Latin America Forum

São Paulo, Brazil
15 – 16 August 2018

We are no longer accepting pre-registrations for the Latin America Forum

Join us at the 2018 Latin America Forum

Don’t miss THE data security event of the year for the payment card industry. Join us for: Networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes and industry expert speakers.


The PCI Security Standards Council’s 2018 Latin America Forum is THE place to be. We provide you the information and tools to help secure payment data. We lead a global, cross-industry effort to increase payment security by providing industry-driven, flexible and effective data security standards and programs that help businesses detect, mitigate and prevent criminal attacks and breaches. Don’t miss out!


Join us for a day and a half of discovery, updates and insights from members of the Council and regional community figures and merchants.

Wednesday, 15 August 
8:00-9:30Networking Breakfast and Vendor Showcase
9:30-10:00Welcome Remarks
Presented by: Carlos Caetano, Associate Regional Director, Brazil, PCI Security Standards Council
10:00-10:45Keynote: State of the Council
Presented by: Lance J. Johnson, Executive Director, PCI Security Standards Council

10:45-11:30Regional Insights - A Panel Discussion

Moderated by: Carlos Caetano, Associate Regional Director, Brazil, PCI

Panelists include: Bruno Napolitano, Chief Security Officer, Cielo, Fabio Noronha, Information Security Manager, Elo Cartões, Gerson Rolim, Partner, Director of Vecto Mobile, Director of (Brazilian eCommerce Chamber), and ABINC (Brazilian IoT Chamber)

11:30-12:00Networking Break and Vendor Showcase
12:00-12:45Industry Keynote: Cybercrime in Latin America
Presented by: Thiago Musa, SpiderLabs Director, Expert Testing and Cyber Threat Detection & Response, Trustwave

With 33 countries, 13 other territories and a total population of over 670+ Million people, the LATAM region is estimated to reach 375+ Million connected users by the end of 2018. But unfortunately, as we have seen in the field, there’s a long road ahead for the region to become adequately prepared for current threats.

In this presentation, we will review several channels used by cybercriminals, critical threats we have identified, and highlight recent real-case examples.
12:45-13:30Shifting Paradigms: How Innovation is Changing Payment Security (and Standards)
Presented by: Carlos Caetano, Associate Regional Director, Brazil, PCI Security Standards Council
13:30-14:30Networking Lunch and Vendor Showcase

Sponsored By:

14:30-15:15How Good Certification Adds Value in the Career of a Security Professional
Presented by: Carlos Augusto Guerra, Consultant, GSO Consulting

Good certification can allow security professionals to gain more knowledge and be prepared for the constant evolution of attacks in the digital world. In this session hear how ISACA has worked to develop material that supports the development of the professional career of the people working with Information Security.
15:15-16:00Strength in Sharing – Cyber Intel for Financial Services
Presented by: Magdiel Rodríguez, Regional Director, Latin America and Caribbean, FS-ISAC

Ever-accelerating flood attack techniques leave few organizations capable of defending themselves and safeguarding sensitive data in their care. In this session hear how information-sharing is a critical tool for network defenders, allowing them to avoid the missteps of their peers, and deploy proven defense measures.
16:00-16:30Networking Break and Vendor Showcase
16:30-17:00Point to Point Encryption – What, How and Why – Latin Landscape
Presented by: Christian Charette, Director of Consulting and Risk Services, Foregenix and Guilherme Scheibe, Managing Consultant, Foregenix

Validated P2PE Solutions are used globally for the protection of cardholder data. In Latin America, this type of solution is still a myth and has no real implementations. This session will bring a global perspective with the P2PE ecosystem to show attendees a real-life P2PE solution, the steps to achieve it, and the benefits involved.
17:00-17:30Tips from a Qualified Security Assessor (QSA) on How to Keep Your Company Compliant Throughout the Year
Presented by: Eduardo Justo de Oliveira, Governance, Risks and Compliance Coordinator, Cipher SA

