Join us for two days of connecting, discovery, updates from the Council, regional community speakers, merchants, industry experts, and more.

Click here to convert to your local time.

Schedule subject to change – Continue to check back for updates and session details

 

Registration Now Closed
  • Wednesday, 15 November
  • Thursday, 16 November

Wednesday, 15 November

09:00 - 17:00

Registration Open

Sponsored by
09:00 - 09:20

Community Meeting Kick-off

Presented by: Lance J. Johnson, Executive Director, PCI Security Standards Council

09:20 - 09:50

Asia-Pacific Regional Update

Presented by: Yew Kuann Cheng, Regional VP, Asia Pacific, PCI Security Standards Council

09:50 - 10:20

PCI SSC - Where We Are Going & How We Are Getting There?

Presented by: Andrew Jamieson, VP, Solutions, PCI Security Standards Council and Emma Sutcliffe, SVP, Standards, PCI Security Standards Council

PCI SSC is more than Mobile and DSS. Join this session to see what direction the Council is going in all the areas of the ecosystem that the standards are involved in.
10:20 - 10:50

Networking Break and Vendor Showcase

10:50 - 11:20

Evidence-based Scoping for the Zettabyte Era

Presented by: Stephen Cavey, Co-Founder, Ground Labs

Through real-world examples, we’ll explain how organizations can evolve their data management practices in a landscape of exponential data growth and increasingly complex technology environments. We’ll discuss the benefits of adopting an evidence-based approach in a continuous process of data identification, verification and remediation that supports not only the enhanced scoping demands of PCI DSS v4.0, but also forms the foundation for compliance with other privacy and security obligations.
11:20 - 11:50

E-commerce Threat Trends and PCI DSS v4.0

Presented by: Sylvia Choa, Principal Consultant, Foregenix and Raymond Simpson, M.D. APAC, Foregenix

Ray will start the presentation with sharing e-commerce threat and breach trends that we have been monitoring for close to a decade. We will focus on a case study and investigate what the core challenges and issues are that have been identified. With this backdrop, Sylvia will tie in PCI DSS v4.0 and how this new version will more effectively address the risks that we see in the e-commerce space. She will cover specific requirements in PCI DSS v4.0 that will effectively help address the pain-points that often lead to breaches.
11:50 - 12:20

Tips to Successfully Work Through Your PCI DSS v4.0 Transition - A Panel Discussion

Moderated by: Emma Sutcliffe, SVP, Standards, PCI Security Standards Council

Panelists: Gilbert Chu Kim Foong, Chief Operating Officer, LGMS; David Owoeye, Afterpay Governance Risk & Compliance Lead, Block, Inc. and Rishi Rajpal, Vice President, Global Security Concentrix

12:20 - 13:20

Networking Lunch and Vendor Showcase

13:20 - 13:50

Five Perspectives to Help You Understand the New PCI DSS v4.0 Requirements

Presented by: Toshiro Yanagihara, Product & Promotion Manager (P2PE/3DS), BSI Group Japan K.K.

PCI DSS v4.0 was published in March 2022, and at 360 pages, it has numerous additional requirements, leaving many people struggling to know what they need to do to comply. Therefore, we focused on the 64 new requirements that most clearly showed the characteristics of PCI DSS v4.0, proposed five perspectives to help you understand the new requirements, and have explained them to our customers. The five perspectives consist of “Flexibility,” “Improved Security Maturity,” “Protection of Account Data,” “Response to External Threats/Risks,” and “Response to Internal Risks and Environmental Changes.” Through understanding the five perspectives, it will be possible to understand the characteristics of PCI DSS v4.0 more easily and clearly. The presentation aims to help small businesses build a strong security foundation while prioritizing growing the business.
13:50 - 14:50

PCI DSS v4.0 Update

Presented by: Lauren Holloway, Director, Data Security Standards, PCI Security Standards Council; Emma Sutcliffe, SVP, Standards, PCI Security Standards Council and Tom White, Senior Manager, Content Development, PCI Security Standards Council

14:50 - 15:20

Networking Break and Vendor Showcase

15:20 - 15:40

What is New for the PCI DSS v4.0 SAQs

Presented by: Lauren Holloway, Director, Data Security Standards, PCI Security Standards Council

15:40 - 16:20

PCI SSC Mobile Security and Solutions Standards Update

Presented by: Andrew Jamieson, VP, Solutions, PCI Security Standards Council

16:20 - 16:50

Our “Key” Experience in PIN Security / P2PE / FIPS 140-3

Presented by: Di Li, Principal Consultant, atsec (Beijing) information security Co., Ltd

Regarding key generation, the paper discusses the generation requirements and methods defined in each of the three standards, compares the differences, and provides a rationale for why each standard requires a different approach.​ The section on key distribution and key establishment explores the different methods of securely transferring a key from one party to another. The paper defines each of these methods and provides common scenarios where they apply.​ The paper also provides several methods for key destruction, such as physical destruction, and logical cryptographic zeroization.
17:00 - 18:30

Networking Social and Vendor Showcase

Join us in the vendor showcase for live music, drinks and networking. Don’t miss out on a fun photo opportunity sponsored by SISA.

