Jeremy King, International Director - Europe, PCI Security Standards Council
Mr. King leads the Council’s efforts in increasing adoption and awareness of the PCI security standards internationally. In this role, Mr. King works closely with the Council and representatives of its policy-setting executive committee from American Express, Discover, JCB International, MasterCard, and Visa, Inc. His chief responsibilities include gathering feedback... from the merchant and vendor community, coordinating research and analysis of PCI SSC managed standards through European markets, and driving education efforts and Council membership recruitment through active involvement in local and regional events, industry conferences, and meetings with key stakeholders. He also serves as a resource for Approved Scanning Vendors (ASVs), Qualified Security Assessors (QSAs), Internal Security Assessors (ISAs), PCI Forensic Investigators (PFIs), and related staff in supporting regional training, certification, and testing programs.
Lesley Roe, Data Protection Officer, The Institute of Engineering and Technology
Having joined the Institution of Engineering and Technology (IET) just under 7 years ago, as a Compliance Officer, Lesley quickly became the ‘go to’ person for all thing data protection. Now acting as the IET’s full time Data Protection Officer (DPO), she is passionate about providing practical advice and guidance which supports the... IET’s overall aims to inspire, inform and influence the global engineering community, which in turn supports engineering a better world. PCI compliance was given to her originally as part of her Compliance Officer role. Outside of work, she can generally be found strolling happily to and from parklands, in the picturesque town of Harrogate; 2 trusted rescue greyhounds sashaying along by her side.
Blair Semple, Senior Director of Business Development, PKWARE
Blair Semple, CISSP-ISSEP, CCSP, PCIP, is the Senior Director of Business Development at PKWARE with a focus on information security, partnerships and opening new markets. With more than 20 years of security experience, Blair is responsible for delivering global outbound communications on the state of the security market, emerging standards, etc. In addition, Blair... works directly with customers of both PKWARE and our partners defining the requirements, challenges and benefits of security solutions along with the value that PKWARE brings to this environment. Prior to joining PKWARE, Blair was with Gemalto/SafeNet and NetApp a combined 12 years in various Business Development and Security Evangelist roles. In his early career, Blair was with Canadian technology company Kasten Chase in a variety of roles and from 1996 to 2004 he was the company's primary interface with the National Security Agency's RASP program. Working together with NSA, Kasten Chase created a multifaceted technology solution that supported over 20,000 users requiring access to classified data via mobile laptops. A physics major at Wilfrid Laurier University in Waterloo Canada, Blair has continued his education in information security including having attained CISSP, ISSEP, CCSP and most recently PCIP certifications – demonstrating competence in the rigorous requirements for information security engineering and cloud Security. Blair was one of the first 150 people globally to obtain both ISSEP and CCSP certifications.
Dave Whitelegg, Group Cyber Risk and Intelligence Officer, Capita
Dave Whitelegg is a Cyber Security Expert, overseeing Information Security and Payment Security at Capita plc, a UK leading provider of digital services delivering innovative solutions and simplifying the connections between businesses and customers, governments and citizens. Dave is a cybercrime and PCI DSS subject-matter expert, in 2007 guided Capita Pay360 to be... the first PCI DSS compliant level 1 Payment Processor in Europe to be listed as compliant by both Visa and MasterCard. Dave is credited with creating Europe's First Satellite VPN in 2003 and is an active figure in the global information security community. Dave has been working as cyber and information security professional for over 20 years and holds a number of security accreditations including CISSP, Computer Hacking Forensics Investigator (CHFI), PCI Internal Security Assessor (PCI-ISA) and ISO27001 lead auditor.
