Speakers
Jeremy King, VP, Regional Head for Europe, PCI Security Standards Council
Mr. King leads the Council’s efforts in increasing adoption and awareness of the PCI Security Standards internationally. In this role, Mr. King works closely with the Council and representatives of its policy-setting executive committee from American Express, Discover, JCB International, Mastercard and Visa, Inc. His chief responsibilities include gathering feedback... from the merchant and vendor community, coordinating research and analysis of PCI SSC-managed standards through all international markets, and driving education efforts and Council membership recruitment through active involvement in local and regional events, industry conferences and meetings with key stakeholders. He also serves as a resource for Approved Scanning Vendors (ASVs), Qualified Security Assessors (QSAs), Internal Security Assessors (ISAs), PCI Forensic Investigators (PFIs), and related staff in supporting regional training, certification and testing programs. more
Gaynor Rich, Former Deputy CISO, BT
Gaynor has 25+ years of experience and success information, leading and delivering strategic global cyber and information security strategy, governance, compliance and transformation across a broad range of organisations and industry sectors. A trusted executive-level advisor with repeated accomplishments balancing compliance obligations with due commerciality and... pragmatism to achieve organisational growth and development.
Known for her expertise in developing and delivering Cyber Security, Data Protection, Payment Security (PCI DSS), Business Resilience, and Risk Management, she believes cybersecurity is a key business enabler, aligned to business objectives; taking an holistic approach that leverages technology with a strong security culture; empowering business innovation through an integrated secure by design to secure in operation capability, that enables business growth. A keen champion and mentor for Women in Tech and Cyber, she speaks often on the human factors, building a strong security culture to enable and empower business growth.
more
Jo Vane, InfoSec Compliance Director, Checkout.com
Jo Vane is the InfoSec Compliance Director at Checkout.com, known for her ability to simplify complex security matters. As a former police officer turned cybersecurity enthusiast, Jo is on a mission to continue to elevate Checkout.com's PCI programs both internally and externally.
With nearly fifteen years of leadership experience, Jo has a solid track record... of leading teams through transformative journeys. Her expertise spans a wide range of security standards and regulations, making her the go-to person for security and compliance discussions.
Jo has a unique talent for bridging the gap between tech and people. She's a strong communicator who can translate complex compliance topics into plain language that everyone can understand.
Her role at Checkout.com is pivotal in maturing the PCI program, particularly for DSS and 3DS. She's passionate about upholding the highest security standards for payment processing and is dedicated to making the digital world safer for everyone
more
Scott Storey, Cybersecurity Architect, University of Manchester
Scott is a passionate senior security professional with a focus on application security, socio-technical security, and shifting security left with 20 years' experience within computing. He has held various senior roles in information security with overall responsibility for technical and riskmanagement throughout the business. In these roles, he has taken the... lead on the secure design oftransformation projects in customer-facing services and back-office systems. He has a varied background which has involved being "on the front line" as an engineer and being part of senior management setting strategic direction. more
Manit Sahib, Ethical Hacker, The Global Fund
Manit is an experienced offensive security expert who is certified by UK’s National Cyber Security Centre (NCSC) as well as His Majesty’s CESG Check scheme (HMG CHECK). He has over ten years professional experience in both UK Government and private offensive security operations. Formerly, Manit was the Head of Penetration Testing & Red Teaming... at the Bank of England. He is contracted to Global Fund. more
Dhruv Bisani, Head of Adversarial Attack Simulations, Starling Bank
Dhruv is a leading cybersecurity professional with a key interest in leading & delivering Adversarial Attack (Red/Purple Team) simulations. He is currently the Head of Adversarial Attack Simulations at Starling Bank and formerly established and served as the Head of the Red Team at Resillion. Dhruv’s core focus has been on developing the red team (attack simulation)... capability at Resillion, while focusing on testing less common environments such as MacOS environments and zero-trust red team engagements. He has successfully delivered advanced attack simulations across a range of sectors including finance, healthcare, legal, and retail. Dhruv possesses extensive experience in executing projects under the UK CBEST/TBEST schemes. Dhruv’s role encompasses a wide array of responsibilities such as recruitment, training, overseeing sales/finances, as well as enhancing technical methodologies and processes. As part of his role, Dhruv has collaborated closely with C-suite executives and CISOs, providing strategic cybersecurity insights to help secure the organisation. more
Simon Turner, Head of Security Governance and Compliance at BT Group, BT Group
A highly experienced technology and telco leader Simon brings three decades of industry experience to the forefront having worked in numerous highly regulated roles. Working with BT’s most complex customers Simon's background gives him valuable insights and practical experiences to support cybersecurity, compliance risk management, and governance decisions.
