Join us for three days of connecting, discovery, updates from the Council, regional community speakers, merchants, industry experts, and more.

Click here to convert to your local time.

Schedule subject to change – Continue to check back for updates and session details

Registration Now Closed
  • Tuesday, September 10
  • Wednesday, September 11
  • Thursday, September 12

Tuesday, September 10

9:00 AM - 5:00 PM

Registration Open

Sponsored by
10:00 AM - 12:00 PM

Workshops

NEW - Join these engaging workshops and take part in moderated peer-to-peer discussions, hear industry best practices, network, and share your experiences. Open to all attendees. Please RSVP to select your topic and reserve your seat for the discussion.

Workshop Topic: Assessment Evidence Collection Techniques

Moderated by: Tony James, ISA, CISSP, CISA, C-RISC, Director of Cyber Security, Target Corporation

Workshop Topic: Approaches for Monitoring Third Party Service Providers (TPSPs)

Moderated by: Shane Hamilton, Vice President of Technical Governance, Risk and Compliance, Toast Inc.

12:00 PM - 1:00 PM

Lunch on your own

We invite you to venture outside the conference walls to take in a taste of Boston at any of the surrounding restaurants. Click HERE for inspiration.
1:00 PM - 3:00 PM

Assessor Session

Presented by: Marc Bayerkohler, Standards Trainer, PCI Security Standards Council; Lauren Holloway, Director of Data Security Standards, PCI Security Standards Council; Matt O’Connor, Director, AQM, PCI Security Standards Council and Travis Powell, Director, Training Programs, PCI Security Standards Council

Assessor Session (QSAs, ISAs, ASVs, PFIs, QPAs, CPSAs, SSF, P2PE, 3DS assessors only): As an active assessor in the PCI SSC programs, join us for a special session to hear industry best practices, recent case studies, Council updates, live Q&A and networking opportunities with your peers.
3:00 PM - 5:00 PM

Vendor Showcase Preview

All are welcome to take a sneak peek at the Vendor Showcase! Come join your colleagues to network and explore the exhibitors and Tech Talks taking place during this time in the Vendor Showcase Hall. Light refreshments served.
5:00 PM - 6:30 PM

Welcome Reception

Level 3 – Ballrooms A&B

Join us at the Welcome Celebration, sponsored by Verizon. Take advantage of this exciting networking opportunity where the Past and Present meet the Future while enjoying a taste of Boston. Enjoy local food, local music and AI experiences. All are welcome! Don’t miss this taste of the city and kick-off networking opportunity – it will be a wicked good time!

*Badges required for entry.

Sponsored by

Wednesday, September 11

9:00 AM - 5:00 PM

Registration Open

Sponsored by
9:00 AM - 9:45 AM

Keynote: Shaping the Future of Payment Security - Together

Presented by: Gina Gobeyn, Executive Director, PCI Security Standards Council; Diana Greenhaw, Head of Engagement, PCI Security Standards Council and Deanne Zettler, Head of Product & Technology, PCI Security Standards Council

9:45 AM - 9:50 AM

Emcee Welcome Remarks

Presented by: Alicia Malone, Senior Manager, Public Relations, PCI Security Standards Council

9:50 AM - 10:10 AM

How the PCI SSC Standards Work Together

Presented by: Andrew Jamieson, Vice President, Solutions, PCI Security Standards Council

Join us for an engaging session where we explore the evolving landscape of payment security standards across all facets of the ecosystem. Discover the forward-thinking directions the Council is taking in areas crucial to the standards' influence. From emerging technologies to global challenges, we'll uncover the strategic initiatives shaping the future of payment security.
10:10 AM - 10:30 AM

Your Journey Through the Key New PCI DSS v4.x Requirements - Get Started Now!