Johan Hagdahl, GCRS Director, SecureTrust
Johan is a part of SecureTrust’s Global Management Team, in addition to the management role Johan delivers compliance assessments, information security consulting, IT governance consulting, security gap analysis and risk assessments as a CISSP, CISA, CISM and Qualified Security Assessor, QSA including PA-QSA, QSA (P2PE) and PA-QSA (P2PE) enabling both solution provider... and application validations. He is also appointed the role as the director for PA DSS and P2PE globally, focusing on management, service delivery, methodology improvement and customer satisfaction efforts. Johan has extensive experience in the payment industry, breaking new ground on compliance validation techniques for complex merchants using encrypting systems. Johan has worked with end-to-end encrypting POS- and Backend-systems since long before the release of the P2PE standard, enabling small merchants and large retail chains to achieve PCI DSS compliance by using new techniques and assessment methodologies. He is regularly involved in complex multi-national assessments, providing guidance and helping companies interpret and understand the intent of various PCI DSS requirements, helping them achieve compliance through support in both documentation and in the choice of technical solutions. Through Johan’s work in the financial payment sector he has substantial knowledge of the transaction processing functions both nationally and internationally working at and with payment service providers and banks throughout EMEA, Americas and Asia. With over one and a half decade of experience of inter-banking processing and relations Johan has hands-on knowledge of the systems, stakeholders, requirements and challenges faced when operating on an international market.
Michelle Griffey, Chief Risk Officer, Communisis
Michelle is an experienced leader with 30 years’ experience across a wide range of disciplines including Risk and Governance, Lean Sigma, Project and Relationship Management. She places strong emphasis on doing what is right for the end customer, creating trust and so enabling business growth and resilience through a pragmatic approach to risk... mitigation. Starting her career in branch banking Michelle's experience includes EWRM, incident management, relationship & supplier management, regulated and non-regulated sales, people coaching and development, banking product and policy governance, implementing process improvement through the use of Six Sigma & LEAN methodologies, project management and business process development & governance. Michelle joined Communisis in 2016 to build a risk function for the Customer Experience division focussed on supporting clients within strongly regulated markets. She has subsequently moved to the role of CRO for Communisis group bringing together a number of specialist areas to create a team focussing on Business Resilience.
Hugh James, CTO, PCI Pal
With a Masters degree in Digital Systems Engineering, Hugh started his career on the graduate programme at BT, going on to forge a 30+ year career in the industry, mainly focused on VoIP technologies. Latterly he has worked in the cloud contact centre and PCI Compliance space holding senior positions at the likes of NewVoiceMedia and managing the global telecommunications... software of large scale businesses.
William James, Head of Payments Team, Addleshaw Goddard
William is a Partner based in the corporate/commercial division. He specialises in payments and leads the firms' payments team. William is recognised as a payments specialist in Chambers with clients commenting that he has a "genuine proactive interest in the payments space". He has... advised on some of the most significant payment transactions and innovations in the UK over the last ten years and regularly works for banks, technology companies and payments processors on a wide variety of corporate and commercial transactions including mergers and acquisitions (M&A), partnerships, joint ventures and commercial arrangements. His experience includes the joint venturing and disposal of HSBC's payment processing business to Global Payments. He has advised two high-street banks on their payment processing arrangements and ongoing relationship with their processors. He has spent time in-house with a major UK card issuer and was involved in the first implementation of a mobile payment device in the UK. More recently he has assisted on the legal implementation of digital mobile payments for a major UK bank with various technology and payment network providers. He has significant expertise in the card affinity space and has advised in relation to various card affinity and loyalty schemes for banks working with large UK retailers. Recent M&A transactions have included the acquisition of the peer to peer encryption business owned by Logic Group for Barclays, and the disposal of Smart Card Software Ltd to Rambus Inc. He has also done regular work for a US technology companies in relation to payment technology.
Neira Jones, Independent Advisor & International Speaker
More than 20 years in financial services and technology made Neira believe in change through innovation & partnerships. She is regularly invited to advise organisations of all sizes on payments, fintech, regtech, cybercrime, information security, regulations (e.g. PSD2, GDPR, AML) and digital innovation. She always strives to demystify the hype surrounding current... issues and also enjoys her work as an expert witness. She likes engaging on social media and regularly addresses global audiences as a keynote speaker or chair person. She is a Non-Executive Director for Nasdaq listed cyber security firm Cognosec and payments innovator Comcarde. She also chairs the Advisory Board for mobile innovator Ensygnia and is a partner for the international Global Cyber Alliance. She is an Advisor and Ambassador for the Emerging Payments Association and is on the Thomsons Reuters UK’s top 30 social influencers in risk, compliance and regtech #TRRiskUK30 2017, on the Jax Finance Top 20 Social Influencers in Fintech 2017, the Richtopia Top 100 Blockchain Insiders List and the Innotribe Femtech Leaders List. Tripwire nominated her “Top Influencer in Security To Follow on Twitter” in January 2015, CEOWorld Magazine nominated her Top Chief Security Officer to Follow on Twitter in April 2014, she is the Merchant Payments Ecosystem Acquiring Personality of the Year 2013, the SC Magazine Information Security Person of the Year 2012 and is an InfoSecurity Europe Hall of Fame alumni since 2011, as well as being voted to the Top 10 Most Influential People in Information Security by SC Magazine & ISC2 in 2010. She has previously served on the PCI SSC Board of Advisors for four years, is a Fellow of the British Computer Society and worked for Barclaycard, Santander, Abbey National, Oracle Corp. and Unisys.
