Name: Master the Core PCI DSS 4.0 Requirements with QSA Advice
Start: 2023-06-07T03:00:00Z
End: 2023-06-07T03:01:00.000Z
Location: BrightTALK
Rating: 4.8

Thales is a global leader in cybersecurity, helping the most trusted companies, organizations and governments around the world protect critical applications, sensitive data, and identities anywhere at scale. Through our innovative services and integrated platforms, Thales helps customers achieve better visibility of risks, defend against cyber threats, close compliance gaps, and deliver trusted digital experiences for billions of consumers every day.

En la industria de servicios financieros, proteger la información confidencial es fundamental para mantener la confianza y el cumplimiento. Exploraremos los desafíos únicos que enfrentan las instituciones financieras al administrar secretos, incluidas claves API, credenciales y claves de cifrado. Los expertos de la industria discutirán las mejores prácticas, los requisitos regulatorios y los estudios de casos que resaltan la importancia de la gestión de secretos para proteger los datos de los clientes y mantener la integridad operativa.

El papel fundamental de la Gestión de Secretos en los Servicios Financieros

In today's rapidly evolving digital landscape, managing secrets such as API keys, credentials, and other sensitive information is crucial for maintaining security and operational efficiency. The "Secrets Management 101" webinar will provide a comprehensive overview of the challenges associated with secrets management and present effective solutions to address these issues.

We will explore common problems such as hardcoded credentials and insecure storage and discuss how modern secrets management solutions offer centralized control, enhanced security, and streamlined processes. Attendees will learn about the benefits of implementing a robust secrets management system, including improved protection against unauthorized access, regulatory compliance, and operational efficiency.

Join us to gain valuable insights into best practices for managing secrets, discover real-world success stories, and understand the steps required to integrate a secrets management solution into your organization. This webinar is designed for IT professionals, security experts, and anyone interested in safeguarding their sensitive information.

Secrets Management 101: The Key to Security

Which is the best secret management solution out there? Join us for an enlightening session on avoiding pitfalls when choosing the best secrets management solution for your organization. In this webinar, we will delve into how CipherTrust Secrets Management security’s approach stands out in the realm of secrets management and  the key requirements for choosing the ideal solution for your organization. 

Discover how CipherTrust Secrets Management powered by Aykeless (CSM) simplifies your secrets management by eliminating the complexity and cost associated with managing multiple vaults across different platforms. With up to 70% lower total cost of ownership (TCO), you’ll learn how to cut costs by reducing the overhead of deploying, managing, scaling, and maintaining vaults. 

Experience enhanced security and functionality through patented technology and automated secrets rotation, which provide seamless and fortified security for your sensitive data. Explore top features unique to CSM, including automated secret rotations, dynamic secrets with extensive third-party connections, and universal secrets management. 

In this session, we will also highlight innovative capabilities such as automated secrets migration, a universal identity UID, and advanced reporting tools that enhance operational efficiency and security. Whether you’re looking to streamline your secrets management processes or enhance your security posture, this webinar offers valuable insights and practical tips to help you compare to other solutions.

Avoid pitfalls in choosing the best secrets management solution

In an increasingly complex regulatory environment, organizations must prioritize effective secrets management to protect sensitive information and comply with frameworks like the Digital Operational Resilience Act (DORA), Cloud Computing Compliance Controls Catalog (C5), and the Network and Information Systems Directive (NIS2). 

This webinar will explore the critical role of secrets management in maintaining operational integrity, enhancing security postures, and meeting compliance requirements. Industry experts will discuss best practices for implementing secrets management solutions, including access controls, encryption, and monitoring. 

Participants will gain actionable insights on navigating the compliance landscape while safeguarding their organizations against potential threats.

Simplifying Compliance: Secrets Management for DORA, C5, and NIS2

Join us for a thought-provoking fireside chat, "Unlocking Secrets Management: Streamlining DevOps Security". In this webinar, see how Thales and Akeyless are revolutionizing secrets management security practices in DevOps environments.

