Marion King, Director of Payments, NatWest
Marion is an accomplished business leader with extensive experience across the financial service industry, with an exemplary track record of driving growth through innovation, change and superlative people leadership. Director of Payments, NatWest since 2015, responsible for setting the Payments strategy which includes payment architecture, operations and innovation. ... Previously President of MasterCard UK & Ireland (2012-2015), Marion was responsible for growing the business and creating a world beyond cash through an innovative approach to everyday Payments, including emerging technologies such as contactless and mobile. Prior to joining MasterCard, Marion was CEO of VocaLink (2000-2012), where during her tenure the Faster Payments Service was launched, Voca and Link were merged and Marion initiated international expansion with VocaLink selected as the outsourced provider of Sweden’s payments. Marion is Chair of the Emerging Payments Association, an advisory board member of P20 and recently chaired the UK Finance Payments Futures working group. Marion is on the Advisory Board member of Pennies (pennies.org.uk) and proud to be a trustee of The Multiple Sclerosis Society (mssociety.org.uk). She is a Freeman of the City of London.
Matthew Browning, Head of Cyber Oversight, Direct Line Group
Matthew Browning is an experienced senior professional with over 20 years’ of experience in the field of IT and Security. Matthew began his career working in information technology for the film industry before specialising in security at a number of prestigious technology companies. He has worked for Direct Line Group since 2016, firstly as the Head of Third Party... Oversight and since 2020, as the Head of Cyber Oversight for the group. Matthew is highly skilled in a wide area of disciplines including information security management, PCI-DSS and IT audit.
Jeremy King, VP, Regional Head for Europe, PCI Security Standards Council
Mr. King leads the Council’s efforts in increasing adoption and awareness of the PCI Security Standards internationally. In this role, Mr. King works closely with the Council and representatives of its policy-setting executive committee from American Express, Discover, JCB International, Mastercard and Visa, Inc. His chief responsibilities include gathering feedback... from the merchant and vendor community, coordinating research and analysis of PCI SSC-managed standards through all international markets, and driving education efforts and Council membership recruitment through active involvement in local and regional events, industry conferences and meetings with key stakeholders. He also serves as a resource for Approved Scanning Vendors (ASVs), Qualified Security Assessors (QSAs), Internal Security Assessors (ISAs), PCI Forensic Investigators (PFIs), and related staff in supporting regional training, certification and testing programs.
Candice Pressinger, Director of Customer Data Security, Elavon
Candice Pressinger is Director of Customer Data Security at Elavon Merchant Services, one of the world’s largest payment companies. Candice leads Elavon’s data security products, services and consulting solutions helping protect businesses from payments fraud, data breaches and other security threats. Most recently, she helped launch a Transaction Risk Analysis... service to help merchants process payments without friction and low rates of fraud, in line with the Second Payments Services Directive (PSD2). She works closely with some of Europe’s largest retailers including: Inditex, Primark and BP. Prior to Elavon, Candice spent over a decade at British Telecom, serving as Head of Group PCI DSS Compliance, and leading a team of 100 professionals to implement PCI Data Security globally for 27 platforms, 80 third-party suppliers and 80m transactions per year. Candice balances the world of payments and data security with being a mum of three and likes cycling, music, and theatre.
Michelle Griffey, Chief Risk Officer, Communisis
Michelle is an experienced leader with 30 years’ experience across a wide range of disciplines including Risk and Governance, Lean Sigma, Project and Relationship Management. She places strong emphasis on doing what is right for the end customer, creating trust and so enabling business growth and resilience through a pragmatic approach to risk... mitigation. Starting her career in branch banking Michelle's experience includes EWRM, incident management, relationship & supplier management, regulated and non-regulated sales, people coaching and development, banking product and policy governance, implementing process improvement through the use of Six Sigma & LEAN methodologies, project management and business process development & governance. Michelle joined Communisis in 2016 to build a risk function for the Customer Experience division focussed on supporting clients within strongly regulated markets. She has subsequently moved to the role of CRO for Communisis group bringing together a number of specialist areas to create a team focussing on Business Resilience.
