The most valuable asset in any organization is the people that make it function on a day-to-day basis. Developing a Security Awareness Program is essential for any organization that seeks to reduce the risk of data loss and theft, assure that information assets are appropriately secured, and meet various regulatory requirements. PCI training and security awareness training is now a mandatory requirement for any business or organization that accepts credit cards or processes cardholder information.

Every credit card processor can be audited according the the following checklist (page 55 of the PCI DSS Requirements and Security Assessment Procedures, v1.2):

Click this link to view a 22 minute demo of the Enterprise Security Awareness for IT Users course

The Payment Card Industry Data Security Standards are explained clearly to your staff, emphasizing their responsibility towards securing cardholder information:

• Users are taught the 12 requirements for PCI DSS compliance.
• Interactive training provides a captivating and enjoyable learning experience.
• An exam and policy acknowledgement form at the end of the course confirms your employees’ completion of the material.
• Reports can be easily generated for your own records or in the event of a PCI audit.
• InfoSec Institute can customize your course with your organization's logo on each screen, links to your policies, appropriate contact information, and a frequently asked questions area.

Users are taught the following 12 required modules for PCI DSS compliance:

• Requirement 1: Install and maintain a firewall configuration to protect cardholder data
• Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
• Requirement 3: Protect stored cardholder data
• Requirement 4: Encrypt transmission of cardholder data across open, public networks
• Requirement 5: Use and regularly update anti-virus software
• Requirement 6: Develop and maintain secure systems and applications
• Requirement 7: Restrict access to cardholder data by business need-to-know
• Requirement 8: Assign a unique ID to each person with computer access
• Requirement 9: Restrict physical access to cardholder data
• Requirement 10: Track and monitor all access to network resources and cardholder data
• Requirement 11: Regularly test security systems and processes
• Requirement 12: Maintain a policy that addresses information security

InfoSec Institute's Enterprise Security Awareness program leverages a vast store of content and training delivery methods to provide your users with an unparalleled security awareness program. The program can be comprised of some or all of the following components:

• Instructor-Led awareness sessions from three hours to two days in length.
• Interactive, self-paced, web based training.
• Individual SCORM-compliant modules that can be imported into almost any Learning Management System (LMS).
  
• Testing, exam scoring and certification of students.
• Additional compliance modules for Sarbanes-Oxley (SOX) and HIPAA.
• Customized awareness collateral including posters, mouse pads, pens, etc.

Click this link to view a 22 minute demo of the Enterprise Security Awareness for IT Users course

Instructor-Led Awareness Sessions:
There is no better method of security awareness knowledge transfer than an Instructor-Led Awareness Session. With attention grabbing modules on relevant topics such as phising scams, email security and best practices for remote workers, we ensure that our instructors have the best content and courseware to present. Couple this with live demos of real-world threats and vulnerabilities, as well as concrete remediation steps users can take, the Instructor-Led Awareness sessions hit home with even the most pessimistic user population.

InfoSec Institute instructors are considered Subject Matter Experts (SMEs), having authored many top information security books and spoken at leading conferences. Additionally, our instructors all know how to manage and engage an audience for maximum participation and knowledge transfer.

Interactive, self-paced, Web Based Training:
InfoSec Institute has developed a proprietary web-based learning portal for organizations that prefer a Web-Based Training (WBT) Security Awareness. The content of the WBT can be customized to include relevant modules for any organization. The WBT delivery method leverages significant cost savings, and allows students to train at their own pace.

Individual SCORM-Compliant Modules:
InfoSec Institute can make available any of our modules in SCORM-compliant format for input and delivery through almost any Enterprise Learning Management System (LMS). These modules can be used to augment existing content, or can be arranged in a manner most appropriate for organization's with an existing LMS.

Testing, exam scoring and certification of students:
In order to establish a ROI, many organizations will opt for the testing and certification of students participating in a Security Awareness Program. InfoSec Institute will utilize our exam portal to proctor an exam Onsite at your organization or via the Internet. We can make use of an existing exam, or, develop a new customized exam if requested.

If you are interested in learning more about our Enterprise Security Awareness Program, please contact us toll free at +1-866-471-0059 ext. 1, or directly at +1-708-689-0131 ext. 1.