Michael Luck, PCI DSS Compliance, McDonald's
Michael is an independent consultant who has been advising McDonald’s UK and Ireland on all aspects of cashless payment since 2010. He has many years of PCI-DSS experience, and more recently has advised on GDPR. Michael began his career in IT when it was still called Data Processing and he has seen many changes and advances in technology since then. ... Prior to his current role Michael spent 21 years in IBM’s Retail Store Solutions business working with many High Street retailers in the UK on all aspects of instore IT, including cashless payment. He has worked in several other countries while with IBM on retail related projects, including loyalty card projects and ‘pay at pump’ devices for petrol retailers.
Joseph Okonkwo, Security Consultant, Aviva
Joseph is a security architect and technology enthusiast with an MSc in Data Telecommunications and Networks. He was as a consultant and an internal PCI-DSS analyst, working with various QSA companies and supporting other standard’s including SOX, ISO, Bank of England. He... currently works daytime with different countries ensuring secure data communications by providing solutions that are flexible and effective; to detect, mitigate and prevent cyber-attacks and payments frauds across the network with focus on compliance to various standards.
Ian Olliffe, Global Compliance Officer, Quintessentially
After working in IT for over 20 years, Ian transitioned to an Information Security position managing ISO 27001 and PCI DSS compliance. In March 2018, Ian moved to Quintessentially, a luxury lifestyle management group, as the groups full time Data Protection Officer. Ian is passionate about providing data protection advice and guidance in a continually changing environment... which is well suited due to the sensitivity of the personal data Quintessentially collects and processes. Quintessentially's PCI compliance program covers worldwide offices and they operate as both a merchant and a service provider. Outside work, Ian enjoys experiencing other cultures and is lucky to be able to expand his travels through his current position.
Craig Moores , Risk Advisory Practice Director, SureCloud
Craig is responsible for SureCloud’s Risk Advisory Practice including engagement scoping, consultancy delivery and client relationships. Craig is experienced in leading and delivering complex cybersecurity solutions aligned to strategic business objectives. He has broad cybersecurity experience including a strong technical, software development and project management... background, with particular strengths in the areas of information risk management, PCI DSS, strategic planning and business auditing.
Vipul Asher, Privacy Consulting Manager, OneTrust
Vipul Asher serves as Lead Privacy Account Manager of the United Kingdom at OneTrust - the #1 most widely used privacy, security and third-party risk technology platform for compliance with global privacy laws. In his role, Asher leads OneTrust's team of privacy professionals across the UK, working with emerging to enterprise companies on data protection regulation... solutions, focused on building and scaling global privacy programs. Asher has publicly spoken on a variety of privacy and security topics, providing deep insight into regulatory issues and practical approaches to compliance. Additionally, he helps facilitate OneTrust's PrivacyConnect workshops across the EMEA region. Prior to OneTrust, Asher spent several years at a leading SaaS security company where he gained valuable experience implementing end-point security and advanced multi-factor authentication products into organisations to protect them from data breaches, credential theft and account takeover. Asher is a Certified Information Privacy Professional (CIPP/E) and holds a M.Sc in Computer Science from Fergusson College.
Ben Barnes, Head of Product, Semafone
Ben Barnes heads up the Product Development Team at Semafone. Ben is responsible for managing the delivery of new services and solutions that protect sensitive data, whilst at the same time ensuring a positive customer experience and facilitating complex compliance programmes. Ben has substantial product marketing experience, having successfully delivered... numerous products and proposition strategies in the consumer, SME and corporate arenas. Ben’s previous experience includes over 19 years in senior product management and proposition development positions across the fixed and mobile global telecommunications industry. Ben has successfully managed cross-functional teams to define, develop and deliver a wide and varied portfolio of services.
