Jeremy King, VP, Regional Head for Europe, PCI Security Standards Council
Mr. King leads the Council’s efforts in increasing adoption and awareness of the PCI Security Standards internationally. In this role, Mr. King works closely with the Council and representatives of its policy-setting executive committee from American Express, Discover, JCB International, Mastercard and Visa, Inc. His chief responsibilities include gathering feedback... from the merchant and vendor community, coordinating research and analysis of PCI SSC-managed standards through all international markets, and driving education efforts and Council membership recruitment through active involvement in local and regional events, industry conferences and meetings with key stakeholders. He also serves as a resource for Approved Scanning Vendors (ASVs), Qualified Security Assessors (QSAs), Internal Security Assessors (ISAs), PCI Forensic Investigators (PFIs), and related staff in supporting regional training, certification and testing programs.
John Elliott, Former Director, Industry Standards, Mastercard
John Elliott specialises in how payment security standards and data protection regulations interact with real-world cyber security. He’s helped large companies in the financial and airline sectors with complex PCI DSS and GDPR programs. John has represented both Visa Europe and Mastercard on the PCI Security Standards Council, and contributed to many of the PCI... standards including PCI DSS v4. In his spare time, he authors video training courses for Pluralsight on a variety of cyber security topics
Dr Sam De Silva, Partner (solicitor), CMS Cameron McKenna Nabarro Olswang LLP (CMS)
Dr Sam De Silva is a Partner in the Technology and Outsourcing practice at the leading international law firm, CMS. Sam specialises in complex and strategic IT and telecommunication projects and regularly advises on data protection, privacy and cyber-security issues, including PCI DSS issues. Sam is an expert in risk management and was the Co-convenor on an ISO Working... Group which led the development of the first ISO Standard on the Management of Legal Risk (ISO 31022) and in late 2019 won a prestigious BSI Standards Makers Award in the category of “Representing the UK” for his work on this ISO Standard. In 2020 at the 11th annual CIR Risk Management Awards Sam was winner of the Risk Management Champion Award and at the Global Sourcing Association UK Awards for Best Practice in Strategic Sourcing 2020/21 he was recognised by being named winner of the ‘Social Programme of the Year’ category. Sam was the winner of the Governance Champion of the Year at The Chartered Governance Institute Awards 2021. Sam is recognised as a leading individual in the most recent edition of the Legal 500 and Chambers & Partners directories and is named in the Who’s Who of Information Technology 2022, Who’s Who of Data Privacy and Protection 2022, and the Who’s Who of Data Security 2022 as both a Global Leader and Thought Leader in those areas of law. Sam was also the exclusive award recipient of Lexology’s esteemed Client Choice Awards 2021 for Data Privacy & Protection in the United Kingdom. As well as being a qualified English law solicitor, Dr De Silva is also a Barrister and Solicitor of the High Court of New Zealand and a Solicitor of the Supreme Court of New South Wales, Australia.
David L. Dann, ISA, PCI Project Lead, Under Armour
David L. Dann has been working on PCI Compliance for clients since 2010. Those include the U.S. Postal Service. He managed the project to achieve first time compliance for the Government of the District of Columbia. He is presently Under Armour’s ISA and PCI Project Lead. David in his spare time works as a volunteer tour guide at the Smithsonian’s National Museum... of American History in Washington, D.C.
Candice Pressinger, Director of Customer Data Security, Elavon
Candice Pressinger is Director of Customer Data Security at Elavon Merchant Services, one of the world’s largest payments companies. Candice leads Elavon’s data security products, services and consulting solutions helping protect businesses from payments fraud, data breaches and other security threats. Most recently, she launched a Transaction Risk Analysis... service to help merchants process payments without friction and maintain low rates of fraud, in line with the Second Payments Services Directive (PSD2). She works closely with some of Europe’s largest retailers including: Inditex, Primark and BP. Prior to Elavon, Candice spent over a decade at British Telecom, serving as Head of Group PCI-DSS Compliance, and leading a team of 100 professionals to implement PCI Data Security globally for 27 platforms, 80 third-party suppliers and 80m transactions per year. As a recognised industry awards winner, Candice balances the world of payments and data security with being a mum of three and likes cycling, travelling and theatre.
