Contact NTT Security

Training your team is the best way to control the Security of your business

    

Create knowledge within your company by training your team and benefit from highly qualified security experts. People are your most important asset to be successful in anything you do, and security needs experience and dedication. Speak the security language, provide your staff with all of the skills needed to make sure that your business is constantly monitored and empowered. Your customers are going to appreciate your efforts and will pay you back with a high level of trust.

NTT Security is able to assist you by providing your staff with valuable training sessions. Take a look at the available training and feel free to contacts us with any related questions.

 

PCI DSS Implementation

The training is based on real life experience of PCI DSS project implementation, illustrated by a range of examples, supported by group exercises and presented by an expert trainer with a wealth of experience in both assessing PCI DSS compliance as a QSA and implementing PCI DSS compliance as Information Security Manager. The view of experienced former Payment Application Qualified Security Assessor (QSA and PA-QSA) is provided.

The training is finished with a practical group exercise summarizing the contents and ensuring participants are able to apply gained knowledge practically.

Target Audience
People in managerial positions related to PCI DSS compliance, Project managers, Fraud management and prevention staff, Information security managers and officers, payment application vendors.

Duration
2 days of comprehensive training that covers all aspects of PCI DSS implementation journey.

The training can be provided over one day instead, without an in-depth walkthrough of 12 sections of the standard. Reducing technical complexity level from Medium to Low.

Content of the training

  • Payment Card Industry Overview
  • Scoping
  • Compensating Controls
  • Emerging Technologies
  • In-depth walkthrough of 12 sections of the standard.

 

ATM Security

The training is based on industry best practices, illustrated by a range of examples and presented by an expert trainer with a wealth of experience in dealing with ATM industry issues in different regions. The training also covers ATMs and their applicability to Payment Card Industry Data Security Standard (PCI DSS). The point of view of an experienced Qualified Security Assessor (QSA) is provided. Plenty of case studies are discussed in-depth simulating real life risk management decision making.

The training is finished with a practical group exercise summarizing the contents and ensuring training participants are able to apply gained knowledge practically.

Target Audience
People in managerial positions related to ATM lifecycle, Fraud management and prevention staff, ATM engineers and administrators, Information security managers and officers, payment application vendors.

Duration
2 days of comprehensive training that covers all aspects of ATM lifecycle security.

The training can be provided in 1 day, with an emphasis on physical or logical security depending on the audience.

Content of the training

  • ATM Physical Security
  • ATM Logical Security
  • PIN & Encryption Security
  • Cash Security (incl cash trapping and transaction reversal fraud)
  • Card Security (incl card skimming and trapping)
  • Cardholder Security (Customer Awareness Programme)

 

Secure SDLC

The training is based on the industry accepted best practices in terms of software development and the security of software engineering. Industry references include SANS, PCI and NIST recommendations. Training topics are presented through an interactive approach which tends to involve the audience as much as possible. Each topic is provided with a Question/Answer session led by the trainer. Additionally, on-site exercises on secure coding, code reviews, threat modelling and secure design will be organized and submitted individually to each participant.

The training might include, upon request, a verification questionnaire, including all main topics of the course, in order to allow NTT Security to statistically score the awareness of the audience upon concluding the training.

Target Audience
Programmers, IT Project managers, Software Architects, Product Owners.

Duration
2 days of comprehensive, onsite training covering all aspects of the Secure SDLC.

Upon request, the training can be provided remotely or in the form of 1 day of intensive training focused on specific aspects, based on specific needs.

Content of the training

  • Secure Software Concepts
  • Securty Requirements
  • Secure Design
  • Secure Coding
  • Input and Output Validation Best Practices
  • Code Review and Exercises

Contact NTT Security