Las Vegas Home - Las Vegas 2016

North America Community Meeting

20-22 September | Las Vegas, NV USA

JOIN US AT THE NORTH AMERICA COMMUNITY MEETING

Join your industry colleagues for three days of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment card industry or showcase a new product, you’ll find it all at the 2016 Community Meetings.

Industry Keynote Speakers

The following industry leaders will present at the meeting:

Christopher Novak
Director, Investigative Response
Verizon RISK Team

Brian Muirhead
Chief Engineer
Mars Science Laboratory & Caltech/Jet Propulsion Laboratory

Ken Munro
Partner and Founder
Pen Test Partners LLP

AGENDA

Tuesday, 20 September
12:00 14:30	13.00 15:00	Payment Brand and Council Office Hours
10:00	18:30	Registration Open
13:00	13:15	Welcome Remarks Jeremy King, International Director, PCI Security Standards Council
13:15	14:00	Keynote: State of the Council Stephen W. Orfei, General Manager, PCI Security Standards Council
14:00	14:30	Fireside Chat Stephen W. Orfei, General Manager, PCI Security Standards Council, Troy Leach, Chief Technology Officer, PCI Security Standards Council and Jeremy King, International Director, PCI Security Standards Council Joined by special guest Tracy Kitten, Executive Editor, BankInfoSecurity & CUInfoSecurity
14:30	15:00	Networking Break and Vendor Showcase	Sponsored by:
15:00	15:45	Reflecting on Ten Years of PCI Standards: Building the Payment Security of Tomorrow by Learning from Our Past A reflection on the changes in payment security and our standards over the past ten years and how that will help shape our future. Presented by: Troy Leach, Chief Technology Officer, PCI Security Standards Council
15:45	16:30	Forensics Industry Keynote: Understanding the Current Data Breach Landscape Presented by: Christopher Novak, Director, Investigative Response Verizon RISK Team
16:30	17:00	How to Communicate PCI to the Boardroom Panel Discussion: Ruston Miles , Chief Innovation Officer, SVP, Bluefin and Dr. Kimberlee Ann Brannock, Manager, HP Cybersecurity Governance & Information Security Moderated by: Stacy Hughes, Senior Vice President, It Governance, Risk and Compliance, Global Payments INC.
17:00	17:30	Frequent Questions Answered by the PCI Security Standards Council
18:30	20:00	Welcome Reception