Presented by: Kandyce Young, Manager, Data Security Standards, PCI Security Standards Council

Join us to walk through key new requirements in PCI DSS v4, from stored account data protection and authentication, to e-comm skimming and phishing prevention, and more, to learn about how they’re intended to strengthen your organization’s evolving security posture right now – don’t wait until their 31 March 2025 effective date.
10:30 AM - 11:00 AM

Networking Break and Vendor Showcase

Light refreshments served.
Speed Networking Session
NEW THIS YEAR – We invite you to participate in an exciting Speed Networking event designed to help you expand your professional network and forge valuable connections! This will be a structured and dynamic opportunity to make meaningful connections in a short amount of time. Through a series of brief, one-on-one conversations, you’ll be able to introduce yourself, exchange contact information, discuss your professional interests, goals and have a little fun along the way. PCI SSC’s Mark Meissner, Senior Vice President of Education and Engagement will facilitate this activity and you will be provided with conversation starters to help make the most of your time. Come prepared with your business cards and a brief introduction about yourself. Don’t miss out on this fantastic opportunity to connect with like-minded professionals!
Open to all attendees. Please RSVP to save your spot.
Sponsored by
 
11:00 AM - 11:20 AM

Track One

Navigating Security Through Relationships

Moderated by: Adam Perella, QSA, P2PE, QPA, 3DS, Technical Director, Schellman Compliance LLC

Panelists: Tom Giannaras, Cybersecurity Manager, Advocate Health and Chelsea Lopez, Risk Director, FIS

Where service providers exist in many facets of business, their role in cybersecurity cannot be understated. This presentation will showcase the value of communication and trust for both security and compliance. A merchant, service provider, and QSA will discuss the real-world examples and discussions that arise over the course of a year and how these decisions make assessments smoother, build trust, and improve security. Come with your questions and prepare to be entertained as we review our experiences and give insight into how you can build yours.

Track Two

Updates In the Lab Management Program

Presented by: Dr. Tim Cormier, Director, Lab Validation Programs, PCI Security Standards Council

Join us to learn more about updated information and the changes to the Lab Management program. This includes Modular onboarding which decouples the PCI PTS lab requirement, vendor notification process, and a brief look at the approved device and solution website for PTS devices and MPoC solutions.
11:30 AM - 11:50 AM

Track One

Advancing Payment Security: Comprehensive Strategies for Reducing PCI Scope

Moderated by: Marc Bayerkohler, Standards Trainer, PCI Security Standards Council

Panelists: Tony James, ISA, CISSP, CISA, C-RISC, Director of Cyber Security, Target Corporation; Eric Kitchens, Principal, Technical Governance, Toast Inc. and Viviana Wesley, PCI QSA, ISO 27001 Auditor, CISM. Principal Consultant, Governance, Compliance and Engineering Services, HALOCK Security Labs

The continuous evolution of payment security strategies aims at enhancing the protection of cardholder data and reducing the PCI scope for merchants. This panel discussion seeks to illuminate the spectrum of solutions that effectively minimize merchant exposure to cardholder data, including the established point-to-point encryption (P2PE), innovative end-to-end encryption (E2EE) solutions, and models where solution providers act as merchants. Featuring insights from a solution provider (Toast), an experienced merchant (Target), and QSAC (HALOCK Security Labs), the session will provide a holistic view of the technologies and methodologies that can lead to a significant reduction in PCI scope while maintaining or enhancing security measures.

Track Two

The Hitchhiker’s Guide to the Software Security Galaxy

Presented by: Jake Marcinko, Senior Manager, Solution Standards, PCI Security Standards Council and Bhavna Sondhi, Director, Technical Solutions, Coalfire Systems, Inc​

Please join Jake Marcinko, Senior Manager of Solution Standards at PCI SSC and Bhavna Sondhi, Director of Technical Solutions at Coalfire for an interactive journey into the future of software security. This ‘choose your own adventure’ style session will discuss how new and evolving technologies such as cloud, low- or no-code development tools and AI are revolutionizing software engineering, the security risks posed by the use of such technologies, and practical guidance on how to leverage such technologies safely and securely.
12:00 PM - 12:20 PM