Gil Fenney, IT Risk Assurance Manager, Bupa
Gil has had a long career in IT working across financial, retail and services sectors, initially in technical roles but with the last 17 or so years specialising in Information Security. She has worked as a consultant running compliance programmes such as SOx, ISO 27001 and PCIDSS for various companies during this period. She now works in a 2nd Line role as IT... Risk Assurance Manager, but continues to provide SME consultancy to PCIDSS programmes and is looking forward to helping implement the new version of the standard.
Matthew Kay, Deputy DPO, Metro Bank
Matthew holds a Masters in Information Rights Law and Practice, CIPP/E, CIPM and the BCS certificate in Data Protection. He is also an IAPP Fellow of Information Privacy. He currently leads the Advisory and Records Management functions for Metro Bank providing strategic leadership to a team of data protection and records management professionals ensuring the bank... complies with GDPR and other associated legislation. Prior to working in financial services he has worked as a Data Protection Officer for large scale organisations across numerous sectors such as media, technology, construction, health and safety and local government. In these roles he has provided expert guidance across 96 jurisdictions, driving robust compliance by implementing strong controls to reduce privacy risk. Before his time as an in house Data Protection Officer he worked in the audit department at the Information Commissioner's Office (ICO) helping organisations improve their data protection, privacy and information security(assessing to ISO27001 standard) practices to reduce risk. He provided expert advice to local government, criminal justice and health organisations through on-site audits which were followed up with listed recommendations. Matthew also worked as part of a network of trainers delivering internal training to all levels within ICO. In addition to his core work in Financial Services he is also a board member of the Data Protection Network and a regular speaker at numerous external events on Data Protection and Privacy to help assist other organisations with compliance and share best practice, part of this work saw him listed in the DPO 200.
Scott Storey, Security Architect, DLA Piper
Scott is a passionate senior security professional with a focus on application security, socio-technical security, and
shifting security left with 20 years' experience within computing. He has held various senior roles in information security with overall responsibility for technical and risk management throughout the business. In these roles, Scott has taken... the lead on the secure design of transformation projects in customer-facing services and back-office systems. He has a varied background which has involved being "on the front line" as an engineer and being part of
senior management setting strategic direction. This puts him in a position to be able to influence at all levels
and allows him to have a unique level of understanding and empathy with stakeholders throughout an
John Greenwood, Director Thought Leadership, Compliance3
John Greenwood is an innovative, award-winning contact centre specialist recognised for his thought leadership and his ground-breaking work with the PCI Security Standards Council and payments ecosystem in drafting the current PCI SSC Information Supplement Protecting telephone-based payment card data. He is evangelistic about helping organisations achieve the right... balance between CX, risk and cost. After 3 years full time as part of the British Sailing Team campaigning for the LA Olympics, John started his business career in manufacturing technology. The business sold food moulds to enable parents to make party food in character shapes like My Little Pony, Thomas the Tank, Postman Pat and many more, selling into large retail chains as well as selling direct to consumer via party plan. After selling the business in 1981 and taking a 3 year sabbatical to re-join the sailing team for the Barcelona Games, John joined The Decisions Group, a leading UK telemarketing business. Here John led change projects launching ‘customer not present’ contact strategies for leading brands across the Financial Services, Technology, Travel and Retail sectors. After supporting the launch of ‘home shopping’ for a market leading UK supermarket business and pan European e-commerce delivery for a leading gaming platform, John co-founded of one of the world’s first ‘chat’ based customer contact centres delivering sales, service and fulfilment operations for e-commerce customers of the UK’s leading telecoms provider. Following the sale of that business and spending some time working with UK Gov’ as part of the industry led team that supported the launch of e-Skills, the UK’s first sector skills council, John spent time consulting in the emerging ecommerce and home shopping sector. In 2012 John led the team that helped Shop Direct become the worlds first merchant to have ‘no cardholder data environment’ within their global contact centre estate, but still have compliant access to their 150 million legacy call recording file. Since then, John has supported over 50 PCI scope reduction projects across the public and private sectors as well as a 6 month assignment with a large U.N charity. He is currently working with 12 UK Councils and a number of large to midsized consumer brands supporting their PCI DSS compliance programmes and technology selection.
