Brandy Cumberland

Director of Program Quality, PCI Security Standards Council

As Director of Program Quality, Ms. Cumberland is responsible for the supervision of quality across the PCI SSC’s Programs Portfolio and will work to calibrate quality across the organization. Ms. Cumberland joined the Council in 2011, most recently serving as Director, Program Operations. She previously served as Director, Assessor Quality Management (AQM) Programs, where she led the administration and ongoing operations of the quality management approach for PCI SSC’s Programs, including the Qualified Security Assessor (QSA) Program.

Prior to her work with the AQM team, Ms. Cumberland has held positions in quality assurance in the payment security industry, public education, management, and retail banking.

Ms. Cumberland is a graduate of the University of Houston and is a PCI Professional (PCIP), an American Society of Quality (ASQ) Certified Quality Improvement Associate (CQIA), and an ISC2 CISSP.

Brandy Cumberland's Events

Preventing Data Breaches: Insights From Real PFI Cases – A Panel Discussion

Date: Wednesday, September 14

Track Two

Moderated by: Brandy Cumberland, Director of Program Quality, PCI Security Standards Council

Panelists: Kevin Bong, Cybersecurity Director, Sikich LLP; Chris Hague, Divisional Head – Technical Services (DFIR, TIG, SOC), Foregenix, Inc. and Héctor Guillermo Martínez, President, GM Sectec

Join this engaging conversation to learn how to avoid breaches based on the panelists’ experiences. PCI SSC will share overall trends in PCI Forensic Investigators (PFI) cases including how failures to meet specific PCI DSS requirements have contributed to breaches, with PFIs sharing insights into deficiencies they’ve seen exploited and advice on how to avoid similar pitfalls.

Seismic Change or a Mere Ripple: Changes to Reporting for PCI DSS v4.0

Date: Thursday, September 15

Presented by: Brandy Cumberland, Director of Program Quality, PCI Security Standards Council and Kandyce Young, Manager, Data Security Standards, PCI Security Standards Council

This session will help you understand changes made to reporting documentation to reflect PCI DSS v4.0 updates and how those changes support security as a continuous process. In this session, PCI SSC will discuss updates to the SAQs, ROCs, and AOCs.

Understanding the New Customized Approach: Separating Fact From Fiction - A Panel Discussion

Date: Thursday, September 15

Moderated by: Lauren Holloway, Director, Data Security Standards, PCI Security Standards Council

Panelists: Marc Bayerkohler, Standards Trainer, PCI Security Standards Council; Brandy Cumberland, Director of Program Quality, PCI Security Standards Council and Tom White, Senior Manager, Content Development, PCI Security Standards Council

Change can be hard, but it doesn't have to be. Understanding the intent behind changes to PCI DSS v4 is key, and in this session, members across PCI SSC will do some myth-busting and clarify aspects of the new Customized Approach in PCI DSS v4.0 to help you understand whether it is right for your organization.