Discover how to simplify the lives of DevOps professionals by seamlessly integrating security into their workflows. Our experts will explore key topics such as not hardcoding security updates, automated secrets lifecycle management, and the essential role of secrets management in enhancing overall DevOps security posture.

Whether you are new to secrets management or looking to optimize your current practices, this webinar will provide valuable insights and practical strategies. Join us as we discuss real-world applications, industry best practices, and how to securely accelerate their CI/CD pipelines across diverse cloud and on-premises environments.

Don't miss this opportunity to gain expert perspectives and engage in a lively discussion that aims to elevate your understanding of secrets management within DevOps. Register now and be part of the conversation that shapes the future of secure DevOps practices.

Unlocking Secrets Management: Streamlining DevOps Security

Join us for an insightful fireside chat exploring the vital role of centralized secrets management in the realms of DevSecOps and IT Security Infrastructure. Gain valuable perspectives from a customer who successfully implemented a centralized secrets management solution. Learn firsthand about the pivotal factors influencing their decision-making process, including key requirements and alternative solutions considered. 

Throughout the session, we'll delve into the critical importance of centralized secrets management for safeguarding sensitive information like passwords, certificates, and API tokens. Discover how secrets management reinforces security measures to thwart unauthorized access and mitigate potential breaches. 

Furthermore, we'll explore how a secrets management solution seamlessly integrate within DevOps workflows, optimizing processes and ensuring secure access to secrets throughout the software development lifecycle. Don't miss this opportunity to glean actionable insights from a customer’s perspective and fortify your secrets management practices.

Unlocking Secrets Management: Customer's Journey from Decision to Implementation

CNSA 2.0 is underway in 2025, and its requirements are not trivial. If you're a software and/or hardware vendor that intends to comply, you should already be underway. Compliance deadlines are fast approaching, and the consequences of falling behind are significant.
During this webinar, we’ll get into the nitty-gritty about post-quantum cryptography (PQC) code signing requirements, the critical difference between stateful vs stateless algorithms, as well as discuss who is impacted and how best to comply.
 
Whether you're leading product security, crypto architecture, or compliance, this session with Garantir and Thales will give you the clarity and direction you need to move forward confidently.

PQC Code Signing in a CNSA 2.0 World – What You Need to Know Now

As NHS organisations continue to digitise services and manage sensitive data across complex IT environments, meeting the requirements of the NHS Cyber Assessment Framework (CAF) is critical.
 
Join us for this live webinar and Q&A, where Thales cybersecurity experts will demonstrate how Thales can help organizations comply with CAF by addressing essential cybersecurity requirements and automating security, reducing the burden on security and compliance teams through:
- Protecting applications and APIs
- Identifying, protecting, monitoring, reporting and governance of sensitive data
- Providing seamless, secure and trusted access to applications and digital services

Navigating NHS Cybersecurity Assessment Framework (CAF) Compliance with Thales

With the massive increase in cloud services and workloads, the use of secrets rapidly grows and leads to secrets sprawl, however, “62% of organizations do not know how many keys or certificates they have throughout their company.” ^ 
The increase in data breach incidents from leaked credentials is also alarming and it has become one of the top concerns of the CISO. Recently, Football Australia suffered a data breach after leaving keys to a database containing personal details openly accessible, as they left a number of AWS keys exposed, which included several secret keys. 
To mitigate the risks and fortify the security of sensitive information, organizations can now take full control and have better visibility of all the secrets with CipherTrust Secrets Management Solution, it helps organizations:- 
- Simplify and centralize secrets management in a single platform 
- Discover all secrets in your environment and integrate multiple-point solutions into one platform
- Improve the working experience among various teams including DevOps
Join our webinar to explore how organizations can manage secrets effectively with a single data security platform, our experts discuss:-
- The risks and consequences of secrets sprawl 
- How a secrets management platform offers better visibility and control
- Case study

Reduce DevOps and Cloud Security Risk with Secrets Management

This webinar explores the frameworks and tools to assess cybersecurity risks in artificial intelligence systems with a focus on agentic AI solutions. We’ll explore how existing controls may need to adapt for this sea change in user and data workflows.