Nicola Lyons, Cyber Risk and Compliance Manager, Manchester Airports Group
After completing a successful 22 year military career with the Royal Corps Of Signals, where she specialised in Information Security Management, Nicola Joined Manchester Airport Group in July 2018. Initially employed as an Operational Technology Cyber Security Engineer she worked closely with the cyber compliance team in support of the Network and Information... Systems (NIS) Regulation. In Mar 19 she moved into the role of Cyber Risk and Compliance Manger.
Daniel Oxley, Director of Technical Account Management, Tanium
Daniel Oxley is Director of Technical Account Management (TAM) at Tanium, specialising in IT operations. As a TAM. he is a trusted advisor to customers on all things Tanium as well as the parts of a business that Tanium is or will be involved with, working with technical as well as senior managerial and board-level stakeholders across all industries, solving complex... technical programmes, and helping manage risk to improve business outcomes. Daniel has been breaking and fixing computers since he was 8 years old and has a genuine passion for technology. Over the years he has worked across a wide variety of fields and business sectors, working his way up from a helpdesk role at a bank to being a Senior Consultant for Microsoft and SME in the Systems Center Configuration Manager suite. He thrives on finding new ways to use technology to improve on any task, especially where it was previously believed to be unimprovable.
Simon Beeching, Business Development Director, Syntec
After studying Modern Languages at Oxford and Business Administration at INSEAD in France, Simon joined the Executive Board of the Thomson Holidays Group and gained client-side experience of contact centre management in this fast-moving consumer industry. After subsequently setting up a consultancy firm he became a Visiting Industry Professor at Regent's Business... School, London and was appointed as an executive director of Syntec in 2011, to support growth and strategic development in leading-edge contact centre management solutions.
Laura Morgans, Information Security, Risk & Compliance Manager, Which? Consumer’s Association
Laura has a legal background with over 13 years experience in the third sector, with extensive experience of managing risks across charities including project management for General Counsel and monitoring PCI DSS for charitable income streams. Laura has worked within information security, data governance, volunteer management and retail trading including implementing... controls and monitoring compliance programmes for over 40,000 volunteers and employees.
Laura has helped some of the largest charities in Europe to monitor and manage their PCI DSS risks.
Theo Botha, Head of Cyber &Information Security, Which? Consumer Association
Theo has a Technical background with over 15 years’ experience in Technology & Information Security. Theo has experience in rolling out Technical Programs & Information Security/Compliance Programs inline with organisational strategy across multiple industries and sectors.
Ashley Burton, Head of Product, Eckoh
Ashley Burton is a passionate advocate for customer experience and information security. Ashley spends his days as Head of Product at Eckoh using technology to help make customer engagement convenient and secure for contact centres. Having joined Eckoh in 1999 as a contact centre agent, he has worked in a variety of business areas including data management,... business intelligence, mobile app development, solution architecture and product management. As well as being a 20-year veteran of the contact centre world, he is a 10-year veteran of PCI-DSS, having been with Eckoh throughout their PCI journey. Ashley has helped organisations across a wide range of industries to improve customer experience, attain compliance and has designed and delivered solutions that support millions of customer interactions annually. His deep understanding of how technology can be applied to meet customer challenges has helped numerous organisations on their digital transformation journeys. Ashley’s focus on innovation can be seen through the delivery of award-winning products at Eckoh and the continual generation of Intellectual Property through patents granted.
Richard Kirk, Vice President EMEA, Illumio
Mr. Kirk has 20+ years of experience leading technology evolution and adoption in the European market where he’s developed a reputation for being a change agent and strong business partner for the organizations he’s worked with. Mr. Kirk has spent many years working in both large and small software companies, across many different... technology domains and international markets. He’s spent a great deal of his career focused on the software security industry and is a great ally when helping companies tackle the complex technical and business challenges they face. Mr. Kirk holds a BSc from Northumbria University (Newcastle Polytechnic) and an MSc in Software and Systems Security from the University of Oxford.
