+ Reply to Thread
Results 1 to 22 of 22
  1. Senior Member
    Join Date
    Feb 2011
    Location
    Santa Barbara, CA
    Posts
    250

    Certifications
    CISSP, SSCP, CompTIA Security+, Network+
    #1

    Default PCI-DSS Professional (PCIP) Certification?

    I recent attended a web conference and heard from a PCI-DSS representative that a new certification was coming from the PCI Council called PCIP.

    Has anyone heard of this or have some inside info on possible release dates, testing material (other that the PCI guidelines), etc? This certification applies to my job more than any other security or networking certification currently out on the market so becoming an early adopter for me will make a huge improvement in my career.
    Reply With Quote Quote  

  2. SS -->
  3. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,596
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #2
    Well, a few minutes of Googling has revealed:
    A trademark application for "PAYMENT CARD INDUSTRY PROFESSIONAL (PCIP)" was filed on 6/8/12 by PCI SECURITY STANDARDS COUNCIL, LLC.

    The keyword "PCIP" is not recognized in the search engine at the PCI SECURITY STANDARDS COUNCIL, LLC Web site.

    There's no mention (that I can find) of the PCIP cert at PCI Compliance Guide.

    The PCIP name collides with the PCIP (Professional in Critical Infrastructure Protection) certification, which was formerly named the CCISP. (I can see why they changed it.)

    Given all that, I think this PCIP is extremely new, unadvertised, and will have serious problems being confused with the other, well-establish PCIP cert that has nothing to do with PCI-DSS.


    Have you tried emailing the PCI Security Standards Council?
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  4. Junior Starcraft Engineer
    Join Date
    Mar 2007
    Location
    Twin Cities, Minnesota
    Posts
    2,777

    Certifications
    A+, Net+, Security+, MCSA 2003, MCTS Win 7, AD, Net Infrastructure
    #3
    Quote Originally Posted by Jinuyr View Post
    This certification applies to my job more than any other security or networking certification currently out on the market so becoming an early adopter for me will make a huge improvement in my career.
    Will your employer actually pay you more for this certification? Does it actually make achieving and maintaining compliance easier for the company? Does it do this better than an established certification such as CISSP? If so, great, but I'm immediately pessimistic that the answer to any of these questions is "yes".

    Don't get me wrong, there's a lot of companies out there that need to adhere to PCI-DSS, but that doesn't mean this is going to make sense to study over the certifications that are already out there. From a career standpoint, CISSP is much more transferable than this PCIP.
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Feb 2011
    Location
    Santa Barbara, CA
    Posts
    250

    Certifications
    CISSP, SSCP, CompTIA Security+, Network+
    #4
    Quote Originally Posted by ptilsen View Post
    Will your employer actually pay you more for this certification? Does it actually make achieving and maintaining compliance easier for the company? Does it do this better than an established certification such as CISSP? If so, great, but I'm immediately pessimistic that the answer to any of these questions is "yes".

    Don't get me wrong, there's a lot of companies out there that need to adhere to PCI-DSS, but that doesn't mean this is going to make sense to study over the certifications that are already out there. From a career standpoint, CISSP is much more transferable than this PCIP.
    I completely understand the hesitation to jump into something that's completely brand new and untested in the field, but the short answer for me is "Yes". Achieving the certification will definitely yield a positive return in my career within the organization and they have even offered to support me in paying for any classes, fees, that might come up. It was recently announced in a web conference so I haven't had much time to do a lot of research on it but contacting them directly does sound like a great next step to getting some timelines.

    While I wait, I suppose I really should finish my CISSP... I just need to save up to another $1,000 for travel to Honolulu and pay for the exam. Boo for not having discounted vouchers, haha

    Thanks for the help! ^_^
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Feb 2012
    Posts
    2,426
    #5
    Quote Originally Posted by JDMurray View Post
    Well, a few minutes of Googling has revealed:
    Hmm, I need to take some google lessons at my local library. I kept getting hits about pre-existing condition insurance plans. The trademarkia link was interesting.

    @Jinuyr - this certification when it becomes available sounds like it would be a good one. I had thought that PCI Council was only certifying organizations not actually professionals so I imagine that there would be quite a bit of interest in it. Do you currently work for a QSA or PA-QSA? You may want to start by having your company to get you qualified first.
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Sep 2007
    Location
    Mgr of Chessboard
    Posts
    351

    Certifications
    See profile - 20 so far
    #6
    I'm at the 2012 PCI NA Conference, and I went to the PCI SSC booth - I've got the inside scoop! I'm also typing this after having 4 drinks (mmmm, sangria), so if it is not coherent, I know nothing. Nothing, I tell you!