Risky Business - Securing AI

Learn the latest trends in Secrets Management and how to ensure your secrets, certificates, and credentials stay protected from cyberattacks. The proliferation of secrets, as well as recent high-profile breaches – like those experienced by LastPass, Uber, and SolarWinds due to compromised credentials – have raised awareness around the risk of secret leaks. As a result, it is becoming a more important focus for security teams, who are increasingly recognizing that a fragmented approach to secrets management does not scale with today's modern computing environments, and that the most effective solution is a scalable and unified platform that can automate processes for creating, storing, rotating, and revoking secrets.

Understanding and Managing Secrets Sprawl

Organizations are navigating a rapidly evolving threat landscape, with hybrid and multi-cloud environments introducing fragmented visibility and complex data exposure risks. To better understand how enterprises are managing this challenge, Thales commissioned the Cloud Security Alliance (CSA) to investigate how organizations view risk to improve their data security posture. The study explores how organizations identify and prioritize data risks, the classification methods and monitoring tools they rely on, and the limitations they face in achieving a unified, real-time view of their data security posture. It also highlights how risk-based security solutions can improve response effectiveness, reduce downtime, and support compliance by delivering continuous visibility and actionable intelligence across diverse environments.

Join Hillary Baron, AVP of Research at the Cloud Security Alliance (CSA), as she reveals the results of the Understanding Data Security Risk survey. Also participating is Krishna Ksheerabdhi, Vice President of Product Marketing for Cybersecurity & Digital Identity (CDI) at Thales Group. They will discuss how organizations are unifying fragmented tools into cohesive platforms while adopting proactive, risk-driven approaches to enhance resilience, protect critical data, and streamline compliance.

RECORDING - Data Security Risk Insights for Improving Data Security Posture

In this live learning session, see a ransomware attack in action in the core of your network. Learn about tools that are used in attacks such as DragonForce and how Thales can block them before they grind your network to a halt.

Ransomware Protection In Your Core Network from Thales

As quantum computing advances, the risk of quantum attacks on information systems becomes a significant concern for organizations globally. During this webinar, Thales, Quside, and Deloitte join forces to leverage their expertise in cybersecurity and explore possible ways to transform security solutions into ones capable of withstanding the power of quantum computing.

Experts will guide you through a practical approach to seamlessly integrate post-quantum solutions into your cybersecurity framework. This webinar is essential for IT professionals, cybersecurity experts, and business leaders seeking to future-proof their organizations against quantum threats. Prepare to secure your data and applications in the quantum era.

Futuring Your Cybersecurity: Navigating the Transition to Quantum-Safe Solutions

Going passwordless requires more than adopting FIDO Passkeys—it’s about building an authentication strategy that’s secure, seamless, and scalable across your entire digital user population. 

In this webinar, we’ll walk you through the key steps to design and implement a passwordless framework that addresses the unique needs of your employees, customers, partners, and suppliers. 

Discover how Thales’ Passwordless 360° approach can help you reduce risk, streamline access, and accelerate passwordless adoption—while aligning with your organization’s digital maturity and identity priorities. 

Key takeaways: 

- Understand why a flexible, adaptable framework is essential for accelerating passwordless authentication adoption 
- Explore practical steps to build a cohesive strategy that balances security, user experience, and long-term scalability 
- Gain actionable insights to navigate passwordless adoption in your regional context

Passwordless 360°: Deploying Passwordless Authentication at Scale

As organizations grow increasingly reliant on vendors, suppliers, and partners, third-party access to internal systems has become not just common but essential. Yet with this expansion comes a critical blind spot: unmanaged third-party identities. Unlike employees, third parties often fall outside of traditional IAM (Identity & Access Management) strategies, resulting in inconsistent onboarding, unclear ownership, delayed deprovisioning, and fragmented oversight. 

In this session, we will explore how third-party identity risk emerges, what makes it fundamentally different from workforce IAM challenges, and what practical steps security leaders can take to reduce exposure without creating operational friction. 

