PCI DSS Part 2 – Attacks and Sources of Risk

Invite Friends
Facebook Twitter Google+ LinkedIn Email
Description
Virtual Practice Lab
Practice Test
Resources
PCI DSS Part 2 – Attacks and Sources of Risk

Despite increased awareness of security threats to financial data such as cardholder information, the frequency of data breaches doesn’t appear to be slowing down. Some of the more well-known cardholder data breaches occurred over recent years at Adobe, Target, Neiman-Marcus, Target, and Home Depot. Target reported that around 40 million card numbers were stolen, but it’s suspected that the actual number was much higher.

Securing such data requires strong enforcement and begins a the top of the organization. Senior management either gets it or they don’t. In this video we cover the sources of attacks, the various types, and policies and procedures to thwart them.

Attacks can originate either internally or externally. Most attacks occur from external sources (64%), but internal attacks are still a large area of concern. Where external attacks are most often malicious, internal ones can also be unintentional and the result of carelessness or ignorance. Stolen laptops, scams, and social engineering are the most common exploits from within.

The information, or more accurately, the assets that require protecting consists of the standard credit card information such as card number, expiration date, and security code. Protecting this data comes under the umbrella of risk management, which consists of risk assessment, risk analysis, and risk mitigation. We’ll discuss these particular processes in more detail in the other videos in this module.

Watch the Course Intro Video
Learn on the go.
The app designed for the modern cyber security professional.
Get it on Google PlayGet it on the App Store
Recommended Study Material

PCI/DSS PowerPoint notes & PDF version

Practice Labs and Exam Vouchers

Congratulations! You're taking the first step to getting certified. Get some hands on experience with available practice labs OR save some money, support Cybrary, and purchase discounted exam vouchers. Ready to earn your next industry certification? Join cyber security's largest community and start learning today.

JOIN CYBRARY

Upcoming Industry Events

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

Cybrary|0P3N

How to Evade AV with OWASP-ZSC – Part 1
Views: 269 / January 20, 2018
Tracking IP info with its Metadata
Views: 926 / January 19, 2018
UNMASKED: Skygofree, FISA, and Google
Views: 625 / January 19, 2018
Error Based Injection
Views: 1568 / January 18, 2018
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel