Agenda

Presentations already confirmed include:


►What’s New in PCI Security: Updates and Insights from the Council

Úna Dillon, Regional Director Europe, PCI Security Standards Council

  • The PCI Council’s latest initiatives and effective ways to engage with the Council
  • Recent updates to the PCI Security Standards and how they impact your compliance strategy

►Third-Party Management at Scale: From Compliance Burden to Business Enabler

Simon Turner, Head of Security Governance and Compliance, BT Group

  • Evolving Landscape: Understand how changing service delivery models, cloud adoption, and outsourced payment solutions reshape third-party PCI obligations
  • Risk-Based Approach: Learn how to categorise suppliers ethically and apply assurance proportional to risk, ensuring PCI DSS controls remain practical and scalable
  • Strengthening Governance: Explore how structured governance frameworks, standardised assurance processes, and right-to-audit provisions can drive supplier accountability and consistency
  • Compliance as a Consequence: Discover how embedding PCI DSS into business-as-usual activities transforms compliance from a costly requirement into a driver of trust, resilience, and business value
     

►Beyond the Playbook: The Human Side of Managing Major Incidents

Michelle Griffey, GRC Director, Paragon

  • From Procedure to Performance – How to turn documented PCI-DSS response plans into confident, real-world action under pressure
  • Collaboration as a Control – How cross-functional coordination between IT, compliance, forensics, and business leaders strengthens response effectiveness
  • Preparedness through Culture – How regular training and simulations build an instinctive, empowered “response culture” across the organisation

►The Great De-scope: Using Tokenization to Slash Your PCI DSS Burden (A GRC Perspective on Strategic Scope Reduction and Multi-Framework Benefits)

Adaora Ezennia, GRC Lead, THG PLC

  • Strategic Scope Reduction – How tokenisation slashes PCI requirements from 300+ to dozens by eliminating cardholder data from your environment
  • Multi-Framework ROI – Delivering simultaneous compliance benefits across PCI DSS, GDPR data minimisation, and ISO 27001/27701 controls
  • Audit Advantage & Implementation – Why demonstrating compliance becomes 40-50% faster, plus actionable evaluation framework and next steps

Education seminars