Graham Cluley, Security Analyst, grahamcluley.com
Graham Cluley is an award-winning independent security blogger, researcher, podcaster, and public speaker. He has been a well-known figure in the computer security industry since the early 1990s when he worked as a programmer, writing the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Since then he has been... employed in senior roles by companies such as Sophos and McAfee. Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and his claim to fame is that he is the originator of the saying that “the cloud is just someone else’s computer” (but he hasn't managed to make any money out of it) Graham can be heard each week on the award-winning "Smashing Security" podcast. Follow him on Twitter at @gcluley.
Rashpal Rai, Compliance Project Manager, Bumble
Rashpal is strategic programme manager with a proven record of leading end-to-end complex projects that drive transformation and growth. He has over 13 years of experience working in highly regulated environments, including successfully achieving PCI-DSS/PSD2 compliance. Rashpal is currently the compliance project manager at Bumble, a global social media... company. His specialities include payments, telecommunications, and digital development.
Stuart Golding, PCI Compliance Manager, Retail Organisations
Stuart is proud to be a considered a reputable Senior Leader in the Information Security industry with a proven history of success in pioneering and driving high-level strategies to ensure compliance with multiple data security and privacy standards and regulations across a range of complex business landscapes. With over 35 years of industry insight and 12 years’... experience in information security, Stuart supports businesses to demystify and comply with data security standards such as PCI DSS, GDPR, Cyber Essentials, ISO27001 and SOC2. He informs corporate strategic direction for protecting sensitive and confidential data, outlining key issues and risks and developing robust Governance structures and practices. Stuart has been actively involved in governing and managing PCI programmes with multiple UK based retailers for over twelve years, including WH Smith Group, New Look, Burberry, Sainsbury’s Group and Carnival UK. He is now engaged with a number of fintech companies including fastPAYE, EedenBull and Omni Commerce delivering control frameworks including ISO27001, Cyber Essentials and SOC2. Stuart is passionate about keeping data security and privacy simple and demystifying the multitude of information security frameworks, focussing on the people and process elements of data security and privacy practices and controls, as well as the principles of security by design and security culture.
Simon Brady, Managing Editor, AKJ Associates Ltd
Simon is a former journalist, editor and publisher specializing in wholesale financial markets, particularly the technology intensive areas of derivatives, securities trading, cash management and FinTech. He has sat as an Executive Director on the main board of a FTSE-250 listed media company and has spent a lifetime travelling the globe talking to CEOs, CFOs and... government ministers about the trends driving business and finance. His experience has led him to look at cybersecurity as a key component of the value chain and to ask whether firms are really taking cyber threats seriously and why third-parties will force them to.
Peter O’Sullivan, Principal Security Consultant, Nettitude
With a career in IT starting at the age of 20, Peter has spent time in most areas of IT including network support, network management, installation management, and IT training before settling into cybersecurity and information security from 2010. As the information security manager for one of only five fraud prevention agencies in the United Kingdom, Peter would regularly... be engaged with Tier 1 and Tier 2 banks, large insurance companies and the UK Cabinet Office. Having implemented ISO27001 and delivered PCI DSS consultancy and assessment services to a range of tier 1 service providers, Peter brings a wealth of experience of implementing security controls and assurance activities into an organisation to add value and meaning. Peter is a PCI DSS QSA and 3DS Assessor, as well as holding both ISO27001 & 9001 Lead Auditor certification and CISSP.
Julian Totzek-Hallhuber, Solution Architect, Veracode
Julian Totzek-Hallhuber is a Solution Architect at Veracode and a security specialist with over 15 years working in IT security. In his various roles he has been responsible for application development, penetration testing and web application security. Julian contributes to several security-related publications, and provides his expert opinion at specialist events... and trade fairs.