Debbie Evans, Group Data Protection Officer, Rentokil Initial
Debbie started her data protection and privacy career over 20 plus years ago, practicing as a barrister then moving into data protection/security consultancy. She has worked with a range of industries and sectors - public sector, banking, retail, insurance, medical, health, technology and environmental services. Companies she has worked for include Siemens, Fujitsu,... Accenture, Virgin Media and Accenture. As the Group Global Privacy Officer for a company rolling out privacy compliance to over 80 countries: management of local legal differences, technical solution reviews, organisation engagement and implementation has its challenges. However her extracurricular pursuits, which include playing for a premier league ice hockey team can be scarier at times!
Matthew Huxtable, CTO, Ziglu
Matt runs the technology team at Ziglu, an e-money institution situated in the UK, with a 20 strong tech team and growing further this year. A lifelong technologist, his background and passions are at the intersection of systems engineering, Site Reliability Engineering and understanding the non-technical human and psychological factors that contribute to the safety,... security and availability of the ever more complex technology platforms that underpin all our everyday interactions.
Peter O’Sullivan, Principal Security Consultant, Nettitude
With a career in IT starting at the age of 20, Peter has spent time in most areas of IT including network support, network management, installation management, and IT training before settling into cybersecurity and information security from 2010. As the information security manager for one of only five fraud prevention agencies in the United Kingdom, Peter would regularly... be engaged with Tier 1 and Tier 2 banks, large insurance companies and the UK Cabinet Office. Having implemented ISO27001 and delivered PCI DSS consultancy and assessment services to a range of tier 1 service providers, Peter brings a wealth of experience of implementing security controls and assurance activities into an organisation to add value and meaning. Peter is a PCI DSS QSA and 3DS Assessor, as well as holding both ISO27001 & 9001 Lead Auditor certification and CISSP.
James Rees CISM, QSA, Managing Director, Razorthorn Security
James is the MD and principle Security Consultant of Razorthorn and has worked in information security for over twenty years, delivering quality advice to some of the largest and most influential organisations in the world, including many in the Fortune 500. James has a long history of helping customers of all sizes and is an expert at ensuring that both the business... and information technology work in unison to create a solid security infrastructure that effectively protects the business. James is a published journalist and gives regular commentary contributor in the field of information security, when not engaged with clients James develops his business, writes articles for several leading publications and has a keen interest in Psychology and Warfare. In addition to his work at Razorthorn, James has fulfilled the CISO role in several organisations as well as serving as both advisor and executive board member
Raghu Nandakumara, Head of Industry Solutions, Illumio
Raghu Nandakumara is the Head of Industry Solutions at Illumio, where he leads the strategy and execution for Illumio’s solutions catering to key vertical industries. Prior to that he was Field CTO for EMEA / APAC and was responsible for helping customers and prospects through their segmentation journeys. Previously, Raghu spent 15 years at Citibank, where... he held a number of network security operations and engineering roles. Most recently, he served as a Senior Vice President, where he was responsible for defining strategy, engineering, and delivery of solutions to secure Citi’s private, public, and hybrid cloud environments. Raghu holds an undergraduate degree in mathematics and computer science from the University of Cambridge, and a master’s degree in advanced computing from Imperial College London.
Adam Brady, Director Systems Engineering EMEA, Illumio
Adam is Director of Systems Engineering for EMEA at Illumio. He is an experienced cybersecurity professional with over a decade of on-the-ground exposure to CERT work, emergency response, systems engineering, and security consultancy, working with some of the largest organisations within EMEA. His focus has included combating industry-targeted malware in the ICS/SCADA... space, and Pre-sales consultancy in multiple areas of cyber-security.
Christina Stevenson, Director of GRC, CyberCX
Christina is Director of GRC at CyberCX and is responsible for leading a team of consultants to work with clients to solve their most challenging cyber security problems and to deliver meaningful outcomes. Christina has extensive experience in cyber, Information Security and PCI DSS. She has operated in a wide range of Cyber and Information Security roles... including the embedding and maturing of security strategies, implementation of integrated management systems (BCMS, OHSAS, ISMS & QMS) and continual improvement methodologies. She has supported the digital transformation of major financial institutes, creating empowerment of organisations to meet their goals and objectives with enhanced cyber compliance. Christina is a PCI Qualified Security Assessor (QSA) with unrivalled expertise in helping organisations of all sizes implement, certify and maintain PCI DSS compliance. Christina is passionate about eroding inaccurate industry perceptions and assumptions on cyber culture and recently won ‘Ambassador of the Year’ at the global Women in Governance, Risk and Compliance awards. Christina’s areas of expertise include ISO 27001, ISO 9001, ISO22301 & PCI DSS, Cyber Security Strategy and Cyber Risk, Integrated Management Systems and Internal Audit & Compliance.
Ashley Burton, Head of Product, Eckoh
Ash is an evangelist for world-leading technology solutions as well as a passionate advocate for innovation and digital transformation. He has spent the past 20+ years applying technology to improve customer experience and information security for many organisations. Today, Ash leads and curates Eckoh’s product roadmap... and fosters innovation for Eckoh to apply to improving contact centre performance and effectiveness as well as the agent and customer experience.
Thomas Chappelow, Principal Security Consultant, Surecloud
Tom is a senior information assurance professional specialising in Critical National Infrastructure and financial services with a portfolio that currently includes FTSE 100 companies, CNI, and regulated FinTech. He has previously advised clients across a range of industries, including oil... & gas, defence, government and aerospace. Tom has also provided evidence for a number of high-profile legal cases and inquiries, including for the Parliamentary Joint Committee on the National Security Strategy. In addition to being a member of the Chartered Institute of Information Security, Tom has achieved a number of industry certifications including: CISA, CISM, NCSC Information Assurance Auditor, ISO 27001 Lead Auditor and PCI DSS QSA.
David Toozs-Hobson, Business Development Director, Cyberfort
More information to follow.
Geoff Forsyth, CISO, PCI Pal
Geoff is responsible for the overall information security and regulatory compliance of PCI Pal’s global services, including legal compliance, IT systems risk analysis, incident response planning and business continuity management. As a Fellow of the British Computer Society, Geoff has spent over 26 years working with internet and telecommunications services.
Zac Crofts, Director of Sales & Marketing, Silver Lining Convergence
With 17 years of experience within the IT & Telecoms industry, Zac brings extensive knowledge and new ideas within his role at Silver Lining who have maintained PCI DSS compliance for over a decade at the enterprise level servicing 1,000s of users. Having previously built and expanded a unique technology concept business originating in Australia, to both New... Zealand and the UK, specialising in indirect enablement his ethos reflects that of Silver Linings – Pushing boundaries, innovation, and is implementing new strategies to accelerate a further upwards trajectory. Zac joined Silver Lining in 2021 and within a short timeframe has transformed the direction of Silver Lining, narrowing in on strategy and providing a more systematic way of friction reduced deployment of a range of solutions upon Silver Lining’s home grown True Private Cloud unpinned via intelligently meshed globally proven infrastructure.