Achieving full PCI DSS compliance can be a challenging task for the day-by-day activities in a business. This session will provide insightful tips on what a company can do to maintain compliance, and will provide insight from an assessor’s perspective, on how to reduce issues and surprises during the annual PCI DSS assessments.
17:30-18:00Using PCI DSS Controls to Drive Business Decisions
Presented by: Rodrigo Leal, Practice Manager, PCI Compliance Services, SSIC - Secure Systems Innovation Corp

In this session, hear how PCI DSS controls can be used to drive business decisions and quantify the identified cyber risks in economic terms. With this approach, executives and boards can determine risk mitigation and risk-transfer thresholds.
18:00-19:30Networking Reception and Vendor Showcase

Sponsored By:

Thursday, 16 August 
8:00-9:30Networking Breakfast and Vendor Showcase
9:30-9:45Welcome Remarks
Presented by: Jeremy King, International Director – Europe, PCI Security Standards Council
9:45-10:45Keynote: Zero Trust - Understanding our New Reality
Presented by: Jacomo Piccolini, Vice President Latin America, Team Cymru

We are facing a critical time in our industry and we can't afford anymore not being ready to respond and act upon cyber security issues. This talk will cover some recent concerns and cases to makes us rethink how we need to evolve to make the Internet more secure
10:45-11:15Networking Break and Vendor Showcase
11:15-11:45PCI DSS at High-Growth Startups
Presented by: João Del Valle, Co-founder and CTO, EBANX

This session will share the EBANX experience, lessons learned, and thoughts on the future of digital security. EBANX, an online payments company, has grown from three to four hundred employees and from three thousand to ten million transactions per month over the course of five years. How do you support all that growth securely without slowing down the business? How do you remain compliant throughout the different growth stages of a high impact startup? This session will answer these questions and more.
11:45-12:15EMV 3DSecure 2.0 and PCI 3DS Security Standards Improving E-Commerce Transactions
Presented by: Rubergil Violante Jr., Software Solutions Systems Architect, HST

The new EMV 3DSecure 2.0 protocol has been launched, improving the features of the current 1.0 spec not only in safety but especially in user experience. This session will explore the new features of the protocol, its impact on the E-Commerce ecosystem, and how the new PCI 3DS Security Standards supports its adoption by defining the correct requirements and procedures to protect the systems and data involved.
12:15-13:00How Industry Collaboration and Feedback Shapes PCI SSC Programs
Presented by: Mauro Lance, Chief Operating Officer, PCI Security Standards Council

Join this session for walk through of how our industry collaboration and feedback has shaped current and upcoming PCI Programs.
13:00-13:30Making a Global Impact with PCI SSC: How You Can Get Involved and Resource Overview
Presented by: Jeremy King, International Director – Europe, PCI Security Standards Council and Mauro Lance, Chief Operating Officer, PCI Security Standards Council

Attend this sesion to hear about everything that PCI SSC has to offer you and your organization so you can help secure payment data. We will also share all the ways you can be more involved with PCI SSC.



Please continue to check back for updates on our Sponsors











Sponsorship Opportunities

An exclusive opportunity to position your company as a leader in the global payment security industry.



Employee Education is the Best Defense for Protecting your Organization’s Data Assets.

In conjunction with the Latin America Forum, two training courses are available, allowing attendees to make the most of their travel time and budgets. The trainings will be conducted in Portuguese and will take place at Hotel Unique – São Paulo

Internal Security Assessor | 20-21 Aug

The two-day Internal Security Assessor (ISA) class provides large merchants, acquiring banks, and processors the opportunity to build their internal payment data security expertise, as well as increase their efficiency in complying with PCI Standards.

Qualified Security Assessor Training |  22-23 Aug

The two-day Qualified Security Assessor (QSA) class provides instruction on how to conduct assessments of merchants, institutions and service providers who must be compliant with the PCI DSS.


Current Exhibitors:

Get the latest updates on the 2018 Latin America Forum by joining our mailing list.