Please check back for ongoing updates.

Adriano Bertoni
QSA, ISO 27001 LA and LI, Senior Security Consultant, Online Business Systems

Mr. Bertoni, through his 10 years as a QSA and trusted adviser, has prepared small, mid, and large-size companies to achieve and maintain their security compliance requirements and best practices. Guiding his clients through the complex and sometimes daunting process of governance, security, risk, and compliance, Mr. Bertoni assists his clients in developing a compliant internal security program. He is a long-standing PCI QSA.

Renato Opice Blum
Data Protection and Digital Law Programs Professor Coordinator, INSPER

Mr. Blum is an Attorney and economist specializing in Data Protection and Digital Law programs. He is a professor coordinator at Research and Education Institute (INSPER) and MBA Digital Law coordinator at Sao Paulo Law School (EPD). Renato has been recognized as “Lawyer of the year – Technology Law” by Best Lawyers 2017 and 2018; Nominated as one of the “main lawyers Brazil – Data Protection” by Who’s Who legal 2018. He has written and coordinated books such as “(LGDP) – General Law Of Data Protection – Commented”, “Comments to the GDPR – General Regulation on Data Protection of the European Union”, “Manual of Electronic Law and Internet”, “Electronic Law – The Internet and The Courts” and other relevant books and papers. He has been appraised for more than 5 consecutive years in international publications such as Chambers & Partners and The Legal 500.

Carlos Caetano
Associate Regional Director – Brazil, PCI Security Standards Council

Mr. Caetano is responsible for driving awareness and adoption of PCI Standards within Brazil, working closely with merchants, acquirers, financial institutions, security practitioners, law enforcement and other key stakeholders across the Brazilian payment eco-system.

Mr. Caetano brings into the Council a wealth of experience, from having spent the last 13 years working in information security including much of the last 10 years working directly on PCI programs. Most recently as the Information Security & Risk Officer for First Data in Brazil, he was responsible for the information security vetting of the strategic projects, information security and data privacy risk management, and managing the PCI certification program for Latin America. Prior to joining First Data, Mr. Caetano worked for Trustwave, holding the position of Delivery Director for Latin America, responsible for providing security services, including the full suite of PCI Standards, to more than 50 enterprises in several countries and industry verticals, including issuing banks, acquiring banks, issuer processors, acquirer processors, call centers, data centers, payment gateways and merchants. Prior to joining Trustwave, Mr. Caetano worked for Cielo, holding the position of Information Security Specialist, being responsible for several fronts on Cielo’s security strategy, including the PCI Compliance Program, incident response, vulnerability management, advanced security tests and application security.

John Cartwright
QSA, CISA, CISM, Senior Associate, Schellman & Company, LLC

Mr. Cartwright is a Senior Associate with Schellman & Company, LLC, performing domestic (USA) and international PCI-DSS ROC and Readiness assessments and general IT security controls evaluations. Prior to joining Schellman in 2015, Mr. Cartwright worked as a QSA for IBM and Secureworks. He has worked with the DSS for over 10 years, also serving as an internal security assessor for Fortune 500 companies and as an independent consultant helping companies prepare for upcoming PCI-DSS assessments.

Atilla Duarte
Compliance Manager, Braspag

Mr. Duarte has 22 years of experience in the areas of Information Security, Infrastructure and Compliance, of which 10 years have been implementing PCI DSS in companies.

Fernando Fonseca
CISSP-ISSAP, CISM, CISO, DPO, Diretor de Ensino, Antebellum Capacitação Profissional

Mr. Fonseca is a specialist in privacy and confidentiality, certified CISSP-ISSAP, CISM and DPO, working for more than 10 years with PCI DSS and dedicating itself to privacy laws such as GDPR in recent years. Working as a computer programmer and systems analyst since 1985, network administrator, trainer and University Professor since 1993, he’s also the author of books and many course materials, from MS-DOS until GRC, PCI, Privacy and Computer Forensics.

Lance J. Johnson
Executive Director, PCI Security Standards Council

Mr. Johnson is responsible for driving and implementing the Council’s strategic direction. For the past five years, he served as the Chief Operating Officer at Sequent Software, Inc. where he led all corporate administration and operations. Prior to Sequent, Johnson spent more than twenty years at Visa Inc., as a senior leader directing Visa’s efforts in global risk management and security, fraud detection and control, and global payment data and device security. As an expert in payment security, Mr. Johnson holds several patents, served in the U.S. Navy, and has a Bachelor’s degree in Business Administration and Management from the University of Central Florida.

Jeremy King
International Director – Europe, PCI Security Standards Council

Mr. King leads the Council’s efforts in increasing adoption and awareness of the PCI security standards internationally. In this role, Mr. King works closely with the Council and representatives of its policy-setting executive committee from American Express, Discover, JCB International, MasterCard, and Visa, Inc. His chief responsibilities include gathering feedback from the merchant and vendor community, coordinating research and analysis of PCI SSC managed standards through European markets, and driving education efforts and Council membership recruitment through active involvement in local and regional events, industry conferences, and meetings with key stakeholders. He also serves as a resource for Approved Scanning Vendors (ASVs), Qualified Security Assessors (QSAs), Internal Security Assessors (ISAs), PCI Forensic Investigators (PFIs), and related staff in supporting regional training, certification, and testing programs.

