Would a system that just mediating encrypted card and cardholder data be in scope for PCI DSS certification?
@cutpaperpaste13 күн бұрын
Well said
@hswplays14 күн бұрын
great content sir
@user-zg2bx4oz2pАй бұрын
we see it regularly on the news ? what news are you watching hehehe
@JossOrtanАй бұрын
Excellent video! Mark Hinely's explanation of data privacy was clear and informative. What do you think is the biggest challenge organizations face in maintaining data privacy?
@andreabarrazaruiz2135Ай бұрын
do the course can be virtual?
@Baneofhumanity242 ай бұрын
Without any context, I have no idea what you're talking about.
@marko3582 ай бұрын
Is there guidance on how quickly a "finding" from the review needs to be remediated?
@avenueb3 ай бұрын
Evaluate threats that are out there, huh? Bit more prescriptive guidance would be helpful here. There are currently 4,567,999,123,453 threats out there.
@JESUS.saves.Repent.3 ай бұрын
Do away with data brokers, people finder websites, and make more public records "private" or only accessible in person from a government building. Force the stalkers to go before a county clerk on camera and give their ID in order to request info on someone! We the people want privacy!! The owner of an address should only be public information when it gets put up for sale. The government should know to prevent voter fraud. But the average citizen with no official authority should not have access to everyone's address and info.
@EyobJetey4 ай бұрын
Does multifactor authentication and the standard satisfies this requirement?
@EyobJetey4 ай бұрын
Does multifactor authentication and the standard satisfies this requirement?
@EyobJetey4 ай бұрын
Does multifactor authentication and the standard satisfies this requirement?
@EyobJetey4 ай бұрын
Does MFA plus the standard satisfies this standard?
@NiiAdjeteyBoye4 ай бұрын
What do you mean by standards? Are you referring to policies?
@mustafaka3bouchi4 ай бұрын
Thanks for nice short videos . I have a question : Are normal users who entre mailed credit card payment information into a Virtual terminal are required to have MFA?
@k.82974 ай бұрын
This is an awesome RESOURCE! Thanks!
@KirkpatrickPrice4 ай бұрын
Glad it was helpful!
@jabedhasan79804 ай бұрын
Sir, cyber physical sytem(power) is it related to aws or Networking?Thank you sir
@KirkpatrickPrice4 ай бұрын
When you're outsourcing to AWS, you will be responsible for looking at their Attestation of Compliance and monitoring their compliance with the physical security controls. AWS is responsible for maintaining the power capabilities in their data center.
@imtiazuddin3804 ай бұрын
Great...I have audited each of your content and found no SEO optimized setup. If you do Title SEO, Thumbnail SEO, Description and Viral Keyword SEO for your KZbin channel content then views engagement will increase.
@lethukuthuladlamini48625 ай бұрын
Thank you
@alewho5 ай бұрын
Great info keep em coming
@iashish78185 ай бұрын
Just finished watching 13 minutes video about data processing and didnt understand anything, this video solves my confusion in less than 1 minute. Hats Off
@KirkpatrickPrice5 ай бұрын
Thanks for your feedback!
@riokot5 ай бұрын
When you are able to understand you can explain simply like he did. 💯
@gala-technology5 ай бұрын
Learn how one company tackled PCI Compliance and fraud related chargebacks, the compelling story of Secure Order Transfer (SOTpay)'s inception: kzbin.info/www/bejne/l4Gvhqynob6bacU
@jmar32565 ай бұрын
don't know what type of content KZbin is recommending me based on what I watch but this dude seems pretty cool!
@KirkpatrickPrice5 ай бұрын
He is a pretty cool guy! If you find yourself ever needing a cybersecurity audit, let us know and we'll partner you with Steven.
@NiiAdjeteyBoye5 ай бұрын
Where do you get evidence for such roles
@KirkpatrickPrice5 ай бұрын
In PCI 4.0 requirement 7.1.2 talks about roles and responsibilities related to performing the activities within requirement 7. Evidence for this usually comes in the form of a RACI matrix, or just list of the different job roles which manage/maintain/conduct the various aspects of requirement 7. This would be a document which is reviewed and approved by responsible personnel and treated as a standard policy document. Be sure to reach out if we can help you with PCI 4.0 or another audit framework ([email protected]).
@quentamoss6 ай бұрын
Great advice
@animeworld_073507 ай бұрын
thanks
@isstudents79238 ай бұрын
Where I find the updated version of it because I have the 2012 one and outdated
@KirkpatrickPrice7 ай бұрын
NIST 800-30 hasn't been updated since 2012. Tried and true risk management principles really don't change that much, so it's still a good process for implementing a risk assessment methodology.
@SK-ju8si8 ай бұрын
great video ! thank you
@KirkpatrickPrice7 ай бұрын
Glad you liked it!
@metalsnake00 Жыл бұрын
you could put PC in front of you and read from there, then by side, looks weird and nooby
@miannt8248 Жыл бұрын
Currently doing PCI certification thanks
@KirkpatrickPrice10 ай бұрын
How's your PCI certification process going? Let us know if we can be of any help!
@user-di7be4ye6f Жыл бұрын
Thank you
@KirkpatrickPrice Жыл бұрын
You are welcome!
@KJTB Жыл бұрын
Thanks for the info.
@KirkpatrickPrice Жыл бұрын
You are welcome.
@aqeelalhajouni Жыл бұрын
Dr. Can you tell why it's why and not how/force, more examples please to understand, cheers
@KirkpatrickPrice Жыл бұрын
A policy addresses the ‘why.’ For example, our organization strives to keep data private due to regulations such as HIPAA and GLBA. A procedure addresses ‘how.’ For example, when you transmit sensitive data, ensure that you encrypt using AES 256.
@xYetiman228x Жыл бұрын
This is the most wack shit I’ve ever seen
@yorusama5011 Жыл бұрын
Thanks for doing these short vids. Keep it up
@KirkpatrickPrice Жыл бұрын
You are welcome! Feel free to check out more reliable videos on KirkpatrickPrice's website. kirkpatrickprice.com/
@supereliptic Жыл бұрын
Nice to see InfoSec subjects appearing in YT shorts. I know you can’t learn much from them, but it at least puts the idea of security on computers being an important subject in the mind of the public.
@KirkpatrickPrice Жыл бұрын
Thank you! KirkpatrickPrice values serving others through educational resources that empower and inspire others to stayed informed on the importance of information security.
@KJTB Жыл бұрын
Nice, short & sweet. 👍🏿
@KirkpatrickPrice Жыл бұрын
We love to get to the point!
@giftofgod2532 Жыл бұрын
Where would you suggest one finds a partner? When most people today aren't trust worthy, nor have the vision necessary to accomplish the objectives. Any suggestions? Or reading material that might substitute a partner?😂
@KirkpatrickPrice Жыл бұрын
A good partner is trustworthy and won't let you down. One suggestion is to interview potential security partners and find out about their values and their skillset. It's important to find someone who aligns with your expectations. We'd love to talk to you at KirkpatrickPrice.com!
@MechaFenris Жыл бұрын
The cloud is just another term for someone else's disks.
@KirkpatrickPrice Жыл бұрын
You're exactly right. Keep spreading the message that you have to protect your cloud assets just like you would your local ones.