Track One

Point-to-Point Encryption – Why Do It, How To Look At It, And What Target Did

Presented by: Tony James, ISA, CISSP, CISA, C-RISC, Director of Cyber Security, Target Corporation

Join this session to learn why Target implemented Point-to-Point Encryption (P2PE).
  • DSS>P2PE (what is P2PE)
  • Benefits from a merchant’s perspective What is Target's P2PE solution (MMS)
  • Why did we choose MMS- Saw the options and vendors available to support and chose the Merchant Managed solution
  • Validation cycle process
  • Talk about P2PE Assessor Training and Certification Why Target chose this solution Flexibility and customization Benefits Gained
  • Ability to drive target strategies that allow for devices to perform multiple functions.

Track Two

Why You Shouldn’t Trust The Public Cloud For Cardholder Data, A Look At Confidential Computing

Presented by: Ashok Misra, CISSP, ISA, Principal Program Manager Commerce Financial Services Governance, Microsoft Corporation – Redmond and Brad Turner, Principal Security Assurance Architect, Microsoft

The public cloud has traditionally exposed a stumbling block for the deployment of certain secure workloads. This stumbling block no longer exists with the introduction of confidential computing offerings.
12:30 PM - 12:50 PM

Track One

P2PE Program Enhancements

Presented by: Mike Thompson, Director, Solutions Standards, PCI Security Standards Council

The Council highly values stakeholder feedback, and we have heard you!​ We’ve made value-add changes based on what we've heard to enhance the P2PE Program to benefit stakeholders and help contribute to even greater market adoption.

Track Two

Panel Discussion: Digital Identity - The Future of Payments

Moderated by: Sean Estrada, Head of Industry Advocacy, Stripe, Inc.

Panelists: Juliana Cafik, Principal; Program Manager, Microsoft; Atul Prasad, Director, Product Management, Qualcomm Technologies and Megan Shamas, Chief Marketing Officer, FIDO Alliance

Identity is a growing topic across government, regulations, and individual privacy. The payments industry needs to chart a path going forward. Consumer control over their data (and payments) is critical to enable trust in the ecosystem. Identity standards and Payment standards should work together.
12:50 PM - 2:00 PM

Networking Lunch and Vendor Showcase

2:00 PM - 2:20 PM

Track One

Adaptive Cybersecurity Strategy for the Payment Methods Ecosystem in Latin America

Presented by: Valther Galván Ponce de León, Chief Information Security Officer – CISO, Promoción y Operación S.A. de C.V., PROSA

Implementing an Adaptive Cybersecurity Strategy for the Payment Methods Ecosystem in Latin America is essential in today's rapidly evolving digital landscape. In this presentation, we will examine the dynamic challenges and evolving threats facing regional payment systems. We will delve into the complexities of regulatory frameworks, technological advancements, and emerging trends, emphasizing the need for Latin American organizations to develop a cybersecurity strategy that caters specifically to the unique demands of the local payment methods ecosystem. Our discussion will center on proactive threat detection, real-time response mechanisms, and continuous strategic adaptation to mitigate risks and ensure secure transactions as a fundamental aspect of organizational strategies.

Track Two

PQC, AES, What’s Next? Migration Challenges and Agility In The Payment Network

Moderated by: Andrew Jamieson, Vice President, Solutions, PCI Security Standards Council

Panelists: Steven Bowles, Regional Security Officer - North America, Ingenico; Richard Kisley, PCIP, Chief Engineer IBM HSM, IBM Corporation and Joachim Vance, Chief Security Architect, Verifone

Join us for a panel discussion and walk through the cryptography migration challenges facing payment networks over the next few years. What systems should be the priority, what improvements are going to be the biggest impact and what are vendors doing to assist with the journey?
2:30 PM - 2:50 PM

Track One

Being Audit Ready, Not Reactive – Automation What!