Nicholas Howard, Director of Information Security, Reward Gateway
After completing a degree in Computer Science, Nick started his career as a software developer, working in the telecommunications, pharmaceutical and gaming industries. He then spent the next 8 years in the Royal Air Force serving as an IT Engineer (Cyberspace) Officer, working across the globe to provide secure IT services, including a role as the Head of IT for... UK Forces at Kandahar Airfield. He then moved into the financial services sector working with Worldpay, delivering large cyber security projects (their largest PCI DSS assessment), before leading the security function at a UK FX provider (A JV between the Bank of Ireland and the Post Office). Most recently he is the CISO at a SaaS tech company, providing employees benefits and wellbeing services. more
Anil Kumar, Head of IT Security & Risk Function, Homebase
Anil Kumar heads up the IT Security and Risk function at Homebase, he has been working for the retailer since 2012. He started there as programme manager responsible for delivery programmes such as Payment Transformation, PCI Compliance, Website re-platforming, and Establishment of Information and Operational Security Capabilities.
Homebase was purchased by Wesfarmers... in 2016 and Anil was responsible for building its IT Security Team, Tooling, Governance, and Information Security and Risk Programme as these capabilities were not part of the acquisition.
He has a keen interest in learning from modern technologies, best practices, and upcoming techniques. Anil started his career as a consultant in the Postal/Manufacturing Industry, moving into the Defence sector before arriving at the retail sector.
Anil has been able to use his understanding of technology, business processes, and how it aligns with business strategy to provide balanced leadership and direction. He has a fantastic way of taking complex technical language and converting it into terminology that can be understood by the senior leadership.
He is also professionally qualified and holds ISACA CISA, CRISC, CISM, CDPSE, and PCI ISA certifications. Previously holding qualification in program management (Prince2 Practitioners and Agile Scrum Master), service delivery (ITIL Foundation), and GDPR (Certified Data Protection Officer). more
Eleanor Ludlam, Partner - Cyber, Privacy and Technology Litigation, Pinsent Masons
Eleanor is a partner who specialises in cyber and data risk, with significant experience in acting for insurers and insureds operating in a range of sectors including manufacturing, technology, media and financial institutions. Eleanor joined Pinsent Masons’ Cyber team in April 2023 and has a background in commercial litigation and data protection which... provides her with unique expertise when advising clients in relation to privacy litigation, cyber and data risk matters. Eleanor spent 15 months on secondment to the Global Privacy team at one of the world’s largest insurers and 6 months on secondment to a SaaS technology company. She holds the IPAA Certified Information Privacy Professional (Europe) (CIPP/E) qualification and is the winner of the Most Inspiring Woman in Cyber Awards 2021. Eleanor is one of five Back to Law Ambassadors for the Law Society assisting people who are returning to the law after a career break. She regularly speaks at events on issues specific to people returning to careers in law, including challenging stereotypes and misperceptions. more
Soraya Viloria Montes de Oca, Group Information Security Officer, Harvey Nichols
Soraya Viloria Montes de Oca is the Group Information Security Officer at Harvey Nichols and serves as the VP of Community Engagement for ISSA-UK. For the past 30 years, Soraya also known in the security community as Iggy has worked as a security professional in a variety of industries such as; healthcare, education and security services. Always passionate about building... a strong security community, you will often find her supporting non-profit organisations and helping people collaborate with each other.