Scott Bridgen, GRC Consulting Director, OneTrust
Scott Bridgen serves as a GRC Consulting Director for OneTrust GRC– a purpose-built software designed to operationalise integrated risk management. In his role, Scott is responsible for driving the development and delivery of OneTrust's integrated risk management product as well as driving the refinement of the toolset and offerings. He advises companies throughout... their risk management implementations to establish processes to support operations and align with their enterprise objectives, including adopting industry best practices and adhering to requirements relating to relevant standards, frameworks, and laws (e.g. ISO, NIST, SIG and more). Scott works with clients to realise the extent of their risk exposure, helping clients to map their digital infrastructure, assess risks, combat threats, monitor ongoing performance, and document evidence throughout the risk lifecycle.
James Vale, Head of Payment Security Products & SME PCI DSS Compliance Programme, Barclays
James Vale is a technically focused Senior Product Manager with over 10 years of experience in payments and cyber security, especially PCI DSS. He is currently the Head of Payment Security Products & SME PCI Compliance Programme at Barclays Payments, responsible for spearheading new payment security products to the Barclays Payments merchant base. James has over... 6 and a half years in the payments acquiring space, with an excellent understanding of payment compliance programmes for acquiring banks. James is a PCI SSC Board of Advisors Member and has a genuine passion for technology and security, and a track record of security project delivery with senior stakeholder management.
Russell McDermott, Solutions Engineer, Netwrix
Russell McDermott is a solutions engineer at Netwrix who specialises in security, governance and compliance and has a proven track record of delivering high-value, data-centric projects. He has deployed and integrated security solutions in a variety of industries, including financial, legal and manufacturing.
Kennet Johansen, Manager Solutions Engineering EMEA & APAC, Netwrix
Kennet Johansen has more than two decades of experience in data security, risk management and compliance. As an expert in emerging technology issues and data security concerns, Kennet has helped both small businesses and enterprises protect their sensitive and business-critical information by elucidating their business requirements and implementing technology solutions... that meet their expectations and KPIs.
Jon Marler, Product Manager, SecureTrust
Jon Marler is a Product Manager at SecureTrust with a true passion for information security and more than a decade of experience in information security, payment processing, risk management, software development, and telephony. Jon spent eight years working with some of the largest acquirers in the world, helping them build online payment gateways and... risk management platforms before joining SecureTrust. Aside from his primary role with SecureTrust, Jon also sits on the EC-Council ANSI Scheme committee as a trusted advisor, has participated in the PCI SSC SIG focused on addressing cloud computing, and is a member of the ETA committee for mobile payments. As a result of his long-standing commitment to open source software, Jon has offered his expertise as a package manager for the Debian GNU/Linux OS distribution since 1998.
Chris Strand, Chief Compliance Officer, IntSights
Christopher Strand is the Chief Compliance Officer at IntSights. As CCO, he is responsible for leading the global security risk and compliance business, helping companies bridge the gap between cybersecurity and regulatory cyber-compliance. Chris has more than 20 years of subject matter expertise in information technology and security audit assessment and he specializes... in developing enterprise security platforms and markets within hyper-growth organizations. Prior to joining Intsights, Chris launched and led the cyber-compliance business at Carbon Black (acquired by VMWare), and has held leadership and compliance specialist roles at other flagship security companies such as RSA, Trustwave, and Tripwire. His past experience has provided him with a unique insight in the areas of security assessment and audit, data security, forensics, threat intelligence and security solution implementation. Chris is trained as a security auditor, is a PCIP, and actively participates in the development of cyber-regulations globally. He is an active contributor and participant with ISACA, ISSA, ISC2, and the PCI SSC, frequently speaking on and publishing content advocating and informing the market on the evolution and alignment of their respective compliance frameworks. Chris graduated from the University of Guelph with a Bachelor’s Degree in environment studies and completed advanced certificates in computer information systems at Humber College Institute of Technology and Advanced Learning.
