Viviana Wesley
PCI QSA, ISO 27001 Auditor, CISM. Principal Consultant, Governance, Compliance and Engineering Services, HALOCK Security Labs
Viviana Wesley is one of the few experts on the intersection of payment card security and cybersecurity risk management. Viviana helps organizations prepare for PCI DSS compliance so that they can demonstrate reasonable security as the law defines it and serves regulators to help them evaluate the reasonableness of controls in breached organizations. Her strong technical and information security background gives Viviana a unique skillset that allows her to provide vital technical insights in how to meet regulatory requirements and effectively communicate with technical resources and executives.
Viviana has over 23 years of practical experience within information technology, with a focus on information security for the past 14+ years. Viviana has been the PCI Subject Matter Expert for HALOCK since 2012. Viviana has also been involved in developing HALOCK’s GDPR, CMMC, Privacy and Risk Management offerings for clients.
Acting as the PCI Practice Lead for HALOCK she has:
• Developed framework, project management and QA materials, mentors, and trains new QSAs and has provided PCI education to dozens of organizations. She has managed hundreds of PCI-related projects
• Been the lead PCI QSA on several of HALOCK’s enterprise level clients and several Higher Education institutions
• Develops and manages remediation programs to help compromised and non-compliant clients achieve and maintain PCI DSS compliance
• Performs hands-on reviews of environments, including documentation and evidence reviews as well as network device and server configurations and observational validations
Viviana serves as an expert witness for State Offices of Attorney General and Multidistrict Litigation matters.
Viviana is also a member of the Sedona Conference Working Group 11- Data Security and Privacy Liability, to identify and comment on trends in data security and privacy law, to help organizations prepare for and respond to data breaches, and to assist attorneys and judicial officers in resolving questions of legal liability and damages.
Viviana Wesley's Events
Advancing Payment Security: Comprehensive Strategies for Reducing PCI Scope
Date: Wednesday, September 11
Track One
Moderated by: Marc Bayerkohler, Standards Trainer, PCI Security Standards Council
Panelists: Tony James, ISA, CISSP, CISA, C-RISC, Director of Cyber Security, Target Corporation; Eric Kitchens, Principal, Technical Governance, Toast Inc. and Viviana Wesley, PCI QSA, ISO 27001 Auditor, CISM. Principal Consultant, Governance, Compliance and Engineering Services, HALOCK Security Labs