Presented by: Sheri LaCarbonara, Solution Specialist, Cybersecurity, Liberty Mutual; Denise Miller, Manager, Liberty Mutual and Leah Mongeon, Solutions Specialist, Liberty Mutual

The regulatory landscape continues to evolve – new regulations & updated regulations, factor that in with updates to common frameworks and contractual requirements that each company is under, it creates for an overwhelming and high-stress environment. How do we keep up with the pace with the new, changes, and updated requirements? Are you tired of being audit reactive? Let us share how to be audit ready and no longer be overwhelmed with the changes, we need to look at how to become audit ready and leverage automation to gain assurance over coverage and effectiveness to support multiple regulations, frameworks, and company requirements.

Track Two

Tech Exchange: DataStealth -Why Isn’t Everyone Talking About PCI DSS Requirements 6.4.3 and 11.6.1?

Presented by: Derek Schenk, CTO, DataStealth and Robert Spivak, Director of Business Development, Control Gap Inc.

PCI DSS requirements 6.4.3 and 11.6.1 introduce critical mandates for monitoring and tamper detection to protect payment card data, all the way down to a SAQ-A. Requirement 6.4.3 focuses on the management and integrity verification of payment page scripts. Requirement 11.6.1 emphasizes the need for the detection of unauthorized modifications to HTTP headers and payment page contents. Find out what all the fuss is about, and what you need to do to get compliant.
3:00 PM - 3:20 PM

Track One

Security Is a Continuous Process

Presented by: Marc Bayerkohler, Standards Trainer, PCI Security Standards Council

Join us on a journey of discovery as we explore a fictional Mesozoic themed park, and the security failings that led to its demise.  We will examine and explore how the application of requirements from across the PCI Standards may have saved the day as well as the guests!

Track Two

6.4.3 & 11.6.1: Do You Understand Website Scoping

Presented by: Jeff Man, Trusted Advisor, PCI QSA, Online Business Systems and Jeff Zitomer, Sr. Director of Product Management, Human Security, Inc.

JavaScript Single-Page applications (SPA) signaled the next step in the evolution of app experiences with speed and advanced personalization. Pure HTML and redirected payment methods implemented in SPAs may not provide the scope limitations once expected. Join us to understand how architecture drives scoping for requirements like 6.4.3, 11.6.1, at a deeper level than whether apps integrate with 3PSP via direct post, redirect, or iframe.
3:20 PM - 3:50 PM

Networking Break and Vendor Showcase

Light refreshments served.
3:50 PM - 4:10 PM

Track One

Tech Exchange: RubinBrown - Managing Email Compromise and Wire Fraud Incidents

Presented by: Stewart Deken, Manager, Lead Digital Investigator, RubinBrown LLP and Rob Rudloff, CISSP, CISA, QSA, Partner, Cyber Security Services, RubinBrown LLP

Credential theft, email compromise, and wire fraud attacks have skyrocketed during the last year. Managing these incidents can be as simple as risk and impact analysis to full scale digital forensic investigations. Our presentation will provide a brief overview of the attack vectors, threat actors, and style of the attacks. The main focus will be on going through the investigation process and using case studies to demonstrate different techniques and processes. We will use case studies to link to.

Track Two

Leveraging Micro-Segmentation, SPIFFE-based Identity Networking, and Immutable Infrastructure to Streamline PCI DSS v4.0 Compliance

Presented by: Mr. Kerry Steele, CISSP, CISA, CCSP, CDPSE, ISSAP, QSA, Principal Consultant, Coalfire Systems, Inc​

This session delves into the transformative power of micro-segmentation, SPIFFE-based network segmentation, and immutable infrastructure to enhance security, minimize PCI DSS v4.0 scope, and alleviate compliance burdens, offering attendees actionable insights and best practices to stay ahead of evolving threats.​
4:20 PM - 4:40 PM

Track One

Functional Incident Response Plans in 2024 and Beyond

Presented by: Professor Tom Arnold, CISSP, ISSMP, GCFE, GBFA, GNFA, University of Nevada Las Vegas

Over many years of responding and studying how organizations respond to incidents, the material considers many deficiencies and topics that are not fully developed or covered in IR plans. Given advances in technologies from IaaS, PaaS, SaaS, and now FaaS leveraging cloud environment, IR plans must evolve to address these new vectors. This presentation describes advanced environments used in organizations, examines the current threat environment, presents changes in the kill chain, and relates the systemic and business attributes to the IR Plan. The presentation closes with a checklist of items that need to be included in a modern incident response plan.