Martin Rolls, Consultant and Former Programme Director, Global Voice Development, BT
Martin Rolls began his tenure at British Telecom as Head of Wideband Policy & Planning, helping to bridge the gap between investment policy and customer experience. With over 30 years of telecoms & IT experience, Martin undertook various research & development and delivery roles including leadership positions as Head of Mobility, Messaging & Convergence... and Head of Applications and Intelligence Services within the UK. More recently, Martin was Programme Director of BT’s Global Enterprise IP Voice Programme and led on PCI DSS implementations for both external customers & ‘Own Use’ applications since 2014, before switching to freelance work in July 2020. Martin holds a degree in Physics and an MBA from the University of Surrey.
Debbie Bicker, Product Lead, SVL
Debbie is product lead for security and fraud prevention solutions at SVL. She has over 30 years experience in the telecommunications industry and has spent the last 25 years, since leaving the Royal Corp of Signals, working with highly successful organisations of all sizes, developing their communications infrastructure and software capabilities.From working for... global multi-national BT, through several highly-regarded Telecommunications Network providers, Debbie is now a key member of the team at the UK’s longest serving provider of software to the Contact Centre Industry. Debbie specialises in card and payment fraud issue in the Contact and Call Centre industry.
John is leading industry content contributor to the initial drafting and to the official Special Interest Group supporting the current PCI DSS Information Supplement – Protecting telephone-based payment card data published globally by the PCI SSC in Nov 2018. A technology agnostic and independent subject matter expert with a deep understanding of vendor landscape... supporting PCI scope reduction to reduce the time, cost and effort in delivering PCI compliance in the MOTO channel. John is highly experienced in developing the business case for PCI compliance together with the selection, contracting and deployment of PCI scope reduction technologies to support digital transformation and transition to multi-channel customer contact.
Dave Holliday, Global IT Director, Eckoh
Dave joined Eckoh in 2003 and, after a number of positions within the Group, he now holds responsibility for the organisation's infrastructure technology strategy, covering Information Technology, Systems, Telecommunications and Information Security/Governance. Eckoh has maintained PCI DSS compliance continually since 2010, and under a wide range of transformation... programs since then, including Cloud adoption strategies, and increased corporate governance as well as releasing a wide range of products and features.
Kevin Vaughan, Head of Systems and Information Security, Eckoh
As Head of Information Security, Kevin is responsible for Eckoh’s security posture, continued compliance and monitoring the threat landscape to assess existing and emerging threats. Kevin is a passionate cybersecurity advocate, he maintains a variety of security certifications including CISSP and has over 20 years’ experience across Systems Architecture,... Operations and Security.
Raghu Nandakumara, Field CTO EMEA, Illumio
Raghu Nandakumara is a Field CTO at Illumio based in London, UK, where he is responsible for helping customers and prospects through their segmentation journeys. Previously, Raghu spent 15 years at Citibank, where he held a number of network security operations and engineering roles. Most recently, he served as a Senior Vice President, where he was responsible for... defining strategy, engineering, and delivery of solutions to secure Citi’s private, public, and hybrid cloud environments. Raghu holds an undergraduate degree in mathematics and computer science from the University of Cambridge, and a master’s degree in advanced computing from Imperial College London.
Jane Goodayle, SVP Global Marketing, PCI Pal
SVP Global Marketing, Jane Goodayle, joined PCI Pal in 2017. Jane is a passionate and engaging marketer with extensive experience of both strategic and tactical marketing. In addition to her 15+ years of marketing experience Jane has wide-ranging knowledge of the Contact Centre and Technology space having held several senior marketing positions within some of the... industry’s leading brands across the globe.
Innes French, Data Protection Officer, PCI Pal
Having worked on the technical side of contact centre operations for a number of years, Innes found himself specialising in all aspects of security and compliance for the business. This led to a change in career and company, when Innes joined PCI Pal in 2017 as Data Protection Officer. In those four years he has since adopted and handled PCI Pal’s compliance systems... around the PCI DSS and various standards the company upholds.
Nick Raper, Director, Nuapay UK
Head of UK at Nuapay. Bringing our leading open banking solutions and our innovative current account products to payment providers, corporates and merchants across the UK.