header-educate-empower-protect1

ASIA-PACIFIC COMMUNITY MEETING

Bangkok, Thailand | 17 – 18 May

Register Now

JOIN US AT THE 2017 ASIA-PACIFIC COMMUNITY MEETING

Two days of networking and one-of-a-kind partnership opportunities await you. Whether you want to learn more about updates in the payment card industry or showcase a new product, you’ll find it all at the 2017 Community Meeting.

AGENDA

Join us for two days of discovery, updates and insights from members of the Council and regional community figures and merchants.

Wednesday, 17 May
7:30 - 18:30 Registration Open
7:30 – 9:00 Networking Breakfast and Vendor Showcase
9:00 - 9:15Welcome Remarks
Presented by: Jeremy King, International Director, PCI Security Standards Council
9:15 - 10:00

PCI's Strategic Initiatives for 2017
Presented by: Stephen W. Orfei, General Manager, PCI Security Standards Council
10:00 – 10:30
Continuing the Conversation with PCI's Executive Team - A Panel Discussion
Presented by: PCI Security Standards Council
Moderated by: Laura Gray, Director of Communications, PCI Security Standards Council
10:30 – 11:00Networking Break and Vendor Showcase
11:00 - 11:45Security Roadmap for Next Generation of Payments
Digital payments are evolving rapidly which requires anticipating how cybersecurity attacks will change and how we should expect to protect against them. This session will discuss emerging security trends for 2017 and how new initiatives by the PCI Council plan to address these threats.

Presented by: Troy Leach, Chief Technology Officer, PCI Security Standards Council
11:45 - 12:10PCI DSS and the Cloud
Perhaps the largest point of confusion with respect to the Payment Card Industry Data Security Standard (PCI DSS) and cloud computing is the question of upon whose shoulders does compliance fall?

When a cloud service provider says it’s been validated as PCI DSS compliant, what does that mean for the enterprise customer? According to security experts, organizations shouldn’t expect a PCI DSS-validated cloud provider to relieve them of their PCI DSS obligations. To be PCI DSS-compliant, tenants still have PCI DSS obligations.

Presented by: Narendra Sahoo, Director, VISTA InfoSec
12:10 - 12:30Information Security Trends from Our SOC and Knowledge Base
NRI SecureTechnologies has been conducting information security surveys of Japanese enterprises for 14 years. We have also expanded the survey to enterprises in the USA and Singapore. We can provide current risks and security measures based not only on the survey but also on our services such as security assessment or security operations center.

Presented by: Eiji Fukushima, Division Head of IT Security Consulting & Solutions, NRI SecureTechnologies, Ltd.
12:30 – 13:30 Networking Lunch and Vendor Showcase
13:30 - 14:00Global Payment Security Trends with a local APAC Perspective
In this session, Foregenix will share their global experience as it relates to regional trends in Asia Pacific.

Foregenix will provide real-world insights on drivers for PCI, practical strategies for reducing risk and thought provoking predictions on trends for remainder of the year.

The session will impart information to assist in ensuring safer payments for banks, service providers as well as merchants.

Presented by: Andrew Henwood, CEO, Foregenix South Africa
14:00 - 14:20Migrating from SSL and Early TLS -- Real-time Challenges, Issues and How To Overcome Them as a Merchant & Service Provider
This is a case study for migrating from SSL and early TLS in a large organisation. Challenges were cost, technology, user experience and dependencies on third parties. The solution was segregating by environment and risk and addressing in steps.

This session identifies the requirements and challenges for migrating from SSL and early TLS for a merchant and service-provider environment, including an impact assessment to identify areas of concern. The method used was segregating in different categories based on risk exposure, challenges and ease of implementation to prioritize the migration activities. Planning and a phased approach were used to address challenges and various levels, such as business, technology and contracts. The approach also included monitoring progress and dealing with any evolving constraints, and addressing residual risk on a timely basis.

Presented by: Swati Sharma, Senior Specialist Security/PCI QSA, BT Plc.
14:20 - 15:00A Standards Update for Payment Technologies
A current look at the work being done at the PCI Council in the areas of PIN Transaction Security, Point-to-Point Encryption, and Mobile.

Presented by: Mike Thompson, Standards Manager, PCI Security Standards Council
15:00 – 15:30 Networking Break and Vendor Showcase
15:30 - 16:10Protecting the Online Channel
E-commerce continues to be a priority for the PCI Council as criminals have increased their targeted attacks against online merchants. This session will provide insights into emerging threats in the e-commerce space and PCI Council efforts to help protect payments in the online channel, including recently published e-commerce security best practices and development of security standards to support 3D Secure (3DS).

