|
Does your company transmit, store, or process Credit
Cards from Visa, MasterCard, American Express, JCB,
or Discover? If so, you have a Payment Card Industry
(PCI) compliance requirement. We will help you meet
your PCI requirements and get you back to doing what
you do best, business.
Logical Security provides the best PCI Services in
the industry. With unrivaled expertise, our team
draws from years of experience in working with
organizations such as Bank of America, Citigroup,
Cisco, Warner Brothers, AT&T, and American Express,
just to name a few of our clients.
As shown in the diagram below, we have developed a
broad range of PCI Services including our Gap
Assessment, Remediation, Formal QSA Assessment, and
Maintenance Services.
When it comes to protecting your reputation and
customer data, we understand that the utmost care
must be taken. At the same time, we understand that
in this economy, companies face daily challenges and
often have to choose between function and security.
We believe you can do both. We do not believe in
chasing technologies or standards, we believe in
getting to the root of the issue and doing it right,
the first time.
We will start by performing a Gap Assessment. This process normally takes
a few days and includes time for us to train your personnel on PCI compliance, get to know more about your environment, and perform a gap analysis, which is derived from the PCI Data Security Standard. Then, we will deliver a quality report with findings and recommendations for remediation and compliance.
Next, if required, we can assist you with the Remediation Guidance phase. We will help you with your policy, process, and technical controls and follow the PCI SSC recommended milestone program. We will cover all the ground necessary to help you achieve PCI compliance.
Our Formal QSA Assessment
verifies that your administrative, technical,
and physical controls are PCI compliant and
results in a Report on Compliance (ROC) as
required by the PCI SSC.
If necessary, we can setup the Maintenance Service
phase, which allows you to ensure that your
organization is continually compliant no matter
what changes take place within your environment or
the PCI regulatory requirements. We will provide
expert security and compliancy guidance and carry
out the re-certification process as deemed necessary.
We are also able to assist you in completing a
Self Assessment Questionnaire (SAQ) if your
organization has this PCI requirement.
Cost of being non-compliant:
| PCI Classification |
Card Provider |
Cost for Non Compliance Prior
to Breach |
Cost for Non-Compliance after
a Breach (same for all) |
Level 1 Merchants
(6 Million
Cards/year) |
Visa |
Up to $25k/mo |
- Up to $500k fine from each of the 5 card
brands (Up to $2.5M)
- Losing the ability to process cards in
the future
- Mandated on-site audits with QSA
- Cost for re-issuing cards
- Unlimited liability for all fraudulent
charges (easily $500k per card brand)
- Possible class-action law suits
- Possible Federal investigation
- Additional Potential Fines:
- Egregious violation ($500k)
- Failure to report ($100k)
- Storing full track data
- $50k initial fine
- $100k monthly
|
| MasterCard |
- $25k 1st quarter
- $50k 2nd quarter
- $100k 3rd quarter
- $200k 4th quarter
|
Level 2 Merchants
(1-6 Million Cards/year) |
Visa |
Up to $5k/mo |
| MasterCard |
- $25k 1st quarter
- $50k 2nd quarter
- $100k 3rd quarter
- $200k 4th quarter
|
Level 3 Merchants
(20k-1 Million Cards/year) |
Visa |
Up to $5k/mo |
| MasterCard |
- $10k 1st quarter
- $20k 2nd quarter
- $40k 3rd quarter
- $80k 4th quarter
|
Level 4 Merchants
(less than 20k/year) |
Visa |
None at this time |
| MasterCard |
None at this time |
It is important to realize the cost of being
non-compliant.
We can help you avoid these costs. We look forward
to earning your business!
About Shon Harris and
Logical Security
Shon Harris, CISSP is the founder and CEO of
Logical Security, a computer security
consultant, a former engineer in the Air Force’s
Information Warfare unit, an instructor, and an
author. She has authored three best selling CISSP books, was a contributing author to the
book Hacker’s Challenge, a contributing author
to the book Gray Hat Hacking, a contributing
author to the Security Information and Event
Management (SIEM) Implementation book and is
currently working on a Security+ book. Ms. Harris has developed a full
digital information security product series for
Pearson publishing. Ms. Harris also works with
various law firms as an information security
expert witness.
Ms. Harris has consulted for several companies
in the U.S., including American Express, Warner
Brothers, Bridgestone\Firestone, Citibank,
CitiFinancial, AOL, Cisco and many more. Her
competencies range from setting up risk
management programs and developing enterprise
network security architectures to constructing
enterprise-wide security programs that connects
computer security and business needs in a
synergistic manner.
Ms. Harris has extensive knowledge and practical
experience pertaining to legal and regulatory
compliance. She has worked with the largest
corporations within the U.S. to become compliant
with OCC, SOX, GLBA, HIPAA, PCI, and SAS70.
Ms. Harris has taught information security to a
wide range of clients, some of which have
included Microsoft, Department of Defense,
Department of Energy, National Security Agency,
Bank of America, Defense Information Systems
Agency, RSA, U.S. Military Academy at West
Point, and many financial institutions.
Ms. Harris was recognized as one of the top 25
women in the Information Security field by
Information Security Magazine.
Our team is committed to helping you meet all of
your security and compliancy needs. We
understand the risks of the 21st century and
know how to protect you against them.
Download Brochure
Get in touch with us today to find out more information!
|