more
Michelle Griffey, GRC Director, Paragon
Michelle is an experienced leader with 30 years’ experience across a wide range of disciplines including Risk and Governance, Lean Sigma, Project and Relationship Management. She places strong emphasis on doing what is right for the end customer, creating trust and so enabling business growth and resilience through a pragmatic approach to risk... mitigation. Starting her career in branch banking Michelle's experience includes EWRM, incident management, relationship & supplier management, regulated and non-regulated sales, people coaching and development, banking product and policy governance, implementing process improvement through the use of Six Sigma & LEAN methodologies, project management and business process development & governance. Michelle joined Communisis in 2016 to build a risk function for the Customer Experience division focussed on supporting clients within strongly regulated markets. She has subsequently moved to the role of CRO for Communisis group bringing together a number of specialist areas to create a team focussing on Business Resilience. more
Ahmed Rahman, CISO- Compliance Manager, Direct Line Group
With a distinguished 21-year career, Ahmed Rokibur Rahman is a seasoned Compliance Management professional specializing in PCI DSS, ISO 27001, SOC2, SOX, and NIST frameworks. Renowned for their successful implementation of these rigorous standards, they have demonstrated a track record of ensuring organizations maintain robust security postures. Through strategic... leadership, Ahmed has orchestrated the successful alignment of cybersecurity strategies with multiple compliance frameworks, safeguarding sensitive data and mitigating risks. Their proactive approach has not only ensured compliance but also facilitated the effective implementation of measures that contribute to long-term resilience against evolving cybersecurity challenges. more
Laura Morgans, Security Risk and Compliance Manager, Dr Martens, Airwair International Ltd
Laura Morgans is an Information Security Risk and Compliance Manger at Dr Martens, Airwair International Ltd. (CRISC, CISM, CDPSE, ISO 27001 & PCI DSS Internal Security Assessor). Laura has a Law degree and is studying part-time for an MSc in Software, Systems and Security and Oxford University.
Laura specialises in leading Information Security Governance... Risk and Compliance functions with experience of creating entry level roles in organisations with diverse candidates, including recruiting female candidates into the security industry. Laura won the Rising Star leadership award in the Women in Governance Risk and Compliance World Forums
PCI DSS and information security experience; includes roles at Cancer Research UK, Which? Consumers’ Association and Dr Martens.
more
John Elliott, Security Advisor, Jscrambler
John Elliott is a specialist in regulated security and data protection. His fascination is the way that people engage with security directives: whether that’s a company following external regulations, an information security team developing policies, an IT team following them, or a colleague who is just trying to do their job securely. John has led aviation and... financial services information security and data protection functions. He’s represented both Visa Europe and Mastercard on the PCI Security Standards Council and contributed to many of the PCI standards including most recently PCI DSS v4. He is a consistently top-rated speaker and author of online video training courses for Pluralsight. John is a Fellow of BCS, the Chartered Institute for IT, and holds an LLM in Information Rights Law along with multiple information security certifications. He has recently embraced the role of Security Advisor at Jscrambler. more
Stephen Cavey, Co-Founder & Chief Evangelist, Ground Labs
Stephen is a co-founder of Ground Labs, leading a global team empowering its customers to discover, identify and secure sensitive data across their organizations. As the company’s Chief Evangelist, he leads its worldwide product development, sales and marketing and business operations and was instrumental in extending Ground Labs’ presence with enterprise customers.... Stephen has deep security domain expertise with a focus on electronic payments and data security compliance. He is a frequent speaker at industry events on topics related to data security, risk mitigation and cybersecurity trends and futures. more
Geoff Forsyth, CISO, PCI Pal
Geoff is responsible for the overall information security and regulatory compliance of PCI Pal’s global services, including legal compliance, IT systems risk analysis, incident response planning and business continuity management. As a Fellow of the British Computer Society, Geoff has spent over 28 years working with internet and telecommunications services.