Key takeaways: 
- Understand where third-party identity risk comes from and why it is often underestimated 
- Learn how to bring structure and control to third-party access without relying on full-scale governance programs 
- See how B2B IAM platforms can scale identity controls across partner ecosystems while maintaining visibility and trust

Third-Party Identity Risk: Closing the Security Gap in External Access

The rise of third-party identities — from traveling nurses and temporary specialists to students, suppliers, and software vendors — is transforming healthcare delivery. But it’s also quietly expanding the risk perimeter. Traditional identity and access models weren’t built for this scale, and with AI-powered phishing, impersonation, and credential misuse on the rise, the stakes have never been higher.

Join CI&T’s Luiz Cieslak and Thales’ Dustin Fernandes, alongside moderator Yesenia Polovitch, for a strategic and practical look at third-party identity risk in healthcare. They’ll unpack why the sector is uniquely vulnerable, how outdated models put patient safety and compliance at risk, and what progressive organizations are doing to get ahead. Get real-world examples, insights from HIMSS, and a breakdown of modern defenses — from adaptive access controls to identity orchestration and continuous monitoring.

Speakers:
-    Dustin Fernandes - Enterprise Business Acceleration, Thales
-    Luiz Cieslak - SVP Head of Healthcare & Life Sciences, CI&T
-    Yesenia Polovitch - Business Development, Healthcare & Life Sciences, CI&T

Want to learn more? Check out the attachments!

Speak with our Identity Expert Directly
-    Dustin S. Fernandes
-    Enterprise Business Acceleration
-    Dustin@Thalesgroup.com
-    https://www.linkedin.com/in/dustinfernandes/

Managing Third-Party Identity Risks in Healthcare

Adoptar la autenticación sin contraseñas va más allá de incorporar Passkeys FIDO: requiere una estrategia que sea segura, escalable y sin fricciones para toda tu base de usuarios digitales. 

En este webinar, exploraremos los pasos esenciales para diseñar e implementar un modelo de autenticación passwordless adaptado a las necesidades específicas de empleados, clientes, socios y proveedores. 

Descubre cómo el enfoque Passwordless 360° de Thales puede ayudarte a reducir riesgos, simplificar el acceso y acelerar la adopción de esta tecnología, alineando tu estrategia de identidad con la madurez digital de tu organización. 


Lo que aprenderás: 

- Por qué una estructura flexible y adaptable es esencial para acelerar la adopción de la autenticación passwordless 
- Explora pasos prácticos para construir una estrategia coherente que equilibre seguridad, experiencia de usuario y escalabilidad a largo plazo. 
- Obtén recomendaciones prácticas para impulsar la adopción de la autenticación sin contraseñas en tu contexto regional.

Passwordless 360°: Implementando Autenticación Passwordless a Gran Escala

PCI DSS 4.0 was introduced in 2022 to address emerging threats and technologies and enable innovative methods to combat new threats. The transition timeline from v3.2.1 to v4.0 is due in March 2024, now it is a good time to evaluate and address the PCI DSS 4.0 requirements. 
In this webinar, Qualified Security Assessor (QSA) and Data Security Expert from Thales will share some practical considerations as well as recommendations on data protection related clauses to prepare your organization for the v4.0 requirements including: 
- Highlight customers’ challenges to comply with PCI DSS v4.0 
- Top considerations to address v4.0 requirements
- Recommendations to Secure Cardholder Data, Access Control and Monitoring   
Join us now and be compliant today! 

*Webinar is conducted in Cantonese

Master the Core PCI DSS 4.0 Requirements with QSA Advice

#datasecurity

#dataprotection

#PCIDSS

#QSA

Welcome to the virtualization community on BrightTALK! Whether it affects servers, storage, networks, desktops or other parts of the data center, virtualization provides real benefits by reducing the resources needed for your
infrastructure and creating software-defined data center components. However, it can also complicate your infrastructure. Join this active community to learn best
practices for avoiding virtual machine sprawl and other common virtualization pitfalls as well as how you can make the most of your virtualization environment.

Virtualization

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Master the Core PCI DSS 4.0 Requirements with QSA Advice

Presented by

About this talk

Thales - Cybersecurity Solutions