Thursday, 30 April 2015

Guest Speaker for University of South Wales (Information Security Research Group) - CyberSecurity and the Payment Card Industry

I had the pleasure to be invited as a guest speaker to the University of South Wales in order to give a talk about CyberSecurity and the Payment Card Industry more specifically for the Information Security Research Group (ISRG).
The talk included an introduction to the Payment Card Industry (PCI),  Payment Card Industry Data Security Standard (PCI DSS) and the Payment Card Industry Security Standards Council (PCI SSC). The participant had an opportunity to understand what is an Approved Scanning Vendor (ASV), a Qualified Security Assessor (QSA) and last but not least a PCI Forensics Investigator (PFI).

The students were introduced to penetration testing types, practices, methodologies, real stories from the industry, tools, and techniques. Black Box testing versus White Box testing was explained, the significance of white-listing was discussed and comparison of ASV, Vulnerability Assessment and Penetration Testing was given.

The second part of the talk focused on Cybersecurity and the security of payments systems, including the exploitation of Point-of-Sales (POS) devices and Virtual Terminals. The students were excited to see real world examples regarding the security of these payment terminals.

The talk was initially given to students undertaking the BSc in Computer Security and Ethical Hacking along with students from the BSc in Computer Forensics. After the talk receiving excellent feedback from the students and the lecturers which participated the session, I was asked to give this talk once more on a different date to the students undertaking the MSc Computer Systems Security. 

No comments:

Post a Comment