Wednesday, 21 September
7:30 10:30 12:30	9:00 11:00 18:30	Payment Brand and Council Office Hours
7:30	9:00	Networking Breakfast and Vendor Showcase Members of the Small Merchant Taskforce are invited to a specially designated area to meet members of the Council during the morning breakfast.	Sponsored by:
9:00	9:30	Welcome Remarks Jeremy King, International Director, PCI Security Standards Council
9:30	10:30	Keynote: Architecting for Success Presented by: Brian Muirhead, Chief Engineer, Mars Science Laboratory, Caltech/Jet Propulsion Laboratory
10:30	11:00	Networking Break and Vendor Showcase	Sponsored by:
		Track One Sponsored by:	Track Two
11:00	11:20	PCI Pin Transaction Security (PTS) Updates Presented by: Leon Fell, Director of Solutions Standards, PCI Security Standards Council and Tim Cormier, Manager, Device Standards, PCI Security Standards Council	New PCI Payment Protection Resources for Small Merchants Presented by: Michael Christodoulides, VP, Payment Security (Third Party Risk), Barclaycard and Laura K. Gray, Director of Communications, PCI Security Standards Council
11:20	11:40	PCI Point-to-Point Encryption (P2PE) Updates Presented by: Michael Thompson, Standards Manager, PCI Security Standards Council and Andrew Bontoft, Director, Foregenix Ltd	2016 Special Interest Group (SIG) Update: Best Practices for Securing E-commerce Presented by: Elizabeth Terry, Advanced Research Manager, PCI Security Standards Council and Martin Hackleman, Parking Soft LLC
11:40	12:10	In-depth look into PCI DSS v3.2 Presented by: Emma Sutcliffe, Senior Director, Data Security Standards, PCI Security Standards Council	Protecting Yourself from Skimming and Other Attacks Presented by: Tim Cormier, Manager, Device Standards, PCI Security Standards Council
12:10	12:30	All Things Mobile Presented by: Emma Sutcliffe, Senior Director, Data Security Standards, PCI Security Standards Council and Leon Fell, Director of Solutions Standards, PCI Security Standards Council	Measuring and Benchmarking PCI Compliance Costs: A Practical Session Presented by: Sam Pfanstiel , Director, Solution Architecture, Coalfire
12:30	13:30	Networking Lunch and Vendor Showcase	Sponsored by:
13:30	13:50	Cloud Security, Compliance, and Incident Response in the Amazon EC2 Cloud Presented by: Brad Dispensa, Senior Solutions Architect (WWPS), Amazon Cloud Services, Amazon Corporation and Tom Arnold, Head of Digital Forensics, Payment Software Company (PSC)	Balancing Security and Compliance Presented by: Tim Rohrbaugh, VP North America, ControlCase and Kishor Vaswani, CEO, ControlCase
13:50	14:10	Configuring Transport Layer Security (TLS) and the Fundamentals of Public Key Infrastructure (PKI) Presented by: Ralph Poore, Director, Emerging Standards PCI Security Standards Council and Jeff Stapleton, Information Security Architect, Wells Fargo Bank	Setting Them Up For Failure Presented by: Joseph Pierini, Director of Technical Services, Security Assessor - Penetration Tester, Payment Software Company (PSC) , CISSP, GCIH, PCI: QSA, PA-QSA, PFI, QAE
14:10	14:30	EMVCo Beyond Chip: Latest insights on EMV 3DS 2.0 Presented by: Brian Byrne, Director of Operations for EMVCo and Troy Leach, Chief Technology Officer, PCI Security Standards Council	From Assessor to Assessed: Perspectives on PCI Presented by: Todd Aument, Head of GRC, Square
14:30	15:00	Application Security at Scale Presented by: Jake Marcinko, Standards Manager, PCI Security Standards Council and Jeff Williams, CTO, Contrast Security	Hunting Paper Tigers: A Security-First Approach to Compliance Presented by: Jacob Ansari, Manager, Schellman & Company, LLC
15:00	15:30	Networking Break and Vendor Showcase	Sponsored by:
15:30	15:50	The Evolving ATM Security Landscape Presented by: Dave Phister, Diebold Nixdorf Product Management – Platform Security Technologies	The Dark Web: Coming to a Retailer Near You Presented by: Beth O'Brien, Principal Product Marketing Manager, RSA, The Security Division of EMC
15:50	16:20	Measuring Security and Compliance – a Proactive approach to PCI Scorecarding Presented by: Christopher Strand, Senior Director, Compliance and Governance Programs, Carbon Black Inc.	EMV & P2PE: PCI Qualified Integrators and Resellers (QIR) Lessons Learned Presented by: Phil Stead, CISSP, CISM, PCI-QIR, VP Of Retail Solutions, Limited Partner, Reliant Solutions and Gill Woodcock, Senior Director of Certification Programs, PCI Security Standards Council
16:20	16:40	The Song Remains the Same: A Decade of Unchanged Attack Vectors Presented by: Greg Johnson, Vice President of Business Development, A-LIGN	The Zen of PCI: How to Maintain PCI Compliance Without Losing Your Mind Presented by: Peggy Nolan, PCI ISA, Principal IT Compliance Analyst, Liberty Mutual Group, Inc.
16:40	17:00	How did you get in? Managing Failed Penetration Tests Presented by: Stacy Hughes, Senior Vice President, IT Governance, Risk and Compliance and Kevin Simmonds, Director, Cybersecurity and Privacy Practice, PricewaterhouseCoopers	Third Party Service Providers - at the Heart of the Compliance Web Presented by: Raji Ganesh, Vice President, Fiserv Solutions Inc.
17:00	18:30	Networking Reception and Vendor Showcase	Sponsored by:

