Develop invaluable cybersecurity skills through interactive training during SANS 2021 - Live Online. Register now.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

How SANS Critical Security Controls Lead to PCI DSS Quick Wins

  • Tuesday, March 24, 2015 at 3:00 PM EDT (2015-03-24 19:00:00 UTC)
  • John Pescatore, Chris Strand


  • Carbon Black

You can now attend the webcast using your mobile device!



SANS‚ Critical Security Controls for Effective Cyber Defense include a set of a quick wins‚ that represent a consensus-based view of the most impactful cybersecurity steps you can take to protect your systems and critical data. Do these first ‚ and do them well ‚ to address the advanced targeted threats. facing your organization today.

A bonus benefit of introducing these controls to your environment is they also overlap with many of the requirements of the PCI DSS, including the updates found in version 3.0 of the standard. For example, PCI DSS Requirement 5 now calls for organizations to evaluate and protect against evolving malware threats, which overlaps with SANS quick wins, CSC 5-1 and 5-2. Also, the updated PCI DSS Req. 6 states that organizations should identify and apply a risk ranking to files and vulnerabilities, which coincides with SANS quick win 4-1.

Join us for this informative webinar, where we‚ll dig into these and other such examples to show you how to simultaneously address SANS best practices and PCI DSS requirements, leading to a compliant ‚ and more secure ‚ position.

Speaker Bios

Chris Strand

Christopher Strand, PCIP, is security compliance practice director and Bit9's subject-matter expert on enterprise network and application security solutions and how organizations can deploy positive security solutions to maintain and improve their compliance posture. Strand has more than 20 years of information technology experience, having previously held security/compliance positions with Trustwave, Tripwire, EMC/RSA and Compuware. A PCI professional (PCIP) and former quality security assessor (QSA), Strand speaks frequently at industry events and is quoted regularly by the media on security and compliance issues. He earned a bachelor's degree in environmental engineering from the University of Guelph in Ontario, Canada.

John Pescatore

John Pescatore joined SANS as director of emerging security trends in January 2013, bringing with him over 35 years of experience in computer, network and information security. Prior to SANS, he was Gartner's lead security analyst for more than 13 years, working with Global 5000 corporations, government agencies and major technology and service providers. In 2008, John was named one of the top 15 most influential people in security and has frequently testified before Congress on issues relating to cybersecurity.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.