Agenda
Presentations already confirmed include:
► PCI Security Standards : The latest developments in the payment space
Jeremy King, VP, Regional Head for Europe, PCI Security Standards Council
- Version 4.0 transition timeline
- Moving successfully to PCI DSS 4.0
- Steps to take in the next 6-9 months
► Navigating compliance in an eComm world — You think you have outsourced BUT have you?
Candice Pressinger, Director of Customer Data Security, Elavon
- Merchants are getting further away from the payment but are still the merchant on record
- False sense of security
- Questions to ask
- What evidence do you need?
- SPs 12.8 and 1.9.2/PCI V4.0
- It’s not enough to ask in an RFP.. are you compliant?
► PCI DSS-as-a-Consequence of “Secure in Operation": Striking the Balance: Compliance-Centric vs. Security-First Strategies
Simon Turner, Head of Security Governance and Compliance at BT Group, BT Group
- Do alternative strategies, particularly security-first approaches aligned with frameworks like CIS or NIST hold the key to robust protection?
- The practical implications of compliance-led security, alternative strategies, the alignment with business objectives, ROI considerations,
- The pivotal role of security leaders in addressing critical concerns.
- Security-first strategy and the ability to comply with the multiple compliance requirements such as PCI DSS.
► Bypassing Multi-Factor Authentication (MFA) via Phishing Techniques
Manit Sahib, Ethical Hacker & Dhruv Bisani, Head of Adversarial Attack Simulations, Starling Bank
- Live Demonstration of MFA Bypass Attack
- Countermeasures and Best Practices
- Conclusion of Demo and Presentation
► Case Study: From Zero to Hero, implementing a compliance framework for ISO27001, PCI DSS, SOC 2 Type 2 and Cyber Essentials Plus at a tech unicorn
Nicholas Howard, Director of Information Security, Reward Gateway
- Journey from ISO to PCI to SOC 2 to CE+
- Using automation to streamline the ongoing monitoring, assessment and audit processes
- Lessons learnt along the way