Thursday, 22 September
7:30	12:30	Payment Brand and Council Office Hours
7:30	9:00	Networking Breakfast and Vendor Showcase Breakfast with the Council: Come and meet members of the Council. Enjoy breakfast while discussing hot topics and industry trends with Council members from the Standards, Certification and Training teams. Qualified Integrators and Resellers (QIRs) are invited to a specially designated area to meet members of the Council during the morning breakfast.	Sponsored by:
9:00	9:15	Welcome Remarks Jeremy King, International Director, PCI Security Standards Council
9:15	10:15	Keynote: From Payment to Ransomware, via the Internet of Things Presented by: Ken Munro, Partner and Founder, Pen Test Partners LLP
10:15	10:45	Networking Break and Vendor Showcase	Sponsored by:
10:45	11:30	Compliant vs. Secure: Can Security Governance Resolve the Dilemma? Panel Discussion: Rocco Grillo, CISSP, Executive Managing Director - Cyber Resilience Leader, Stroz Friedberg, Chad Thiemann, Director Privacy, Compliance & Legal, CVS Health, Julie Schwartz, Director of Compliance and Risk, WorldPay and William Noonan, U.S. Secret Service, Senior Cyber Advisor, Special Agent in Charge, Dallas Field Office
11:30	12:00	PCI's Quality Assurance Program: Then and Now Presented by: Brandy Cumberland, Director of Assessor Quality Management (AQM) Programs, PCI Security Standards Council
12:00	12:30	Q&A with PCI Security Standards Council and Closing Remarks
12:30	15.30	Assessor Lunch and Session (QSAs, ASVs, and ISAs only) Join your peers for an interactive session and Q&A with the PCI SSC team to discuss what is new for assessors and tips for ensuring your assessments get great feedback.

Register today to secure your spot at the 2016 North America Community Meeting.

TESTIMONIALS

"The community meetings just keep getting better, both in terms of quantity and quality."
"Something for everyone from techs to execs."
"It was great to network with other payment system participants."

TRAINING

Employee Education is the Best Defense for Protecting your Organization’s Data Assets.

In conjunction with the North America Community Meeting, five instructor-led training classes are available, allowing attendees to make the most of their travel time and budgets. The trainings will take place at The Mirage.

PA-QSA Training | 15-16 September

PA-QSA training provides you the tools to become an expert on the requirements for PA-DSS compliance and have an impact on the consistent and proper application of security measures and controls for your client’s payment applications. Enrollment is restricted to existing QSAs only.

P2PE Training | 15-16 September

The Point-to-Point Encryption Qualified Security Assessor (P2PE QSA) and Payment Application Point-to-Point Encryption Qualified Security Assessor (P2PE PA-QSA ) training programs prepare candidates to perform validation of Point-to-Point Encryption solutions and applications against the latest standard in order for those solutions and applications to be listed on the PCI Council website.

Internal Security Assessor Training | 18-19 September

The Internal Security Assessor (ISA) Program provides large merchants, acquiring banks, and processors the opportunity to build their internal payment data security expertise, as well as increase their efficiency in complying with PCI Standards.

Qualified Security Assessor Training | 18-19 September

Qualified Security Assessor (QSA) training provides instruction on how to conduct assessments of merchants, institutions and service providers who must be compliant with the PCI DSS.

PCI Acquirer Training | 19 September

Payment Card Industry (PCI) Acquirer Training is for acquirers and processors who wish to have a deeper understanding of the PCI DSS in order to better assist their merchant clients in their security and compliance efforts.