Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Â
Pci dss and isms workshop
1. PCI DSS and ISMS Workshop
Upgrade your knowledge in IT Security
PCI DSS & ISMS Workshop
Hotel Gran Melia, Jakarta, 23 May 2014
Transfer
Please forward the payment by Bank Transfer to
following account:
PT TUV Rheinland Indonesia
Bank Mandiri.Ketapang Branch
Acc No.: 115.0098017009
And send the confirmation of your bank transfer to us
via fax to (021) 579 44 575 or e-mail to
marketing@idn.tuv.com
Precisely Right.Precisely Right.
Investment:
IDR 500.000 include PPN 10%
(Include training kit, materials, coffee break, lunch)
Manage credit card fraud risk
Learn about ISMS Risk Management
Know important certifications
Direct Payment
PT TUV Rheinland Indonesia
Menara Karya 10th Floor
Jl. H.R. Rasuna Said Block X-5 Kav. 1-2
Jakarta 12950 - Indonesia
Phone +62-21-579 44 579
Fax +62-21-579 44 575
Email marketing@idn.tuv.com
www.tuv.com/id
Cancellation Policy
ïŹ Organizer reserves the right to postpone and
cancel the event.
ïŹ If you are unable to attend, a substitute delegate is
welcomed at no extra charge. Please, provide the
name and title of the substitute delegate at least
one week before the seminar.
ïŹ In case the cancellation takes place within one
week before the workshop, a cancellation fee of
100% of the conference price will apply.
2. Menara Karya 10th Floor
Jl. H.R. Rasuna Said, Block X-5 Kav. 1-2
Jakarta 12950 - Indonesia
Phone +62 21 579 44 579
Fax +62 21 579 44 575
Email jakarta@idn.tuv.com
www.tuv.com
Jl. Dr. Saharjo No.45
Jakarta 12850 - Indonesia
Email vehicle@idn.tuv.com
safety@idn.tuv.com
URO Building
6th Floor, Zone 1A
Medan 20151 - Indonesia
Phone +62 61 414 9467
Fax +62 61 416 0152
Email medan@idn.tuv.com
Graha Pena 5th Floor, Suite R 501
Jl. Raya Batam Center
Batam 29461 - Indonesia
Phone +62 778 460 750
Fax +62 778 460 760
Email batam@idn.tuv.com
Wisma CIMB Niaga
9th Floor, Suite 904
Jl. Jend. Gatot Subroto No. 2
Bandung 40262 - Indonesia
Email bandung@idn.tuv.com
IKAT PLAZA Building D, No. 02-04
Jl. By Pass Ngurah Rai 505
Email bali@idn.tuv.com
Graha Pena 17th Floor, Suite R - 1701
Jl. A. Yani No.88
Email surabaya@idn.tuv.com
Jl. Jend. Sudirman No. 59
Yogyakarta 55225 - Indonesia
Phone +62 274 551 970
Fax +62 274 551 980
Email yogyakarta@idn.tuv.com
Compliance Audit and Advisory Service
For secure payment card transaction and cardholder data environment
Payment Card Industry Data Security
Standard (PCI DSS)
TĂV,TUEVandTUVareregisteredtrademarks.Utilizationandapplicationrequirespriorapproval.S.01SB006enJP08111.0
What is PCI DSS ?
Credit Card Fraud
PCI DSS ( Payment Card Industry Data Security
Standard) is the common security standard of
the major credit card brands. Regardless of their
size, organizations that process, store, and
transmit payment card information must be PCI
DSS-compliant. To secure your business and
increase your customer confidence, achieving
PCI DSS compliance is a clear indicator of thr
conscientious care with which you handle
sensitive customer data.
All entities that are involved in
payment card processing such as:
ïŹ Traders ïŹ Processors
ïŹ Acquirers ïŹ Issuers
ïŹ Service Providers
ïŹ Other entities that store,
process or transmit cardholder
data or data authentication
sensitive (Sensitive
Authentication Data).
ïŹ Those who want to manage
and control the information
security in their company
Andreas Gehrmann,
Dipl. Phys.
Has twenty years experience in
assessment, training,
consultancy and business
development in the
Asia Pacific region
He has conducted assessments,
training and consultancy based on
diverse standards. During the
recent years he has developed risk
assessment services with focus on
the needs of ICT Supply Chain
Security, Smart Grid, Automotive
and BPO Industry. He holds a
master of Physics from the
Technical University Berlin, his
bachelor degree covered Electronic
Data Processing and Chemistry. He
has received a research grant from
the German DAAD.
Credit card fraud is a major concern for the Financial Service Industry. Beyond the compliance with
regulations, it is an essential risk to be managed because fraud destroys marketplace trust and effects
economic growth negatively. Financial fraud is increasing as the global financial services industry
continues to expand and becomes more connected. This session is about the impacts of credit card
fraud followed by advice on effective efforts to reduce it.
Integration of ISMS Risk Management in an Enterprise Risk
Management Framework
Information Security Risk Management and Enterprise Risk Management are commonly the most
formally developed aspects of risk management. However, different risk concepts and assessment
methods creating islands of risk management activities.The lack of integration of risk management
causes unnecessary doubling of work, limits the effectiveness or risk management and disables
organization to address risks in a holistic manner.
Through this event, we will give an account of common obstacles in integration and explain how
to use ISO 31000, ISO 27001, and PAS 99 to build a framework for integration.
To whom is it relevant?
The standard basically requires to :
ïŹ Build and maintain a secure IT network
ïŹ Protect cardholder data
ïŹ Maintain a vulnerability management
program
ïŹ Implement strong access control measures
ïŹ Regularly monitor and test networks
ïŹ Maintain an information security policy
Time Agenda
08.00 - 08.30 Registration
08.30 - 09.00 Opening from President Director
and Introduction Company Profile
09.30 - 09.30 Integration of ISMS Risk Management
09.30 - 10.00 Coffee break and networking
10.00 - 10.30 Introduction about PCI DSS
10.30 - 11.00 Credit Card Fraud Risk Mitigation
11.00 - 11.30 Panel Discussion
11.30 - finish Lunch
Who should attend?
Dr. Gajendran Kandasamy
Senior Manager Training
Consulting and Information
Security at
PT TUV Rheinland Indonesia
Dr. Gajendran Kandasamy is Head
of Innovation and Enterpreneur-
ship in Binus Business School. He is
a Research Associate in Imperial
College London (2011- 2012),
University of Heidelberg (2003)
and Visiting Researcher in
University of Cambridge (2006-
2008). His accreditations are :
Certified Information Systems
Security Professional (CISSP) ,
Qualified Security Assessor (QSA)
and Certified Sustainability
Reporting Specialist.
Hendrix Yaputro
General Manager at
Equine Global
Hendrix Yaputro is a certified ISO
27001 Lead Auditor. He has 19
years of experience in the financial
service technology (since March
1995). His core competence
comprises payment card, core
banking system, audit
management system, and anti-
money laundering system. He
published relevant literature titled
âDetermining Credit Card Fraudâ
using statistical methods.