellence, SISA has curated CPISI, a Certified Payment Industry Security Implementer workshop, to scale with the data security standards and incorporate learnings from data breaches as PCI Forensic Investigator for more than a decade.

CPISI is a comprehensive program designed to impart knowledge on the policies and procedures of PCI implementation.

The 2-day workshop helps to bridge the gap in the awareness of organizations towards implementing effective PCI security controls and ease the PCI DSS compliance journey.

Undergoing Certified Payment Industry Security Implementer workshop plays a crucial role in upholding better data security. The PCI training helps every Information Security stakeholder in proactive PCI implementation across functions and act against threats in advance that may occur at any point in time.

CPISI 2 Day Workshop Agenda

Day 1

  • Information Security Principles
  • Data classification and Technology
  • Corporate Governance
  • Understanding payment ecosystem
  • PCI DSS Family of Standards
  • Network Engineering, Segmentation & Scoping - Req 1
  • Apply Secure Configurations to All System Components - Req 2
  • Protect stored Account Data - Req 3
  • Protect Cardholder Data with Strong Cryptography During Transmission Over Open, Public Networks - Req 4
  • Protect All systems and Networks from Malicious Software - Req 5
  • Email Comprise and Learnings (Case Study)

Day 2

  • Develop and Maintain Secure Systems and Software - Req 6
  • Restrict Access to System Components and Cardholder Data by Business Need to Know - Req 7
  • Identify Users and Authenticate Access to System Components - Req 8
  • Restrict Physical Access to Card Holder Data - Req 9
  • Log and Monitor All Access to System Components and Cardholder Data - Req 10
  • Test Security of Systems and Networks Regularly - Req 11
  • Support Information Security with Organizational Policies and Programs-Req 12
  • Targeted Risk Analysis
  • Wallet application Comprise and Learnings (Case Study)

CPISI 3 Day Workshop Agenda

Day 1

  • Information Security Principles
  • Data classification and Technology
  • Corporate Governance
  • Understanding payment ecosystem
  • PCI DSS Family of Standards
  • Network Engineering, Segmentation & Scoping - Req 1
  • Apply Secure Configurations to All System Components - Req 2

Day 2

  • Protect stored Account Data - Req 3
  • Protect Cardholder Data with Strong Cryptography During Transmission Over Open, Public Networks - Req 4
  • Protect All systems and Networks from Malicious Software - Req 5
  • Develop and Maintain Secure Systems and Software - Req 6
  • Restrict Access to System Components and Cardholder Data by Business Need to Know - Req 7
  • Email Comprise and Learnings (Case Study)
  • Wallet application Comprise and Learnings (Case Study)

Day 3

  • Identify Users and Authenticate Access to System Components - Req 8
  • Restrict Physical Access to Card Holder Data - Req 9
  • Log and Monitor All Access to System Components and Cardholder Data - Req 10
  • Test Security of Systems and Networks Regularly - Req 11
  • Support Information Security with Organizational Policies and Programs-Req 12
  • Targeted Risk Analysis
  • Mock Examination
  • Insiders Threats and Learnings (Case Study)
  • 12.5 million unique card data breach & Learnings (Case Study)

SISA’s CPISI Authorized Trainers

Prajwal Ramakrishne Gowda
Sr. Consultant

Prajwal is the Senior Consultant and RAC Lead for Asia-Pacific and South-SAARC region at SISA.

He has been involved in Payment Card Industry and Payment Application Data Security Standard, ISO 27001 Controls Gap Analysis, ISMS & Risk Analysis & Management Practices like OCTAVE and ISO 27005, Information Security Audit and Network Security.

Nandan Yadav
Risk and Compliance Consultant

Nandan is one of the PCI QSA at SISA leading the Delhi-NCR region.

He has provided consultations, audited and certified leading e-commerce, IT, BPOs, payment gateway, service providers, etc. on PCI DSS Compliance.

He has also successfully implemented PCI Compliance and share his experience through CPISI workshops.

Key Takeaways

  • A complete overview about 12 requirements
  • Gain implementation knowledge from real case scenarios and recent payment data breaches
  • Understand the roots of two new standards, PCI PIN Security and PCI 3DS
  • Understand the concepts of payment ecosystem and PCI DSS security controls

Who can participate?

Information security professionals, security analysts and higher management from the following industries:

  • Payment Gateways and Service Providers
  • Banking
  • eCommerce & mCommerce merchants and retailers
  • IT & ITES

CPISI Exclusive

  • CPISI course is designed by payment security specialists to address the pain points in effective PCI standards implementation
  • A comprehensive course including the essence of SISA’s PFI breach investigations
  • Sessions will be taken by trainers with immense experience in handling compliance in Banking, Fin-tech, E-commerce, IT and ITES

Workshop Participants Testimonial

Trainers stress on participation by candidates made the session lively and enjoyable.

Very useful information and relevant to today’s
status.

The training was very useful to understand the payment card industry standard.

The trainer was very knowledgeable and the workshop helped us to gain knowledge necessary for both personal and business development.

Trainers are SME’s, competent and knowledgeable enough to understand, respond and clarify participants queries.

My second CPISI and this was the best.

Request a Call

Country*
Offerings*
Your Message
How did you hear about us?


Validate your certificate

Please Note: Certified Payment-Card Industry Security Implementer (CPISI) is an independent payments industry certification offered by SISA for payment security professionals, relating to the Payment Card Industry Data Security Standard (PCI DSS).

The PCI DSS is managed and developed by the PCI Security Standards Council (PCI SSC), who provides its own PCI DSS training and certification programs. SISA is not affiliated with or endorsed by PCI SSC.

For more information about PCI DSS, kindly check PCI SSC’s website at https://www.pcisecuritystandards.org.

Related Articles

Infosec Report

SISA Top 5 Forensics Driven Learnings 2020

Whitepaper

DIGITIZATION IN UAE | An Answer to the Rising Threats and Vulnerabilities

Whitepaper

RBI Issues Master Direction on Digital Payment Security Controls

SISA’s Latest
close slider