Track Two

What Are the Implications of Infrastructure as Code and PCI DSS?

Presented by: Lauren Holloway, Director of Data Security Standards, PCI Security Standards Council and Peter O’Sullivan, Principal Information Security Consultant, Blackfoot Cybersecurity

Wondering how to handle Infrastructure as Code and cloud deployments for PCI DSS? This session considers how to meet PCI DSS requirements in environments defined by Infrastructure as Code from the Council’s perspective and an assessor’s viewpoint. Topics include integration, code repositories, scoping, significant changes, and assessment practicalities.
4:50 PM - 5:10 PM

Track One

Tech Exchange: SAINT Corp. - Aligning Continuous Vulnerability Management with Risk and Compliance

Presented by: Randall Laudermilk, VP of Business Development, SAINT Corp.

In this session, we will illustrate an approach to the alignment and convergence of vulnerability management, risk management, and PCI compliance to support continuous compliance and enhanced risk management in a business context.

Track Two

You Dropped a “BOM” on me, baby…

Presented by: Jake Marcinko, Senior Manager, Solution Standards, PCI Security Standards Council

Please join Jake Marcinko, Senior Manager Solution Standards at PCI SSC for a detailed look at the concept of software Bill of Materials (BOM), and how the PCI Software Security Framework is to leverage them now and in the future.
5:10 PM - 6:40 PM

Networking Reception and Vendor Showcase

Thursday, September 12

9:00 AM - 12:00 PM

Registration Open

Sponsored by
9:00 AM - 9:05 AM

Welcome Remarks

Presented by: Alicia Malone, Senior Manager, Public Relations, PCI Security Standards Council

9:05 AM - 9:25 AM

Future-Proofing FinTech: The Infinite Loop of AI-Enhanced Security

Presented by: Nicholas Lim, CTO, Soft Space

Embark on a journey where Artificial Intelligence transcends traditional boundaries, creating a visionary cycle of perpetual improvement in xPOC security. This saga unveils an inspiring ideation for a world where technology doesn't just react to threats but evolves with them. Imagine a realm where every transaction strengthens the shield protecting it, and every challenge fuels the next leap forward. A future of payment security that is self-sustaining, self-improving, and unyieldingly resilient.
9:25 AM - 9:45 AM

Has IoT Security Improved? Or Is It Still Down The (Smart) Toilet?

Presented by: Ken Munro, CEO, Pen Test Partners Inc.

It’s been nearly a decade since we first showed security fails in talking kid’s dolls and tea kettles. Since then, we’ve been pushing standards bodies and the government to provide guidance to protect consumers privacy. Regulation is coming very soon, so how do we all avoid failing foul of it? The fines for non-compliance are punchy in some regions. In the meantime, we keep finding facepalm-worthy security issues in IoT. Let’s learn from those in an informative and entertaining talk about hacking smart toilets, ski tech, connected airplanes and plenty more.
9:45 AM - 10:30 AM

Keynote: Gigatrends: Six Forces That Are Changing the Future

Presented by: Tom Koulopoulos, Industry Leading Futurist, Artificial Intelligence Specialist, Author, Gigatrends

In this tour-de-force keynote Tom looks at the greatest technological shifts of the 21st century and lays out a roadmap to navigate the change, disruption, and opportunities they will create. Gigatrends sheds a bright and insightful light on the many unanticipated ways that technologies such as AI will shape the future and how they will alter the landscape for risk and opportunity; connecting the dots between what are often confusing and disconnected trends. At a time when uncertainty seems to be looming large over every aspect of our lives. Gigatrends sets a course for the future that is realistic, fascinating, and above all, hopeful.
10:30 AM - 11:00 AM

Networking Break and Vendor Showcase

Light refreshments served.

VIP Meet & Greet Book Signing
Sponsored by
11:00 AM - 11:20 AM

All Hail The Defenders: Cyber Incident Response for PCI…and Everyone Else!

Presented by: Harley Geiger, JD, MA, CIPP/US, Counsel, Venable and Sabeen Malik, Vice President, Rapid7

Just about every organization suffers a cybersecurity incident at some point. While they are manageable, requirements for responding to incidents are growing in complexity. The good news is that, despite new and evolving regulations, there are actually many commonalities among cyber incident response and reporting requirements. This co-presentation will distill the common requirements for cyber incident response and reporting in regulations and PCI DSS. We will lay out what organizations must do when incidents occur, highlighting processes under PCI DSS 4.0 and major regulations. The presentation will also provide some tips on how to structure incident response compliance to ensure operations are smooth so defenders can focus on defending!
11:20 AM - 11:40 AM

PIN Processing in the Cloud - How We Made It Happen

Presented by: Ryan Day, Innovation Security Governance Specialist, Block, Inc.; Skyler Ferran, Principal - Solution Validation, Coalfire Systems, Inc​ and Tim Winston, Principal Industry Specialist - Payments, Amazon Web Services, Inc.

Over the last year, Block, Amazon Web Services, and Coalfire worked collaboratively to migrate PIN processing to the cloud. As with any migration to new technologies or novel architectures that were not included in previous compliance assessments, this effort faced many challenges and resulted in many lessons learned. In this panel discussion, you will hear the perspectives from each of the participants and how they were able to successfully work through the compliance challenges together.
11:40 AM - 12:00 PM

The Verizon 2024 Payment Security Report – Protecting Data at the Point of Input

Presented by: Ciske van Oosten, Associate Director, Head of Global Business Intelligence, Cyber Security Consulting, Verizon and Stephen Ward, CMO, Source Defense

The 2024 Verizon PSR includes a first-of-its kind analysis conducted by Source Defense of the risk posed to cardholder data in the eCommerce channel.  Analyzing 7,500 of the world’s largest eCommerce sites, the research highlights the risk of eSkimming attacks to every single organization analyzed, leading to the conclusion that it is a risk posed to virtually every organization conducting eCommerce around the globe. Broken down by region and sub-industry, the research exposes the use of third-party website partners; highlights risky actions taken by these partners; sheds light on a fundamental weakness in website security and supports the decision by the PCI Council to include eSkimming security controls in the revised, PCI DSS v4.0 Standard.
12:00 PM - 12:20 PM

Over the Next Horizon: Payment Security Trends in 2024, 2025, and Beyond

Presented by: Adam Cason, Vice President, Global and Strategic Alliances, Futurex

2023 brought rapid innovation, with generative AI and quantum computing holding a prominent role in the minds of industry professionals and consumers alike. But for the payments industry, these topics only scratch the surface of the advances on the horizon. This session explores payment security trends involving alternative payment methods, the acceleration of payments, cloud adoption, AI, and post-quantum cryptography. Attendees will also gain insight into advances being made in leading regions, including Asia-Pacific and the Middle East. After this presentation, payment strategists, assessors, and executives will be equipped to lead their organizations' discussions on the most critical payment security trends in 2024, 2025, and beyond.
12:20 PM - 12:40 PM

Global Updates: Payment Trends and Threats

Presented by: Nitin Bhatnagar, Regional Director India, South Asia and Middle East, PCI Security Standards Council; Yew Kuann Cheng, Regional VP, Asia-Pacific, PCI Security Standards Council; Diana Greenhaw, Head of Engagement, PCI Security Standards Council; Jeremy King, Regional VP, EMEA, PCI Security Standards Council and Guilherme Scheibe, Regional Director, Brazil & LAC, PCI Security Standards Council

The PCI SSC Global team has a unique global presence, providing insights into payment trends and threats worldwide. This presentation synthesizes perspectives from diverse stakeholders across regions with distinct needs, resources, and cultures, offering actionable insights applicable globally. It illuminates regional challenges in payment security and their potential global ramifications.
12:40 PM - 1:00 PM

Cybersecurity Strategies for Ransomware Protection, Compliance and Digital Resilience

Presented by: Steve Tcherchian, CISSP, PCI ISA, PCI-P, Chief Product Officer, XYPRO Technology

Dive into the evolving cybersecurity threat landscape, focusing on ransomware. Learn cutting-edge strategies for defense, ensuring PCI DSS compliance, and boosting the digital resilience of payment systems. Explore vulnerability identification, preventive actions, and building a robust response plan. This session highlights the importance of a comprehensive cybersecurity approach to meet regulatory standards and strengthen defenses against dynamic cyber threats. Essential for those in the digital payment field, it provides key insights for safeguarding data and preserving trust. Gain practical knowledge to protect against ransomware, adapt to regulatory demands, and maintain operational integrity in the face of cyber challenges.
1:00 PM - 2:00 PM

Networking Lunch and Vendor Showcase

2:00 PM - 2:20 PM

Tech Exchange: K3DES - Managing Data, Data Centers, and Compliance in Today's Remote World

Presented by: Howard Glavin, CISM, CRISC, CDPSE, QSA, CTGA, Executive Vice President, K3DES, LLC

Today’s Data Management is not the same as it was 5 years ago. Your grandma’s brick-and-mortar buildings, dedicated to service only your needs and where you had total control over the data, are mostly a thing of the past. With the advent of Cloud, Multi-Tennant Datacenters, and Virtual everything, it is hard to figure what data you have or where it is stored. Do you even know where the “where’ is physically located? Are your data and devices being managed in a hostile country that will view and, frankly, use whatever they choose for their own needs? How are you protecting the company’s golden nugget, the data? This presentation will expose you to the methods needed for protection of the data and its locations, for today and tomorrow.
2:20 PM - 2:40 PM

Safeguarding Your “Boat” So you Don’t Get Hooked

Presented by: Tim Cappalli, Standards Architect, Okta; Andrew Jamieson, Vice President, Solutions, PCI Security Standards Council and Megan Shamas, Chief Marketing Officer, FIDO Alliance

Join PCI SSC, FIDO Alliance, and Okta on this “phishing adventure” as they delve into the best practices and requirements in securing your “boat” from potential catastrophic phishing incidents.
2:40 PM - 3:10 PM

PCI SSC MPoC and Mobile Updates

Presented by: Andrew Jamieson, Vice President, Solutions, PCI Security Standards Council

Join us as we explore the evolving landscape of mobile payments and the latest advancements in the MPoC Standard. From understanding the importance of the PCI SSC's MPoC requirements to navigating the complexities of securing mobile transactions, this session equips attendees with essential knowledge and strategies to enhance their organization's security posture.
3:10 PM - 3:40 PM

Stronger Together – The Value of Participating with the PCI SSC

Moderated by: Mark Meissner, Senior Vice President, Education & Engagement, PCI Security Standards Council

Panelists: Heidi Babi, PCI Security & Assurance Sr Lead, Mars Incorporated; Jesus Fidalgo, Block PCI DSS Compliance Lead, Block, Inc.; Diana Greenhaw, Head of Engagement, PCI Security Standards Council; Rob Harvey, Managing Director, Risk, Security, and Privacy Practice, Online Business Systems and Paulo Sergio de Souza, CISO – Chief Information Security Officer, CSU Digital

This session explores the intrinsic value and strategic benefits of active participation with the PCI SSC. Discover how participation can enhance your organization's security posture, foster industry-wide innovation, and fortify global trust in payment security. Join us to learn why, in payment security, we are stronger with the PCI SSC.
3:40 PM - 4:00 PM

Wrap Up and Closing Remarks

Presented by: Alicia Malone, Senior Manager, Public Relations, PCI Security Standards Council