Thomas Chappelow, Principal Consultant, PCI and Information Security, Data Security People
Tom is our head of practice and lead QSA; he is responsible for the day-to-day management of the practice, with oversight of all client services. As a senior information assurance professional, Tom has advised clients across the world and in many diverse sectors, including oil and gas, defence, government,... and financial services. Tom has also provided technical security evidence for a number of high-profile legal cases and governmental inquiries, including for the Parliamentary Joint Committee on the National Security Strategy. In addition to being a member of the Chartered Institute of Information Security, Tom has attained a number of industry qualifications, including: CISA, CISM, NCSC Certified Information Assurance Auditor, ISO 27001 Lead Auditor, and PCI QSA. .
Matthew Bryars, Co-founder and Vice Chairman, Speik
Shortly after completing a Masters degree in physics from University College London, Matthew was one of the first to see the potential for highly secure, cloud-based business services – and promptly co-founded Aeriandi, now known as Speik. Matthew still takes a hands-on approach and remains actively involved in the development process, getting most fulfilment from... delivery of high quality, relevant solutions based on the company’s hosted secure voice applications platform.
Grant Jannaway, Payment Security Manager, Global Cyber Security, Vodafone UK
Grant is an experienced Program Management Office Lead with a demonstrated history of working in the telecommunications industry. He is highly skilled in Service Delivery, Corporate Social Responsibility, Sales, IT Test Service Management, and Quality Management. He has been Vodafone UK’s PCI Payment Security Manager for over 3 years.
Peter O’Sullivan, Principal Security Consultant, Nettitude
With a career in IT starting at the age of 20, Peter has spent time in most areas of IT including network support, network management, installation management, and IT training before settling into cybersecurity and information security from 2010. As the information security manager for one of only five fraud prevention agencies in the United Kingdom, Peter would regularly... be engaged with Tier 1 and Tier 2 banks, large insurance companies and the UK Cabinet Office. Having implemented ISO27001 and delivered PCI DSS consultancy and assessment services to a range of tier 1 service providers, Peter brings a wealth of experience of implementing security controls and assurance activities into an organisation to add value and meaning. Peter is a PCI DSS QSA and 3DS Assessor, as well as holding both ISO27001 & 9001 Lead Auditor certification and CISSP.
Allan Packer, Managing Director, Silver Lining convergence
Allan Packer holds the dual roles of Managing Director and Sales Director for Silver Lining Convergence Ltd, an IT and telecommunications business based in Hampshire, that he formed in his late twenties. Following a career, since education, in the sales arena Allan had a vision for creating a company that would offer clients every IT service possible, building... trusted relationships with his clients. Business is personal for Allan, and so he takes a hands-on approach working on key accounts and taking the time to be customer-facing. His raison d’être is to help businesses move forward with technology by providing tailored IT support that fits their needs. Investing in people is important to the Silver Lining ethos – with staff development, and employee engagement high in priority in the day-to-day business. Outside of the office Allan has a love of fast cars, a talent for cooking and a desire for travel. The love of his life is his Westie, Daisy.
Revd Mark James – Group Data Protection Officer (DPO), Silver Lining Convergence
Revd Mark James has spent the last 20 years within the Technology, Security and Compliance space. The customers that engage with Mark do so because of his unique ability to speak through evolving compliance regimes. His technical, commercial and deep knowledge of compliance offers clients the ability to effectively manage compliance, risk and security. The last... 5 years has seen him focus on supporting clients navigate and integrate various regulations. Supporting clients who seek to integrate them into their commercial landscapes whilst remaining competitive, risk aware, profitable and efficient. Mark understands how differing regulations such as PCI-DSS and GDPR impact your services and brings his vast experience in helping clients implement pragmatic privacy by design and default. Mark supports his clients technically as well as operationally. Working with clients to audit, design, implement, document and train. Alongside this, Mark supports clients leverage emerging technologies which in themselves bring additional challenges to compliance. Regarding PCI-DSS, Mark continues to support clients as they seek to reduce, understand, document and regulate "in scope" elements in ways that support commercial strategy. Using his Data Protection credentials and vast commercial experience Mark has realised several technical and operational benefits to his client underpinned by his experience in various ISO standards. In his spare time, Mark is using his newly qualified skills as an ethnographer to profile his home town of Bude as it seeks to ensure it provides a supporting structure for young people across the west Country through the next 30 years. Mark also launched his Cornish Chilli jams which make their debut in 2020.