7MS #409: PCI Professional Certification (PCIP)
SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount!
Today I'm starting a journey to become a PCI Professional (PCIP), and I'll be periodically updating the status of this journey on the 7MS forums.
You don't need to be a QSA to get a PCIP, but you do need "2 years in IT or payments related background to have your application approved."
The PCIP certification gives you (and I'm quoting from the PCI Web site):
- Principles of PCI DSS, PA-DSS, PCI PTS, and PCI P2PE Standards
- Understanding of PCI DSS requirements and intent
- Overview of basic payment industry terminology
- Understanding the transaction flow
- Implementing a risk-based prioritized approach
- Appropriate uses of compensating controls
- Working with third-parties and service providers
- How and when to use Self-Assessment Questionnaires (SAQs)
- Recognizing how new technologies affect the PCI (e.g. virtualization, tokenization, mobile, cloud)
The test costs + exam for a non-participating organization (like 7MS) is $2,500. You also have to re-up every 3 years for $260 (yay, another thing to have to pay for regularly).
In the miscellany department:
-
Do you know someone who would enjoy a live 3-song acoustic concert? Check out my family's new ministry, Q.U.A.C.K. - Quarantined Unplugged Acoustic Concerts of Kindness.
-
A Webinar on creating kick-butt cred-capturing phishing portals is happening on Tuesday, April 14! Register here!