Presented by: Troy Leach, Chief Technology Officer, PCI Security Standards Council
16:10 - 16:40PCI DSS Learnings from a Hyper-growth Environment
This talk will present lessons from implementation and ongoing compliance for a highly dynamic environment distributed globally. The talk will also cover achieving efficiency in PCI DSS implementation.

The PCI DSS framework has evolved over time to secure certain types of credit card-related systems and environments. However, many of these environments may not change significantly within one year of the audit period. This talk will present challenges faced due to moving parts and payment solutions being added worldwide. The talk will also cover guidelines on how to be proactively on top of credit card data security so that PCI DSS compliance is consistently maintained.

Presented by: Shreyas Kumar, Senior Security Strategist, Uber Technologies Inc.
16:40 - 17:00QSA Is Not Your Enemy: How Working with a Great QSA Can Help Strengthen Your PCI DSS Compliance Program into "Business as Usual"
With the publication of PCI DSS v3.2, the Council shows great emphasis on integrating compliance into business as usual. This talk will cover how a great QSA can help prepare the company for making compliance part of business as usual. This session will cover: Why the QSA is not your greatest enemy, QSA vs. Great QSA, PCI SSC emphasis in the business-as-usual process, how business-as-usual integration reduces efforts spent in annual PCI DSS compliance validation and ongoing compliance planning.

Presented by: Thanut Pimhataivoot, Team Leader, IT Compliance & Audit, NTT Data (Thailand) Co., Ltd.
17:00 – 18:30 Networking Reception and Vendor Showcase

Thursday, 18 May
7:30 - 12:15Registration Open
7:30 – 9:00 Networking Breakfast and Vendor Showcase
9:00 - 9:15

Welcome Remarks
Presented by: Jeremy King, International Director, PCI Security Standards Council

9:15 - 10:15Security Awareness, Policies, Practices and Challenges
Security awareness is the first step to implementing an information security program. This session will provide a discussion of security awareness with emphasis on policies, best practices, and challenges. A number of case studies in Thailand will be presented.

Presented by: Chalee Vorakulpipat, CISSP, CISA, PMP, National Electronics and Computer Technology Center (NECTEC), Thailand
10:15 - 10:45 Networking Break and Vendor Showcase
10:45 - 11:15Session TBD
Presented by: Lib de Veyra, Vice President of Emerging Technologies for JCB International

11:15 - 11:35Mobile Payments: Challenges & Actions
The session discusses the challenges of mobile payments and the threats involved, with some recommendations. The presentation is based on analysis done using the National Standard for Mobile Payment (CBE Standard), along with PCI SSC guidelines and a risk analysis of mobile payments from some of my customers.

Presented by: Ahmed Selim, Professional Service Manager, Security Meter
11:35 - 12:05Bringing it All Together - Regional Insights a Panel Discussion
Join this session for a panel discussion moderated by a member of PCI Security Standards Council’s Executive Committee. Panelists will discuss regional issues and areas of focus. Don’t miss this session that is sure to bring together the day’s topics.

Presented by: Mike Matan, Vice President, Network Industry Engagement, Product and Marketing, American Express and PCI SSC Executive Committee Chairperson
12:05 - 12:35Making a Global Impact with PCI SSC: How You Can Get Involved and Resource Overview
Presented by Jeremy King, International Director, PCI Security Standards Council and Mark Meissner, VP Public Relations, PCI Security Standards Council
12:35 - 13:00How PCI Makes Payments Safer Q&A with Executive Team and Closing Remarks

Register today to secure your spot at the 2017 Asia-Pacific Community Meeting.

SPONSORS

BRONZE SPONSORS

SPONSORS

TESTIMONIALS

TRAINING

Employee Education is the Best Defense for Protecting your Organization’s Data Assets.

In conjunction with the Asia-Pacific Community Meeting two training courses are available, allowing attendees to make the most of their travel time and budgets. The trainings will take place at Intercontinental Bangkok.

PCI-qsa-rib

Qualified Security Assessor Training | 11-12 May

The two-day Qualified Security Assessor (QSA) class provides instruction on how to conduct assessments of merchants, institutions and service providers who must be compliant with the PCI DSS.

PCI-ISA

Internal Security Assessor Training  |  15-16 May 

The two-day Internal Security Assessor (ISA) class provides merchants, acquiring banks, and processors the opportunity to build their internal payment data security expertise, as well as increase their efficiency in complying with PCI Standards.

VENDOR SHOWCASE

Current Exhibitors:

Get the latest updates on the 2017 Community Meetings by joining our mailing list.

Pin It on Pinterest