Join us for three days of connecting, discovery, updates from the Council, regional community speakers, merchants, industry experts, and more.
Click here to convert to your local time.
Schedule subject to change – Continue to check back for updates and session details
- Tuesday, 8 October
- Wednesday, 9 October
- Thursday, 10 October
Tuesday, 8 October
Registration Open
Workshops
NEW - Join these engaging workshops and take part in moderated peer-to-peer discussions, hear industry best practices, network, and share your experiences. Open to all attendees. Please RSVP to select your topic and reserve your seat for the discussion.Workshop Topic: Assessment Evidence Collection Techniques
Moderated by: John Elliott, FBCS, Principal Consultant, Withoutfire
Workshop Topic: Approaches for Monitoring Third Party Service Providers (TPSPs)
Moderated by: Mahmoud Sultan, Senior Director, Technical Compliance, Toast, Inc.
Lunch on your own
Right next door to the convention center, the Torre Melina Gran Meliá offers a variety of cuisine. Click HERE to plan ahead.Assessor Session
Presented by: John Bloomfield, Manager, Data Security Standards, PCI Security Standards Council; Scott Chambers, Standards Trainer, PCI Security Standards Council and Matt O’Connor, Director, AQM, PCI Security Standards Council
Vendor Showcase Preview
All are welcome to take a sneak peek at the Vendor Showcase! Light refreshments will be served.Tech Talks held in the Vendor Showcase
Presented by: Secured Net, Jscrambler, SecurityMetrics & ReflectizWelcome Reception
Beso Pedralbes and Pool Area - Located just outside the convention center doorsJoin us poolside and enjoy a taste of Barcelona. Step into an evening of food and fun while experiencing some of the city's unique blend of history, culture, and modern charm. Don’t miss this Welcome Reception.
Wednesday, 9 October
Registration Open
Keynote: Shaping the Future of Payment Security - Together
Presented by: Gina Gobeyn, Executive Director, PCI Security Standards Council; Diana Greenhaw, Head of Engagement, PCI Security Standards Council and Deanne Zettler, Head of Product & Technology, PCI Security Standards Council
Emcee Welcome Remarks
Presented by: Alicia Malone, Senior Manager, Public Relations, PCI Security Standards Council
How the PCI SSC Standards Work Together
Presented by: Andrew Jamieson, Vice President, Solutions Standards, PCI Security Standards Council
Your Journey Through the Key New PCI DSS v4.x Requirements - Get Started Now!
Presented by: Kandyce Young, Manager, Data Security Standards, PCI Security Standards Council
Networking Break and Vendor Showcase
Light refreshments served.Tech Talks Held in the Vendor Showcase
Presented by: HUMANTrack One
Setting Moonshot Goals
Presented by: Michael Aminzade, QSA, PCIP, CISSP, C|CISO, CISM, CRISC, CDPSE, ISO LA27001, Vice President, Managed Compliance Services, VikingCloud and Chelsea Lopez, Risk Director, FIS
Track Two
Streamlining Key Management in the Payment Card Industry: An Innovative and Audit-Friendly Approach
Presented by: Kris Olejniczak, QSA, P2PE QSA, SSF QSA, QPA, Managing Director, Patronusec and Rolf Pielage, Senior Manager, Deloitte Netherlands
Track One
Ace Your PCI DSS v4.0 Assessment: QSA Secrets for Success
Presented by: Gary Glover, CISSP, CISA, QSA, VP of Assessments, SecurityMetrics, Inc.
Pulling from SecurityMetrics’ auditors’ experience with v4.0 assessments, you’ll receive insights on the best ways to simplify and understand any new requirements, best practices for future-dated requirements, and how to prepare your team for their PCI v.4.0 obligations.
Track Two
The Hitchhiker’s Guide to the Software Security Galaxy
Panelists: Jake Marcinko, Senior Manager, Solution Standards, PCI Security Standards Council and Bhavna Sondhi, Director, Technical Solutions, Coalfire Systems, Inc.