Keith Harper, Pre-Sales Engineer, Sycurio
Keith is part of Sycurio’s Global Pre-Sales team, providing pre-sales consultancy and technical advice to both partners and customers throughout the sales process; advising contact centres on how to take their card payment environment out of scope for PCI DSS regulations. A contact centre technology veteran, Keith has over 18 years in the industry, having worked... at 8x8, GCI-Nasstar and Outsourcery. He has specialist expertise in CCaaS, UCaaS, Advanced IVR applications and PCI DSS solutions. Keith is a Microsoft Technical Solution Professional and has a number of BT platform accreditations. more
Parminder Lall, CEO and Founder, 1 Cyber Valley
Parminder Lall is CEO and Founder of 1 Cyber Valley. Having worked on PCI projects from the very first days of the standard’s existence, for British Airways, Parminder knows a thing of or two about the subject matter. Once time had passed and more experiences were gained in other industries, he joined the dark side in 2013 and became a PCI QSA. Not... content with just being a QSA, he decided to throw his own hat in the ring and start a QSA company himself in 2020. Welcome 1 Cyber Valley! Initiative, intuition and drive are only three of the many characteristics Parminder beholds that make 1 Cyber Valley as attractive as it is today. Starting up as a self-funded QSA company, to employing a dedicated team of consultants, 1 Cyber Valley has become a company that partners 150+ clients across the globe more
Peter O’Sullivan, Security Consultant, Blackfoot CyberSecurity
In his career, Peter has spent time in most areas of IT including network support, network management, installation management, and IT training before settling into information security from 2010. Being a QSA since 2015 he’s worked extensively with both global service providers and merchants alike and implemented numerous ISO27001 certified management systems. Peter... is a Principal Consultant, QSA and 3DS-QSA at Blackfoot Cybersecurity and has previously sat on the PCI Security Standards Council Global Executive Assessor Roundtable where he actively contributed to the content of PCI DSS v.4. Peter presented at the most recent PCI Security Standards Council European Community Forum in Dublin. more
Alex Gardner, Senior Product Marketing Manager, HUMAN
Alex Gardner is a Senior Product Marketing Manager at HUMAN focusing on fraud and security solutions. With over 8 years experience in cybersecurity, Alex previously worked in the endpoint security, EDR and XDR spaces.
Richard Fridge, Enterprise Sales, HUMAN
Richard Fridge brings over a decade of cybersecurity sales expertise, specialising in cyber and anti-fraud solutions. Throughout his 13-year career, he has established a strong track record in understanding the diverse challenges faced by businesses in various industries. Richard excels in providing tailored solutions to strengthen their defences against digital threats,... with a distinct focus on application security and bot management strategies. more
James Cullen, Principal Security Consultant, Lead QSA, SureCloud
James, was a former Internal Security Assessor (ISA) for a large multi-sector company for approximately 9 years and moved over to the external consulting and QSA side a little over 15 months ago and is now Lead QSA, leading the PCI practice at SureCloud.
Martin Petrov, CTO - PCI, Integrity360
Martin is a senior executive with more than 20 years of technical, consulting and leadership experience, with a proven track record of establishing and developing high performance Professional Services teams.
Martin is a widely respected information security professional having successfully assisted financial institutions, retailers and service providers... achieve and maintain continuous compliance by embedding information security within the very fabric of their organisation’s culture while ensuring that their method of operation is verifiably secure. Martin has a pragmatic approach to distilling complex problems into easy to execute tasks coupled with the ability to communicate clearly with both business and technical stakeholders.
Martin has been at the forefront of the Payment Card Industry starting with PCI DSS version 1.0 back in 2005, helping organisations build cyber security resilience, providing vendor agnostic consulting services adopting best-practices in the areas of compliance, data protection and information security.
Martin established and leads the PCI DSS practice at Integrity360 - Europe’s premier and most preferred Qualified Security Assessor (QSA).
more