Agenda

Presentations already confirmed include:


The latest in PCI DSS

Jeremy King, International Director Europe, PCI Security Standards Council

  • Unadultered interpretation of the PCI DSS standard straight from the council
  • Highlighting the most pertinent changes since last year in PCI
  • What does this mean for industry?

Outsourcing and Insourcing - Is it best to leave it to the pros?

Branko Lolich, PCI Project Manager, King's College London

  • The best way for merchants to outsource payments processing payment card security
  • Covering your PCI responsibilities as a merchant to facilitate the best collaboration with outsourced security teams 
  • Using PCI DSS requirements as a baseline to protect GDPR sensitive personal data

► Mobile; Yes it is another endpoint! 

Ashish Patel, VP Sales UK & Northern Europe, Zimperium

  • Liberation at what price 
  • PCI requirements for Mobile 
  • Compliance without compromising privacy 

► Me and Mrs Jones: can RegTech solve the PCI DSS stalemate?

Neira Jones, Independent Advisor & International Speaker; Simon Brady, Managing Editor, AKJ Associates

  • Are the costs and complexity of the regulatory burden becoming unsustainable?
  • The state of play in compliance automation / RegTech
  • Can RegTech help boost PCI DSS compliance, make maintaining compliance easier and reduce the costs?

► PCI: A means to an end, not an end in itself

Alan Jenkins, Head of Advisory Services, 2|SEC Consulting and David Froud, PCI Lead Consultant, 2|SEC Consulting

  • Compliance is not security, but a good compliance programme is an important foundation
  • How PCI DSS can be used to kick-start a wider security programme
  • Identifying and implementing the critical elements of PCI DSS

Executive Panel Discussion 

PCI DSS under the microscope

Getting to grips with some of the most stubborn and difficult technical challenges of achieving and maintaining PCI DSS with PCI leaders from global brands.

  • Charles Husbands, Head of PCI, Vodafone
  • Simon Turner, PCI DSS Compliance Manager, BT
  • Branko Lolich, PCI Project Manager, King's College London
  • Nick Clansey, PCI and ISA, The Open University

► Vendor Risk Management: Overcoming Today’s Most Common Security & Privacy Challenges

Ian Evans, Managing Director, EMEA, OneTrust

  • Review the drivers and challenges organizations face when managing third-party vendor risk
  • Identify priorities before, during and after vendor procurement
  • Take away a six-step approach for automating the third-party vendor risk lifecycle
  • Hear real case studies from privacy experts on how to practically tackle the third-party vendor risk

Executive Panel Discussion 

PCI resilience and optimum incident response

The reality is it’s impossible to strike out the possibility of a breach, so having an airtight incident response plan is imperative. How do you stay ahead and limit damage?

  • Yulia Nayda, Payments & Compliance Project Manager, Badoo
  • Nick Lambert, Communications Director, Thoburns
  • Oussama Louhaidia, Head of Information Security, Curve
  • Jon Townsend, CIO, National Trust

Executive Panel Discussion 

PCI within Compliance

Where does PCI DSS stand for the organisation’s requirements, what are the appropriate PCI resourcing priorities for the senior compliance function?

  • Adrian Beckham, Information Security Consultant, ASDA
  • Laura Morgans, Information Security, Risk & Compliance Manager, Which?
  • Dominic Paisley, Information Security Manager, London North Eastern Railway
  • Jon Townsend, CIO, National Trust

Education seminars


Back to Data Security Basics: What’s Getting Lost in All the Buzz


Colin Neale, Data Security Specialist and Russell McDermott, Solutions Engineer, Netwrix

As data usage grows exponentially, many organisations are struggling with information security because they are short on time, money, staffing or all of the above.

At the same time, the buzz from vendors about the latest attack vectors makes data security appear more complicated than it needs to be. This never-ending pursuit of defense against the hottest threats leads organisations to neglect basic aspects of data security, such as realising that not all data requires the same level of protection.

In this session, we’ll explain how getting back to basics can strengthen security controls and reduce the risk of breaches.


Compliance in the Cloud – how PCI Pal met the compliance challenges of moving to the cloud


Geoff Forsyth, CISO, PCI Pal

The Cloud brings lots of advantages to businesses, but also lots of its own challenges.

Geoff Forsyth, CISO at PCI Pal, discusses designing and delivering a global cloud platform for achieving PCI DSS compliance, with a focus on the compliance aspects of the build and considerations for companies when embarking on their own cloud journey.

What attendees will learn:

  • How automation of cloud deployments can simplify compliance testing
  • How SMEs can piggyback on the security power of cloud platforms built to keep the likes of Netflix, Microsoft, Facebook and GSK secure

Why digital Imaging is the next generation threat to PCI compliance


Dr Guy Bunker, Chief Technology Officer, Clearswift

Join us to discover why images are now one of the biggest unaddressed PCI compliance risks for financial organisations.

We often do not give images a second thought, they are in presentations and documents all the time. But in today’s world of digital collaboration, what sorts of risks can they pose?

  • Discover the next generation threats you need to be aware of
  • How to prevent digital images being the vector for APTs
  • Learn how to prevent unwanted data acquisition via digital images