Speakers
Úna Dillon, Regional Director Europe, PCI Security Standards Council
Úna Dillon is Regional Director Europe for the PCI Security Standards Council. She is 30 years in the payments industry and has held various roles including payments advisor to Financial Regulators, policy makers, standards bodies, and card schemes, influencing change globally. Advisor on the European Commission Payments Systems Market Expert Group, was on the Board... of EMVCo and she was Chair of the European Payments Council Card Fraud Prevention Expert Group for several years.more
Simon Turner, Head of Security Governance and Compliance, BT Group
A highly experienced technology and telco leader Simon brings three decades of industry experience to the forefront having worked in numerous highly regulated roles. Working with BT’s most complex customers Simon's background gives him valuable insights and practical experiences to support cybersecurity, compliance risk management, and governance decisions.
Jo Vane, Director - Information Security, Checkout.com
Jo Vane is the Director of Information Security at Checkout.com, known for her ability to simplify complex security matters. As a former police officer turned cybersecurity enthusiast, Jo is on a mission to continue to elevate Checkout.com's PCI programs both internally and externally.
With nearly fifteen years of leadership experience, Jo has a solid track record... of leading teams through transformative journeys. Her expertise spans a wide range of security standards and regulations, making her the go-to person for security and compliance discussions.
Jo has a unique talent for bridging the gap between tech and people. She's a strong communicator who can translate complex compliance topics into plain language that everyone can understand.
Her role at Checkout.com is pivotal in maturing the PCI program, particularly for DSS and 3DS. She's passionate about upholding the highest security standards for payment processing and is dedicated to making the digital world safer for everyonemore
Michelle Griffey, GRC Director, Paragon
Michelle is an experienced leader with 30 years’ experience across a wide range of disciplines including Risk and Governance, Lean Sigma, Project and Relationship Management. She places strong emphasis on doing what is right for the end customer, creating trust and so enabling business growth and resilience through a pragmatic approach to risk... mitigation. Starting her career in branch banking Michelle's experience includes EWRM, incident management, relationship & supplier management, regulated and non-regulated sales, people coaching and development, banking product and policy governance, implementing process improvement through the use of Six Sigma & LEAN methodologies, project management and business process development & governance. Michelle joined Communisis in 2016 to build a risk function for the Customer Experience division focussed on supporting clients within strongly regulated markets. She has subsequently moved to the role of CRO for Communisis group bringing together a number of specialist areas to create a team focussing on Business Resilience. more
Adaora Ezennia, GRC Lead, THG PLC
...Adaora Ezennia is the GRC Lead at THG PLC, a global e-commerce group operating through two leading consumer businesses: THG Beauty and THG Nutrition. A specialist in cybersecurity governance, compliance, and risk management with a Master’s in Cloud and Network Security and ISO 27001:2022 ISMS certification. Passionate about AI governance and privacy risk management.more
Katie Cowman, Senior PCI Assurance Manager, Barclaycard
Katie is the Senior PCI Assurance Manager at Barclaycard Payments where she leads the PCI Technical Standards compliance programme across the Payments business. Katie also provides SME consultancy in relation to Payments Security to the wider bank and consults on new products and initiatives ensuring that Payment Security requirements are built in by design. With... a complex career journey from fashion and teaching via cyber security to PCI compliance, Katie uses all her skills to help bring Payment Security to life for her colleagues and clients.’more
Muhammad Emal Khan, Senior Information Security Consultant, Lidl
Muhammad Emal Khan is a Senior Information Security Consultant at Lidl with over 16 years of experience in Governance, Risk, and Compliance (GRC), Information Security, Systems Auditing, and Process Improvement. He has a proven track record of developing and implementing robust security programs that align with organizational strategy and strengthen cyber resilience.... Throughout his career, Muhammad has led the successful implementation of PCI-DSS, ISO 27001, ISO 27701, and SOC 2 across multiple industries, including financial services and service providers, collaborating with teams across 5 continents and 14 countries. He also spearheaded the "Human Firewall" security awareness and training initiative, fostering a strong culture of security within organisations. Passionate about advancing IT governance policies and driving innovation in security programs, Muhammad focuses on reducing exposure, increasing awareness, and building resilient governance frameworks that enhance organisational defences.
more
Carol Lloyd, PCI Compliance Consultant, Stonegate Group
Carol is a highly experienced compliance professional having spent over 30 years in regulated environments and specialising in PCI DSS since 2012. She has successfully guided Stonegate Group through numerous PCI DSS assessments, transforming complex regulatory requirements into streamlined, business-as-usual processes. Carol’s approach minimises operational disruption... while ensuring robust protection of customer data. Her success is built on fostering strong relationships with internal teams, QSA partners, and acquirers, enabling smooth assessments and ongoing compliance. Dedicated, knowledgeable, and pragmatic, Carol ensures that Stonegate not only meets, but maintains the highest standards of PCI DSS compliance.more
Ronak Topiwala, Global Information Security GRC Lead, Checkout.com
Ronak has spent more than a decade traversing the evolving terrain of technology risk and information security, turning complex governance puzzles into clear, actionable frameworks. Now the Global Information Security GRC Lead at Checkout.com, he guides security strategy across a fast-moving global fintech landscape after several years shaping its GRC foundations.... His earlier chapter at EY—spanning New Zealand and the US—saw him manage technology risk engagements and lead external audit work across varied sectors. With strengths in enterprise risk management, ISMS design, and a wide constellation of security disciplines, Ronak helps organisations stay secure, resilient, and confidently aligned with the future.more
James Richardson, Information Security Officer, Specsavers
James has over a decade of experience in information security across multiple sectors, supporting both national and international organisations. As a certified CISM and CRISC practitioner, he currently leads on info sec GRC initiatives for Specsavers digital and marketing functional teams, whilst also driving global PCI DSS compliance across the Group.
