PCI DSS v3.0 Masterclass – the world’s first PCI DSS v3.0 training course


Essential PCI DSS v3.0 update  training for Information Security Managers, Security Engineers, System Administrators, IT Directors, PCI DSS Project Managers and Business Managers involved with PCI DSS Compliance.

PCI DSS Training Course Dates


Courses are held in Central London on a regular basis. The training attracts CPE/CPD credits and an earlybird booking discount is available. Please see the booking form at the bottom of this page for availability and pricing.

PCI DSS v3.0 Masterclass
1 day course
23 May 2014
16 June 2014
16 July 2014
Advanced PCI DSS Training
2 day course
22-23 May 2014 sold out
12-13 June 2014
17-18 July 2014
Introduction to PCI DSS Training
1 day course
22 May 2014
10 June 2014
15 July 2014

Course Summary


PCI DSS v3.0 brings many changes, that we at 2-sec have been busily reviewing.  Compared to PCI DSS v2.0, the format is similar, but there have been important additions that bring PCI DSS up to the level of the more pervasive standards, such as ISO 27001.

Whilst the standard brings additional guidance, if the intent of controls is misunderstood then the guidance can be misread and leave your company exposed to risks.  With small class sizes and plenty of one-on-one instructor time with some of the world’s most experienced QSAs and Payment Security Experts, 2-sec training courses aim to bridge the gap between ambiguous, grey information found on the PCI SSC website (and indeed the standard itself), and help you make black and white decisions.

PCI DSS v3.0 without a doubt has got bigger, and will add to assessment times.  Entities will have until January 2015 to formally adopt PCI DSS v3.0 in their organisations. Our one-day advanced update seminar will cover the key topics, bringing in global PCI DSS experts to update you on which changes will matter most.

PCI DSS v3.0 Masterclass Agenda


Pre-requisites – experience of PCI DSS and basic knowledge of applying PCI DSS v2.0 (please see our other courses if this does not apply)

09:00 – Registration
09:30 – Introduction – Tim Holman, CEO 2-sec and President, ISSA-UK
10:00 – PCI DSS v3.0 Overview.  Why was it needed?
11:00 – Networking break
11:15 – PCI DSS Scoping, Asset Management and Inventories for PCI DSS v3.0
12:00 – Change Control.  The days of unauthorised or ad-hoc changes will be well and truly over, for those that want to meet the intent of PCI DSS v3.0.
12:30 – Lunch
13:30 – Compensating Controls, Risk Assessments and 3rd Party Security Assurance
14:30 – Testing, Monitoring, Real-Time Compliance. PCI DSS v3.0 means making security business as usual.
15:15 - Networking break
15:30 – Question Time Panel – answering your questions around PCI DSS
16:30 – PCI DSS v3.0 from a QSA’s perspective.  How will the audit approach change and what can entities do to prepare before a PCI DSS v3.0 trained QSA walks through the door?
17:30 – Closing Thoughts – Tim Holman, CEO 2-sec and President, ISSA-UK

The PCI DSS v3.0 is not formally released until January 2014 – agenda subject to change.

2-sec PCI DSS Trainers


Martin Petrov – CISSP, CISA, PCI-QSA
Senior Consultant, 2-sec

Martin has worked as an Information Security Consultant on various enterprise scale projects for customers such as government agencies, ministries, banks, international corporations, blue chip service providers as well as a number of small and middle sized companies.Martin has over 12 years experience within the information security arena of which 5 years as a full time PCI DSS auditor having executed over 75 compliance audits for a significant number of European processors, acquiring banks, payment service providers and large merchants.As a subject matter expert Martin has lead over 20 PCI DSS training seminars for 2-sec, Visa International and Visa Europe across the EMEA region. Martin holds the following certifications:

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Systems Auditor (CISA)
  • Payment Card Industry – Qualified Security Assessor (PCI – QSA)

Tim Holman PCI-QSA PA-QSA
CEO and Founder, 2-sec
President ISSA-UK

Tim has over 18 years professional experience with data, network and information security. His career began with IBM in 1995, working with blue chip clients such as ICL, Lloyds TSB, British Airways and Panasonic before moving into consulting roles with Dimension Data, Top Layer Networks, Trustwave, QCC, Blackfoot and founding 2-sec in 2011.Tim is one of the UK’s best-known Cyber Security experts, featured in the press, online media and speaking at industry events. He has held the covered Microsoft Security MVP Award and has been President of the UK’s leading trade association for security professionals – ISSA-UK, for 3 years.Tim’s expertise is around PCI DSS, ISO 27001, PA-DSS, PTS, Application Security and Penetration Testing, and Tim holds the following certifications:

  • Payment Card Industry – Qualified Security Assessor (QSA)
  • Payment Card Industry – Payment Application Qualified Security Assessor (PA-QSA)
  • Payment Card Industry Professional (PCIP)

David Froud CISSP CISA CRISC PCIP PCI-QSA
Senior Consultant, 2-sec

David has over 13 years experience in areas of Information, Internet, and Computer Security, including regulatory compliance (both Government and Corporate), secure architecture design, Governance framework design, Data Privacy & Protection, and Secure Payments. As a Managing Consultant / Project Manager for several Fortune/FTSE ‘Enterprise Class’ clients, David has performed dozens of on-site assessments for Level 1 Merchants and Service Providers globally.David is a frequent speaker at industry events, and recently served as Director, Delivery for Europe, Middle East and Africa & Asia Pacific at Trustwave, managing the delivery of security consulting services in the regions. David holds the following certifications:

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Systems Auditor (CISA)
  • Certified Information Systems Manager (CISM)
  • Certified in Risk and Information Systems Control (CRISC)
  • Payment Card Industry – Qualified Security Assessor (PCI – QSA) – 2006 – 2013
  • Payment Card Industry Professional (PCIP)

PCI DSS Training Course Repertoire


Our training course has been delivered globally and uses the most developed, mature PCI DSS courseware you will find anywhere. Our training manual is 300+ pages and full of useful information that will help you in your day to day jobs managing and supporting PCI DSS environments.  Over the last 3 years we have delivered over 20 courses across the world and are well respected as the leader in Advanced PCI DSS Training.

  • London, United Kingdom – June 2009
  • Brussels, Belgium – July 2009
  • Cape Town, South Africa – December 2009
  • Dubai, UAE – March 2010
  • Johannesburg, South Africa – March 2010
  • Zagreb, Croatia – April 2010
  • Moscow, Russia – May 2010
  • Nottingham, United Kingdom – June 2010
  • Sarajevo, Bosnia – September 2010
  • Cairo, Egypt – September 2010
  • Belgrade, Serbia – October 2010
  • London, United Kingdom – October 2010
  • Warsaw, Poland  – November 2010
  • Dubai, UAE – February 2011
  • Athens, Greece – October 2011
  • London, United Kingdom – March 2012
  • London, United Kingdom – June 2012
  • London, United Kingdom – September 2012
  • Lagos, Nigeria – October 2012
  • London, United Kingdom – November 2012
  • London, United Kingdom – January 2013
  • Bradford, United Kingdom – February 2013
  • London, United Kingdom – June 2013

PCI DSS v3.0 Masterclass Bookings


Courses are held in Central London on a regular basis. The training attracts 7 CPE/CPD credits and an earlybird booking discount is available. You may book tickets online below, or submit a purchase order to contact@2-sec.com, specifying desired dates.  We can also arrange closed courses at your offices, for  minimum of six delegates.

Earlybird tickets offer a discount of £100, and must be booked at least 45 days before the course starts.