Flavia Murgades
Compliance Manager, Information Security, Despegar.com / Decolar.com

Ms. Murgades is in charge of Security Compliance and their PCI Compliance program. She works in the area of Information Security, but when she started to lead and manage the PCI project in 2015 she was part of the Regional Operations team.


She has experience in security controls, automating collections, regional support of the company’s processes and mapped processes of all tasks involved (billing, collecting,reimbursements, financial reconciliation, duplicated tasks), implementation of several applications for example: online ticket emission control that spots errors, analysis and re-engineering of processes. Ms. Murgades also oversaw IT equipment for the automation of collection and emissions processes at the regional level. She also has several years’ experience working on consultancy firms on the development of custom projects for clients in various verticals of countries like Brazil, Chile, México, Colombia and USA. Flavia has an Information Systems degree from University of Buenos Aires – School of Economics.

Fabio Noronha
Sr. Manager Information Security, Elo

Mr. Noronha graduated and specialized in IT Project Management by Fundação Getúlio Vargas. He has more than 16 years of experience in Information Security, Technology and Fraud Prevention, with working on financial institutions, consulting and electronic payments companies.


His professional career began at Santander, where he worked with identity and access management, focused on the corporate environment and branches, moving to the corporate security area, and coordinating new projects. He joined Itaú-Unibanco, where he participated in the planning and development of the area of corporate security and the processes of encryption, cards and Internet banking. After that, Mr. Noronha began his endeavors in payments at CIELO, as a security consultant in transactional channels, where he worked in the projects of multi-brands, e-commerce, subacquiers and integration with international acquirer Merchant e-solutions, directing adherence to information security requirements, PCI frameworks and fraud prevention processes.


Currently, Mr. Noronha serves as Sr. Manager, Information Security at Elo. Fabio Noronha coordinated Elo’s affiliation process with PCI SSC, is involved in the development, management, education and awareness of the security standards for the payment industry, besides performing the role of CSO in the Elo Brand.

Ligia Pires
Trust & Safety Manager, OLX Brasil

Ms. Pires is a specialist in risk and fraud prevention, working for 10 years in strategic and operational actions in the areas of Risk, Prevention and Fraud Analysis in e-commerce, online payments and fintechs. She has experience in coordinating, planning and controlling activities in these areas, establishing resource management policies for operations analysis, implementation and management of tools and solutions for fraud prevention and mitigation of risks and losses, based on the development of detection systems prevention, in behavioral, database, and punctuation studies. Ms. Pires has strong analytical skills, development knowledge and process improvements, internal and MIS flows related to risk management, and experience in team development and training. Creation and parameterization of policies and management rules in anti-fraud tools and solutions, such as ClearSale, Kount, FControl, SAFe, 41st, Adyen, Simility, Tempest and its own tools / modules. She has experience in the development and application of training modules in policies for fraud prevention, monitoring and risk behavior studies, BPM and MIS. He acquired and executed references in e-commerce, fintechs and marketplaces such as: OLX Brazil, Koin, Moip / Wirecard Brasil, ClearSale and Oi, and worked on risk management and fraud prevention committees at the Brazilian Chamber of Electronic Commerce – Câmara e .net, ABCD and FECOMERCIO / SP.


Currently she is part of the management board of the Fraud Management Observatory – Blockchain Hub for eCommerce group fraud prevention.

Paulo Poi
PCI-QSA, CISM, Governance, Risk and Compliance Director, Cipher S/A

Mr. Poi graduated in 2011 as a Systems Analyst and Developer at São Paulo Technology College. He is the Latin America Governance, Risk and Compliance Director from Cipher. Since 2010, Mr. Poi has worked in the payment card market with Redecard (former Rede). In 2012, at Cipher, Mr. Poi became a PCI-QSA. In 2015, he led the assessments of the biggest companies in Brazil, such as Rede, Getnet, Cielo, UOL, Conductor and many others.

Gerson Rolim
Director and Payments and Antifraud Steering Committees Coordinator, camara-e.net

Mr. Rolim is a partner and director of Vecto Mobile Intellimetri and Observatore, Director of ABINC and camara-e.net.

He is a pioneer in the Brazilian Internet, connecting the first public networks.

Mr. Rolim has 23 years of experience in ICT, fluent in English and Spanish, post-grad. in Computer Network and graduate in Computer Science. He also has experience in technical, commercial and management areas.

Renato Wada
Information Security Director – LATAM
FIS Risk, Information Security and Compliance (RISC), Fidelity Processadora e Serviços S.A. (FIS)

Mr. Wada is an Executive with more than 20 years of experience in the Information Technology and Information Security fields. He has a degree in Business Administration (Managerial Processes) at Fundação Getúlio Vargas (FGV) and made his career in leading companies in Brazil such as UOL (Universo Online), TIVIT and EY. Mr. Wada currently occupies the Information Security Director role at FIS with oversight for the entire Latin America region.

Marco Wanderley
Head of Digital Forensics and Incident Response Services, Matrix Cyber Consulting Inc.

Mr. Wanderley has more than 15 years experience as a digital forensics and incident response ( DFIR ) investigator, working for private companies and serving as an expert technical witness in criminal, litigation and labor court processes. He holds numerous industry certifications, including PFI Core Investigator, PCI Qualified Security Assessor (QSA), EnCase® Certified Examiner (EnCE), AccessData Certified Examiner (ACE®), CISSP, GCFA, GCFE, GREM, EC Council CEH and EC Council CHFI.