Track One
Challenges with PCI P2PE Solutions While Building Resilience in the European Payments Landscape
Presented by: Josef Huff, Senior Professional Card Payment, Schwarz IT KG and Marlany Naidoo, ISA, CRISC, CISM, Associate C-CISO, Payment Security Lead, Schwarz IT KG
Track Two
What Are the Implications of Infrastructure as Code and PCI DSS?
Presented by: John Bloomfield, Manager, Data Security Standards, PCI Security Standards Council and Peter O’Sullivan, Principal Information Security Consultant, Blackfoot Cybersecurity
Track One
P2PE Program Enhancements
Presented by: Mike Thompson, Director, Solution Standards, PCI Security Standards Council
We’ve made value-add changes based on what we've heard to enhance the P2PE Program to benefit stakeholders and help contribute to even greater market adoption.
Track Two
Getting Ready for Secure Software Standard Security Assessment - A Vendor And A Penetration Tester Perspective
Presented by: Carlos Marquez, QSA, PFI Core, Senior Information Security Consultant, Foregenix and Flavio Bonfiglio Sorans, Managing Principal and Head of Software Security, Foregenix
Networking Lunch and Vendor Showcase
Tech Talks Held in the Vendor Showcase
Presented by: BOTECH, Titania & InssideTrack One
Concept to Certification - A Journey to PCI Product Listing
Presented by: Zelia Pantani, Product Security Governance, Block, Inc.
Track Two
Migrating to AES (Advanced Encryption Standard) - Learnings and Perspectives from Australia and France
Presented by: Guillaume Dabosville, Security Expert, Cartes Bancaires and Riaz Hussain, Head of Security Standards & Transformation, Australian Payments Network
This is a joint presentation from Australian Payments Network and Cartes Bancaires, exploring the approaches being undertaken, the relevant domestic contexts, and key issues and lessons learnt within these programs.
Within the presentation, suggestions and recommendations as to how PCI SSC and the PCI Community may help and benefit from these programs.
Track One
See Yourself In Cyber: Security Careers Beyond Hacking
Presented by: Ed Adams, Executive, Cyversity and Luke Fletcher, Senior Crisis Consultant, Secura, a Bureau Veritas Company
Track Two
The Future of the Payment HSM - Cryptography as Service
Presented by: Aidan Corcoran, Chief Architect - Payment Cryptography, Verisec International AB
What is it? How does it work? Is it PCI compliant? Does it make sense for my organization?
Join Aidan for about 20 minutes and bring yourself up to date on the latest technical and business developments in this evolving area. Find answers to these and to the many other questions you may have. Learn about the service delivery methods, key management implications and the PCI compliance requirements.
Track One
Security Is a Continuous Process
Presented by: Scott Chambers, Standards Trainer, PCI Security Standards Council
Track Two
PCI DSS v4.0 Cryptographic Activity Monitoring
Presented by: Vui Huang Tea, Engineer, Swedbank
Networking Break and Vendor Showcase
Light refreshments will be served.Tech Talks Held in the Vendor Showcase
Presented by: Total Compliance TrackingTrack One
Tech Exchange: K3DES LLC - Managing Data, Data Centers, and Compliance in Today's Remote World
Presented by: Howard Glavin, CISM, CRISC, CDPSE, QSA, CTGA, Executive Vice President, K3DES LLC
Track Two
Updates in the Lab Management Program
Presented by: Andrew Jamieson, Vice President, Solutions Standards, PCI Security Standards Council
Track One
DORA: How the Next Wave of Requirements Is Hitting the Payment Card Industry
Presented by: Christopher Kristes, Executive Board Member, QSA, usd AG and Christian Schwartz, Head of Security in Finance, usd AG
Track Two
You Dropped a “BOM” on me, baby…
Presented by: Jake Marcinko, Senior Manager, Solution Standards, PCI Security Standards Council
Track One
Tech Exchange: Sycurio - Securing Your Payment Infrastructure and Delivering PCI DSS Compliance in the Age of AI
Presented by: Keith Harper, Pre-Sales Engineer, Sycurio
Track Two
PCI Compliant Device Provisioning in Practice
Presented by: Torben Ellgaard, Sr. Product Manager, Cryptera A/S
- User Management, User Identification and User Roles
- Cost of establishing HSA, CA, HSM’s, etc.
- Practical Key Management - Key Import and Export, back-up, etc.
- Audit trail
- Secure device link, no injection of clear-text keys
- Key Binding via TR-31 cryptograms
Networking Reception and Vendor Showcase
Refreshments will be served.Tech Talks Held in the Vendor Showcase
Presented by: VikingCloud & Integrity 360Thursday, 10 October
Registration Open
Welcome Remarks
Presented by: Alicia Malone, Senior Manager, Public Relations, PCI Security Standards Council
Digital Fire Doors: The Frontline Defenders Against Ransomware and For Maintaining Secure & Resilient Operations
Presented by: Ian Robinson, Chief Architect, Titania and Jim Seaman, MSc (Security Management) CISM CRISC CDPSE M.Inst.ISP, IS Centurion Consulting Ltd
Has IoT Security Improved? Or Is It Still Down The (Smart) Toilet?
Presented by: Ken Munro, CEO, Pen Test Partners Inc.
Keynote: Security in an Age of Exponential Innovation
Presented by: Dr Bruce McCabe, The Global Futurist
Networking Break and Vendor Showcase
Light refreshments will be served.Tech Talks Held in the Vendor Showcase
Presented by: Akamai TechnologiesLet’s Address the AI and ML Elephant in the Room
Presented by: Christopher Mawby, ISA, Principal Security Architect, Oracle Corporation
Learning From Safety-Critical Industries: Control Failure Is Normal, Deal With It.
Presented by: John Elliott, FBCS, Principal Consultant, Withoutfire
Secure Migration of Cardholder Data
Presented by: Mika Rautio, PCIP, CISA, CISM, CRISC, Senior Security Architect, Nexi
Tech Exchange: Jscrambler - Iframing the Payment Form - The Defense Perspective
Presented by: Pedro Fortuna, CTO & Founder, Jscrambler S.A.
How to Balance Conflicting Acquiring Bank Objectives - Insights Into the Conflicting Payments, Risk and Compliance Management Landscape In The Small Merchants’ Segment
Presented by: Natasja Bolton, PCI Compliance and Security Specialist, VikingCloud and Daniela Christoffel, Compliance Manager (PCI), Nexi
Global Updates: Payment Trends and Threats
Presented by: Nitin Bhatnagar, Regional Director India, South Asia and Middle East, PCI Security Standards Council; Yew Kuann Cheng, Regional VP, Asia-Pacific, PCI Security Standards Council; Diana Greenhaw, Head of Engagement, PCI Security Standards Council; Jeremy King, Regional VP, EMEA, PCI Security Standards Council and Guilherme Scheibe, Regional Director, Brazil & LAC, PCI Security Standards Council
Networking Lunch and Vendor Showcase
Tech Talks Held in the Vendor Showcase
Presented by: Yazara & Source DefenseTech Exchange: Zimperium - Lessons Learned from Securing MPoC Solutions and the Need for Continuous Security
Presented by: Krishna Vishnubhotla, Mobile App Security Specialist, Zimperium
Safeguarding Your “Boat” So you Don’t Get Hooked
Presented by: Andrew Jamieson, Vice President, Solutions Standards, PCI Security Standards Council
PCI SSC MPoC and Mobile Updates
Presented by: Andrew Jamieson, Vice President, Solutions Standards, PCI Security Standards Council
Stronger Together – The Value of Participating with the PCI SSC
Moderated by: Mark Meissner, Senior Vice President, Education & Engagement, PCI Security Standards Council
Panelists: Pedro Fortuna, CTO & Founder, Jscrambler S.A.; Gary Glover, CISSP, CISA, QSA, VP of Assessments, SecurityMetrics, Inc.; Diana Greenhaw, Head of Engagement, PCI Security Standards Council and Marie Christine Vittet, VP Compliance, Accor