Parminder Lall, CEO and Founder, 1 Cyber Valley
Parminder Lall is CEO and Founder of 1 Cyber Valley. Having worked on PCI projects from the very first days of the standard’s existence, for British Airways, Parminder knows a thing of or two about the subject matter. Once time had passed and more experiences were gained in other industries, he joined the dark side in 2013 and became a PCI QSA. Not... content with just being a QSA, he decided to throw his own hat in the ring and start a QSA company himself in 2020. Welcome 1 Cyber Valley! Initiative, intuition and drive are only three of the many characteristics Parminder beholds that make 1 Cyber Valley as attractive as it is today. Starting up as a self-funded QSA company, to employing a dedicated team of consultants, 1 Cyber Valley has become a company that partners 150+ clients across the globe more
Daniel Bond, Account Executive, Payments & Fraud - EMEA, Human Security
Daniel Bond leads HUMAN Security’s enterprise partnerships across the UK and EMEA, helping some of the world’s largest digital brands protect their customer experiences from client-side threats, data leakage, and payment page attacks.With a focus on PCI compliance and web security, Daniel works closely with organisations across industries to strengthen their defences... against script-based vulnerabilities and supply chain risks. His experience spans the intersection of cybersecurity, digital risk management, and business transformation — helping enterprises safeguard consumer trust while enabling growth in complex digital ecosystems.more
Mohamed Inshaff, Principal Sales Engineer - EMEA, Human Security
Mohamed has over 20 years of experience in customer-facing roles, specialising in cyber security, systems and network engineering. He has worked across various capacities, including solutions architecture and pre-sales, where he has successfully designed and delivered tailored solutions. Mohamed has extensive experience in leading and delivering complex deals, showcasing... his ability to align technical expertise with business outcomes. He is a subject matter expert (SME) in areas such as application security, cloud and data centre technologies, endpoint security (AV/DLP/Encryption), intrusion detection and prevention (IDS/IPS), and virtualisation technologies.more
Gareth Bowker, PCI Technical Advisor, Jscrambler
Gareth Bowker is a PCI Technical Advisor at Jscrambler, where he provides help and guidance to customers, prospects, and Jscrambler itself around PCI DSS, as well as being a regular contributor on webinars with Jscrambler and its partners. He has worked in the payments industry for over 20 years, having been a QSA, PA-QSA, and Card Production assessor. He also spent... over 12 years at the PCI Council as a Standards Trainer, Director of Training, and Director of Technology, Infrastructure and Privacy. In that last role, he was responsible for the PCI Council's own PCI DSS compliance.more
Kris Olejniczak, CEO, Patronusec
Kris Olejniczak is the CEO and Founder of Patronusec, a global cybersecurity and compliance firm helping organisations achieve and maintain PCI compliance while building resilient security programmes. As a PCI QSA, P2PE QSA, SSF QSA and QPA, he has spent more than a decade working with PCI DSS in various roles, from operating and securing cardholder data environments... to leading complex certification projects across Europe.Kris is an active contributor to the PCI and cybersecurity community, speaking at industry events and sharing practical guidance on topics such as PCI DSS scoping, reducing audit friction, and translating regulatory language into concrete, executable tasks for IT and business teams. He works closely with executive leadership, CISOs and payment stakeholders to align security, compliance, and commercial priorities so that PCI becomes a driver of trust and growth rather than just a cost of doing business.more
Simon Arazi, VP of Product, Reflectiz
Head of Products and Data Scientist. Experience in working with large companies, international environments (North America, Europe and APAC) and a variety of industries (Automotive, Mobility Staffing, Manufacturing, Medical Equipment, Telco’s, Utilities, Transportation, Manufacturing and more). Leading innovation and creativity in the company.
John Bartholomew, Senior VP, Strategic Relationships, SecurityMetrics
Since SecurityMetrics inception, John Bartholomew has worked with the world’s largest acquirers helping keep their merchants secure and compliant while accomplishing the acquirers’ business objectives. Starting as a COBOL programer with a degree from Brigham Young University, John Bartholomew has over 35 years' experience in the high tech field. Specialisations... include cyber security technology solutions for payments, healthcare, manufacturing and entertainment. His greatest work satisfaction comes from helping clients understand and enjoy the benefits of new or advanced technologies.more
Tim Ayling, VP EMEA Cyber Security Specialists, Thales
Tim Ayling currently serves as the VP EMEA Cyber Security Specialists at Thales. With over 25 years’ experience in the cybersecurity industry, Tim began his career in System Engineering. He began his leadership career when he established Entrust Inc. in Australia in 2003 and was made Vice-President Asia Pacific in 2006. Tim has held numerous leadership... roles in large cybersecurity vendors, including RSA Security, Imperva, Trend Micro, Kaspersky Labs and now Thales, as well as spending time in the cyber-security practice of KPMG. Tim holds an MSc in Secure E-Commerce and an MBA from the University of Warwick. more