    Necessary skills/abilities - candidates must have at least 2 years of work experience in an IT or IT-related role and possess a base level of knowledge and awareness of IT, network security and architecture, and the payment industry.

    Benefits - provide a starting point to launch a career in the payment industry, offers a industry credential, provides you with a competitive career advantage, etc etc

    Snapshot of course content - this entry level course outlines the PCI standards and provdes a solid foundation to other PCI qualifications: principles of PCI DSS, PA DSS, PCI PTS, and PCI P2PE. Understanding PCI DSS 2.0 requirements and intent. Overview of basic payment industry terminology (heh, I almost typed terminator). Appropriate use of compensating controls. How and went to use SAQs. Recognizing how new tech effects the PCI DSS.

    Pre reqs - you are strongly encouraged to familiarize yourself with the docs on the PCI website

    Formate - 8 hour elearning course

    Exam - Pearson Vue exam.

    Qualification - individual. Recertification every two years. Unknown what that requires.

    I asked, and the cost of the training was something like 96.95. Let's say a even 100. Plus the exam fee is something like 395. Let's say a even 400. So to get the cert, it is around $500.

    For more info, call them or email them.

    I filled out the info for them to email me. I'll talk to my boss - boss, it's good for me to get this, since I'm running the whole PCI project.

    Good times. Also, the conference is very good - I'm enjoying the sessions. Very informative.
    Reply With Quote Quote  

  8. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,596
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #7
    Thanks for the bleeding-edge info!

    What kind of training do you get for $100? Just a book written by the organization?

    I'm not directly involved in PCI-DSS at the moment, but it sounds like I could use this cert to get my feet wet in it. Tell them if they comped me the training/certification I could write a killer blog article on it.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    Sep 2007
    Location
    Mgr of Chessboard
    Posts
    351

    Certifications
    See profile - 20 so far
    #8
    Quote Originally Posted by JDMurray View Post
    Thanks for the bleeding-edge info!

    What kind of training do you get for $100? Just a book written by the organization?

    I'm not directly involved in PCI-DSS at the moment, but it sounds like I could use this cert to get my feet wet in it. Tell them if they comped me the training/certification I could write a killer blog article on it.
    From what it sounds like, for a hundred bucks you get 8 hours of e-learning training online about PCI.

    Heh, I'll see what I can do.
    Reply With Quote Quote  

  10. Stayed at a Holiday Inn.. the_Grinch's Avatar
    Join Date
    May 2007
    Posts
    3,824

    Certifications
    BS-CST CISSP GMON MPSC Security+ XRY 1+2+3 XAMN AAA AA
    #9
    PCI is actually not very difficult to do. At my previous job I was in charge of bringing one of our clients into compliance when their outside vendor determined they were not. Problem with PCI is that there are tons of companies that do it and for cheap. I interviewed with a company that was scaling back their PCI operations because they were basically losing money doing it (when you factor in the cost of being a company that is allowed to do it).
    WIP:
    MS in Legal Studies - Drexel University
    Mobile Forensics
    Kotlin
    Python
    Reply With Quote Quote  

  11. PMP-Wannabe! erpadmin's Avatar
    Join Date
    May 2010
    Posts
    4,133

    Certifications
    A+, Network+, Security+, Project+, MCTS 70-680, MCITP:EA or MCSA:WS2K8, Bachelor of Science, IT - Networks Design and Management
    #10
    I'm currently involved in PCI Compliance this very second. In our case, because Oracle will not open up parts of their PeopleSoft code to ensure PeopleSoft compliance, they have advised us that many shops who take tuition via credit cards will have to go to a hosted payment model (meaning the CC information (and by extension, ACH since it has to be all or nothing) has to be hosted by an outside vendor who is PCI compliant. Our current payment processor was selected to host our payments.

    I wouldn't pay $25, much less $100 for a "cert" that offers little to no value other than to say "I know what PCI-Compliance is." It's just one of those things that either you will deal with at least once in your career, or not for most IT professionals. PCI-DSS is just something to keep in mind if you work for an IT shop that deals with handling customer payments made with a credit card.
    Reply With Quote Quote  

  12. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,596
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #11
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Sep 2007
    Location
    Mgr of Chessboard
    Posts
    351

    Certifications
    See profile - 20 so far
    #12
    Quote Originally Posted by JDMurray View Post
    Tell them if they comped me the training/certification I could write a killer blog article on it.
    I asked, and they said no. Sorry dude.
    Reply With Quote Quote  

  14. Senior Member
    Join Date
    Sep 2007
    Location
    Mgr of Chessboard
    Posts
    351

    Certifications
    See profile - 20 so far
    #13
    Something interesting that they had said at the booth was that people who work with PCI all the time wanted something that stays with them. If you're a ISA or QSA, if you leave that firm, you lose the cert. This cert was created for the individual.
    Reply With Quote Quote  

  15. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,596
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #14
    Quote Originally Posted by GoodBishop View Post
    I asked, and they said no. Sorry dude.
    Thanks for trying. One day I might get an email from someone in their marketing department whose job it is to get their cert noticed. Or they may just pay to have a nice article written about their cert at certmag.com.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  16. Senior Member
    Join Date
    Sep 2007
    Location
    Mgr of Chessboard
    Posts
    351

    Certifications
    See profile - 20 so far
    #15
    Add the PCIP to the list of certs that I have (didn't even have to take the PCIP exam... had to take something harder).

    Woo hoo!!!
    Reply With Quote Quote  

  17. Stayed at a Holiday Inn.. the_Grinch's Avatar
    Join Date
    May 2007
    Posts
    3,824

    Certifications
    BS-CST CISSP GMON MPSC Security+ XRY 1+2+3 XAMN AAA AA
    #16
    Do they have any study materials? I've done PCI Compliance audits before, but doesn't look like they have study materials.
    WIP:
    MS in Legal Studies - Drexel University
    Mobile Forensics
    Kotlin
    Python
    Reply With Quote Quote  

  18. Senior Member
    Join Date
    Sep 2007
    Location
    Mgr of Chessboard
    Posts
    351

    Certifications
    See profile - 20 so far
    #17
    They have a eLearning course that you can take - you can register for that from the PCI SSC webpage.
    Reply With Quote Quote  

  19. Senior Member bobloblaw's Avatar
    Join Date
    Dec 2012
    Location
    Memphis, TN
    Posts
    226

    Certifications
    CISSP, CEH, S+/A+/P+/N+
    #18
    What's the level of difficulty? I've seen a couple Verizon jobs that want some PCI compliance cert/experience that pay well.
    Reply With Quote Quote  

  20. Senior Member
    Join Date
    Sep 2007
    Location
    Mgr of Chessboard
    Posts
    351

    Certifications
    See profile - 20 so far
    #19
    I have been deeply immersed in PCI for about 9 months, so the difficulty was minimal...

    It might require a bit of study through the PCI DSS though if you are unfamiliar with it.
    Reply With Quote Quote  

  21. Senior Member bobloblaw's Avatar
    Join Date
    Dec 2012
    Location
    Memphis, TN
    Posts
    226

    Certifications
    CISSP, CEH, S+/A+/P+/N+
    #20
    Thanks.
    Reply With Quote Quote  

  22. EC Council #1 fan colemic's Avatar
    Join Date
    Apr 2010
    Location
    Tejas, Baby!
    Posts
    1,531

    Certifications
    CISSP, CISA, GIAC 2700, MCSE:Security, CEH, CHFI, CCNA:Security, CCENT, Sec+, Net+, ITIL v3 Foundations
    #21
    So I was looking into this today. The cost of the exam is now $1390 (non participating organizations, $790 for participating organizations)... that's just the exam. The actual training course is $2245 non-participating, $1390 for participating orgs. Ouch!
    Reply With Quote Quote  

  23. Senior Member
    Join Date
    Sep 2007
    Location
    Mgr of Chessboard
    Posts
    351

    Certifications
    See profile - 20 so far
    #22
    WOW! That's a huge price increase! Just wow. Yeah, it's on their site - I just checked - https://www.pcisecuritystandards.org...le-pricing.php

    And the numbers are going up for PCIPs, I was at the latest PCI conference in September and I think they said they were over a thousand PCIPs.

    Also interesting, they are now going to require CPEs for this certification.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks