Tony James

ISA, CISSP, CISA, C-RISC, Director of Cyber Security, Target Corporation

Mr. James has been at Target for over 20 years and currently leads the Payment Security team which is responsible for PCI Compliance. He has had several roles including technical and operational auditing as well as business management. Mr. James holds multiple certifications including CISSP, CISA and CRSC, he is an ISA with P2PE certification, and is an avid fisherman.

Tony James's Events

Workshop Topic: Assessment Evidence Collection Techniques

Date: Tuesday, September 10

Moderated by: Tony James, ISA, CISSP, CISA, C-RISC, Director of Cyber Security, Target Corporation

Advancing Payment Security: Comprehensive Strategies for Reducing PCI Scope

Date: Wednesday, September 11

Track One

Moderated by: Marc Bayerkohler, Standards Trainer, PCI Security Standards Council

Panelists: Tony James, ISA, CISSP, CISA, C-RISC, Director of Cyber Security, Target Corporation; Eric Kitchens, Principal, Technical Governance, Toast Inc. and Viviana Wesley, PCI QSA, ISO 27001 Auditor, CISM. Principal Consultant, Governance, Compliance and Engineering Services, HALOCK Security Labs

The continuous evolution of payment security strategies aims at enhancing the protection of cardholder data and reducing the PCI scope for merchants. This panel discussion seeks to illuminate the spectrum of solutions that effectively minimize merchant exposure to cardholder data, including the established point-to-point encryption (P2PE), innovative end-to-end encryption (E2EE) solutions, and models where solution providers act as merchants. Featuring insights from a solution provider (Toast), an experienced merchant (Target), and QSAC (HALOCK Security Labs), the session will provide a holistic view of the technologies and methodologies that can lead to a significant reduction in PCI scope while maintaining or enhancing security measures.

Point-to-Point Encryption – Why Do It, How To Look At It, And What Target Did

Date: Wednesday, September 11

Track One

Presented by: Tony James, ISA, CISSP, CISA, C-RISC, Director of Cyber Security, Target Corporation

Join this session to learn why Target implemented Point-to-Point Encryption (P2PE).
  • DSS>P2PE (what is P2PE)
  • Benefits from a merchant’s perspective What is Target's P2PE solution (MMS)
  • Why did we choose MMS- Saw the options and vendors available to support and chose the Merchant Managed solution
  • Validation cycle process
  • Talk about P2PE Assessor Training and Certification Why Target chose this solution Flexibility and customization Benefits Gained
  • Ability to drive target strategies that allow for devices to perform multiple functions.