Latin America Forum

São Paulo, Brazil | 9 August 2017

Join Us at the 2017 Latin America Forum

Join your industry colleagues for a full day of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll find it all at the 2017 Latin America Forum (LAF).


The following industry leaders will present at the meeting:


Carlos Caetano
Associate Regional Director – Brazil
PCI Security Standards Council


Jeremy King
International Director
PCI Security Standards Council


Troy Leach
Chief Technology Officer
PCI Security Standards Council


Mauro Lance
Chief Operating Officer
PCI Security Standards Council


Mark Meissner
VP, Public Relations
PCI Security Standards Council


Join us for a day of discovery, updates and insights from members of the Council and regional community figures and merchants.


* Continue to check back for agenda updates


Wednesday, 9 August 
17:45 - 19:15Network Reception
07:30Registration Open
8:00 - 9:00
Networking Breakfast
9:00 - 9:30
Welcome Remarks

Presented by: Carlos Caetano, Associate Regional Director, Brazil, PCI Security Standards Council
9:30 - 10:15Keynote: PCI's Strategic Initiatives for 2017

This session opens the Forum with an update on the latest Council news, insights into the current and future payment security landscape, and discusses the Council’s vision for the coming years. Don't miss this extensive review of PCI SSC current and global affairs.

Presented by: Jeremy King, International Director, PCI Security Standards Council
10:15 - 11:15
KEYNOTE: Regional Insights: Real-life cybercrimes on the payment card industry, regulations and partnerships.

Presented by: PCF Jorilson Rodrigues
11:15 - 11:45
Networking Break and Vendor Showcase
11:45 - 12:30
Security Roadmap for Next Generation of Payments

Digital payments are evolving rapidly which requires anticipating how cybersecurity attacks will change and how we should expect to protect against them. This session will discuss emerging security trends for 2017 and how new initiatives by the PCI Council plan to address these threats.

Presented by: Troy Leach, Chief Technology Officer, PCI Security Standards Council
12:30 - 13:00
How to Become Compliant Without Losing Agility and Obtain Benefits

This session will take the audience through the certification experience of an Online Travel Agency. We will cover the steps, the challenges, and the achievements of this process.

Presented by: Flavia Murgades, Project Manager, Information Security, /
13:00 - 14:00
Networking Lunch and Vendor Showcase
14:00 - 14:45Keynote Industry Forensics: Understanding the Current Data Breach Landscape

This session will take the audience through real world examples of data breaches and how they have had a lasting impact on their victims and the payment industry community. Attendees will also learn how to prevent becoming the next victim of a data breach as well as how to quickly identify and mitigate an incident should it happen to you.

Presented by: Christopher Novak, Director, Investigative Response, Verizon RISK Team

14:45 - 15:15Data Protection and PCI Scope Reduction

Nowadays, sensitive data is spreading around. Protecting only infrastructure and endpoints and is not enough, it is time to change the perspective of how we could better protect our sensitive data. In this presentation, we would like to present a new concept of how to protect sensitive data, using a new data centric approach. This concept could prevent live data breaches and can reveal an impressive way of using tokenization and encryption to protect sensitive data and helps companies to reduce risks and also increase security.

Presented by: Paulo Veloso, Business Development Director for Latin America, Hewlett Packard Enterprise and Renato Wada, CISSP-ISSAP, ISSMP, CISM Information Security Director – LATAM FIS Risk, Information Security and Compliance (RISC)
15:15 - 15:30
Networking Break and Vendor Showcase
15:30 - 16:00Policies and Procedures – Putting Security to Work

Many organizations build their policies and procedures as an afterthought in response to regulatory or similar requirements. These documents are often thrown in a drawer to be updated once a year, providing little value for the effort. This talk will provide tips and guidelines organizations can use to make sure their policies and procedures are useful to the organization and actually improve security. The talk will also outline an approach to have team members contribute directly to the creation and review of the documentation, helping to bring about accurate policies and procedures with greater employee understanding and more consistent adherence and implementation. Real-world examples will illustrate pitfalls and successful approaches.

Presented by: Adam Perella, CISSP, QSA, PA-QSA, P2PE Manager, Sikich LLP
16:00 - 16:30
Demystifying the PCI for Your Company

No matter the size of your company or the market momentum, PCI comes to collaborate for improving security and the reputation with the market. As such it should be included in each company’s annual assessment schedule. The process for obtaining the certification can be considered simple, but it requires discipline and teamwork, since we should not think that each year the assessment process will be the same, or become easier, but al contraire, we should think about the PCI compliance management process as a long term project to be carried out by the organization. The QSA is a very important figure and a key player in the journey that lead us the PCI DSS compliance status. Come to this session to learn from a success case about removing paradigms around PCI, establishing good partnerships with QSAs and showing customers the benefits on achieving the PCI DSS certification.

Presented by: Marcos Eurico Silva, CISSP, CISCO, SKY Brazil

16:30 - 17:15Bringing it all Together - Panel discussion with Regional Industry Professionals

Moderated by Carlos Caetano, Associate Regional Director, Brazil, PCI Security Standards Council

Marcos Eurico, Information Security, Sky
André Uchôa, Chief Enterprise Architect, VTEX
Thiago Musa, Director, SpiderLabs LAC - Trustwave
Bruno Napolitano, Security Manager, Cielo
Leonardo Scudere, Managing Director, SSIC Americas
17:15 - 17:45Making a Global Impact with PCI SSC:
How You Can Get Involved and Resource Overview and Closing Remarks

Hear an update on all of the ways to engage with the Council and your fellow industry peers. You will also gain insight on all of the educational resources the Council offers that help make PCI SSC the center of the Payments ecosystem.

Presented by: Mauro Lance, Chief Operating Officer, PCI Security Standards Council


Please continue to check back for updates on our Sponsors












Sponsorship Opportunities


An exclusive opportunity to position your company as a leader in the global payment security industry



Employee Education is the Best Defense for Protecting your Organization’s Data Assets.

In conjunction with the Latin America Forum two training courses are available, allowing attendees to make the most of their travel time and budgets. The trainings will be conducted in Portuguese and will take place at The Tivoli Mofarrej – São Paulo.

Internal Security Assessor | 7-8 August

The two-day Internal Security Assessor (ISA) class provides large merchants, acquiring banks, and processors the opportunity to build their internal payment data security expertise, as well as increase their efficiency in complying with PCI Standards.

Qualified Security Assessor Training | 10-11 August

The two-day Qualified Security Assessor (QSA) class provides instruction on how to conduct assessments of merchants, institutions and service providers who must be compliant with the PCI DSS.

Get the latest updates on the 2017 Latin America Forum by joining our mailing list