This online course provides employees with essential knowledge to recognise, prevent, and respond to information security risks in line with PCI DSS v4.0. Participants will learn how to protect cardholder data, follow organisational security policies, identify common threats such as phishing or malware, and adopt secure behaviours in day-to-day operations. Interactive examples and scenario-based exercises reinforce understanding and compliance, ensuring employees contribute effectively to the organisation’s security posture.
Fees
COURSE OUTLINES
Agenda
-
Introduction to PCI DSS
- What is PCI DSS and why it matters
- Overview of PCI DSS v4.0 updates
- Importance of protecting cardholder data
-
Understanding the Cardholder Data Environment (CDE)
- What constitutes the CDE
- Examples of systems and processes involved
- Employee roles in securing the CDE
-
Organisational Security Policies & Procedures
- Overview of your company’s security policies
- Acceptable use of end-user technologies (part of Requirement 12)
- Responsibilities and expectations for all staff
-
Threats & Vulnerabilities (15 mins)
- Common threats to the CDE:
- Phishing
- Social engineering
- Malware and ransomware
- Real-world examples and case studies
- How these threats impact your organization
- Common threats to the CDE:
-
Secure Behaviour & Best Practices
- Password hygiene
- Device security (BYOD policies)
- Safe browsing and email practices
- Reporting suspicious activity
-
Compliance & Accountability
- Annual training and acknowledgment requirements
- Tracking and enforcement of training completion
- Role of audits and assessments
-
Knowledge Check & Acknowledgment
- Quick quiz or interactive scenario
- Employee acknowledgment of understanding policies
COURSE DETAILS
Course Details
- Course Duration: approximately 45–60 minutes
- Delivery: Course is delivered via our LMS platform
- Access Period: Upon registration, participants have two weeks to complete the course
- Target Audience: All employees handling cardholder or sensitive data, or accessing IT systems