Thursday, 16 November

09:00 - 12:00

Registration Open

Sponsored by
09:00 - 09:15

Welcome Remarks

Presented by: Yew Kuann Cheng, Regional VP, Asia Pacific, PCI Security Standards Council

09:15 - 09:35

Compliance is a Program, Not a Project

Presented by: Brian Odian, Director - APAC Managed Compliance Services, VikingCloud

The Sydney Harbour Bridge has around 485,000 square metres of steelwork which needs to be repainted every 5 years to protect it from corrosion. The road surface on the bridge has to be replaced around every 10 years and even the flags on top of the bridge are changed every 4-6 months. Just as you finish one task another one begins, or you have to restart what you just finished. If the maintenance program isn’t managed the results could be catastrophic. Likewise, if we treat compliance programs as individual projects, or one-off tasks, and don’t maintain them, corrosion of our overall security and compliance posture could easily occur. So, what we will consider as part of this presentation is:
  • Why compliance should be viewed as a program.
  • World view on regulatory compliance.
  • Synergies between compliance programs.
  • Developing a mature compliance program.
  • Impediments to success.
09:35 - 10:20

Keynote - Scaling New Heights

Presented by: Khoo Swee Chiow, Adventurer, Inspirational Speaker, Author, Photographer and Adventure Consultant

10:20 - 10:50

Networking Break - Perak Room

VIP Meet and Greet Add On Experience Featuring Keynote: Khoo Swee Chiow, Adventurer, Inspirational Speaker, Author, Photographer and Adventure Consultant Invited guests are welcomed to attend this intimate Meet and Greet Reception. This is a great opportunity to engage with our keynote and ask them any lingering questions.
10:50 - 11:20

Evolution of Payment Landscape in Asia and Its Implications Globally

Presented by: Dharshan Shanthamurthy, Founder & CEO, SISA

The rapid evolution of technology and consumer behavior has given rise to innovations in the Asian payments industry. Fintech startups are disrupting the traditional banking landscape in Asia, providing innovative solutions for payments, lending, and financial management. As this landscape expands to include cross-border payments, it is expected to raise questions about security, privacy, and regulatory oversight. This session will discuss this rapidly transforming landscape including a focus on regulations, emerging cybersecurity threats, and best practices that are critical to securing payments.
11:20 - 11:40

Understanding Your Role in a Breach Scenario

Presented by: Tracey Long, VP, Programs, PCI Security Standards Council

Ever wondered what happens when account data is breached? Join us to hear about the latest trends around the world in reported account data breaches, and hear insight about the roles and processes that take place when a breach occurs.
11:40 - 12:00

PCI Security Program Design - Bridging Theory and Practice

Presented by: Ciske van Oosten, Head of Global Business Intelligence, MCI Communications, Inc. dba Verizon Business Services

Presenting insights on best practice methods to design, manage and improve a best-in-class PCI Security program. This is based on twenty years of practical experience on the design and implementation of PCI Security programs. The session includes critically important insights - needed to also meet PCI DSS v4.0 requirements, such as: a.) How to establish a sensible program goal b.) How to identify the most important constraints, limiting program performance and improvement c.) How to overcome constraints d.) Avoiding common project management pitfalls associated with PCI Security programs.
12:00 - 12:20

Challenges, Culture and Compliance in Middle East Assessments - Take the Three C’s and Turn It Into an A+ Assessment Practices

Presented by: MHD Othman Al-Akkad, Vice President of Technology, Al Ejabi Auditing, Reviewing & Testing Cyber Risks Co. (Ejabi InfoSec) and Towfek Zouheir, CEO, Al Ejabi Auditing, Reviewing & Testing Cyber Risks Co. (Ejabi InfoSec)

Assessments find shortcomings in their people, process, and technology. Challenges arise from start, compound it with the culture in the Middle East of safeguarding info and multiply all of these with their own internal and central bank compliances. You have your hand full. Take these three C’s (Challenges, Culture & Compliance) and convert to an A+ Assessment practice, the real-life case study presented will give you the direction to build operational efficiencies and manage the PCI DSS audit.
12:20 - 12:50

Making the Payments Industry Stronger – A Panel Discussion

Moderated by: Mark Meissner, SVP, Education & Engagement, PCI Security Standards Council

Panelists: Prabin Acharya, Chief Operating Officer, Nepal Electronic Payment Systems Ltd.; Nitin Bhatnagar, Regional Director, India, PCI Security Standards Council; Ali Elhamamy, ACMA, CGMA, Head of Group Financial Governance, Emirates Group; Nicholas Lim, Chief Technology Officer, Soft Space and Yosuke Seta, CEO, fj consulting, INC.

12:50 - 12:55

Closing Remarks

Presented by: Yew Kuann Cheng, Regional VP, Asia Pacific, PCI Security Standards Council