Agenda

AGENDA

*Agenda is subject to change*

Tuesday, 20 September 

12:00
14:30

13.00
15:00

Payment Brand and Council Office Hours

10:00

18:30

Registration Open

13:00

13:15

Welcome Remarks
Jeremy King, International Director, PCI Security Standards Council

13:15

14:00

Keynote: State of the Council
Stephen W. Orfei, General Manager, PCI Security Standards Council

14:00

14:30

Fireside Chat

Stephen W. Orfei, General Manager, PCI Security Standards Council, Troy Leach, Chief Technology Officer, PCI Security Standards Council and Jeremy King, International Director, PCI Security Standards Council
Joined by special guest Tracy Kitten, Executive Editor, BankInfoSecurity & CUInfoSecurity

14:30

15:00

Networking Break and Vendor Showcase


Sponsored by:

15:00

15:45

Reflecting on Ten Years of PCI Standards: Building the Payment Security of Tomorrow by Learning from Our Past

A reflection on the changes in payment security and our standards over the past ten years and how that will help shape our future.

Presented by: Troy Leach, Chief Technology Officer, PCI Security Standards Council

15:45

16:30

Forensics Industry Keynote: Understanding the Current Data Breach Landscape

Presented by: Christopher Novak, Director, Investigative Response Verizon RISK Team

16:30

17:00

How to Communicate PCI to the Boardroom

Panel Discussion: Ruston Miles , Chief Innovation Officer, SVP, Bluefin and Dr. Kimberlee Ann Brannock, Manager, HP Cybersecurity Governance & Information Security
Moderated by: Stacy Hughes, Senior Vice President, It Governance, Risk and Compliance, Global Payments INC.

17:00

17:30

Frequent Questions Answered by the PCI Security Standards Council


18:30

20:00

Welcome Reception

Wednesday, 21 September

7:30
10:30
12:30

9:00
11:00
18:30

Payment Brand and Council Office Hours

7:30

9:00

Networking Breakfast and Vendor Showcase
Members of the Small Merchant Taskforce are invited to a specially designated area to meet members of the Council during the morning breakfast.

Sponsored by:

9:00

9:30

Welcome Remarks
Jeremy King, International Director, PCI Security Standards Council

9:30

10:30

Keynote: Architecting for Success

Presented by: Brian Muirhead, Chief Engineer, Mars Science Laboratory, Caltech/Jet Propulsion Laboratory

10:30

11:00

Networking Break and Vendor Showcase

Sponsored by:




Track One
Sponsored by:

Track Two

11:00

11:20

PCI Pin Transaction Security (PTS) Updates 
Presented by: Leon Fell, Director of Solutions Standards, PCI Security Standards Council and Tim CormierManager, Device Standards, PCI Security Standards Council

New PCI Payment Protection Resources for Small Merchants
Presented by: Michael Christodoulides, VP, Payment Security (Third Party Risk), Barclaycard and Laura K. Gray, Director of Communications, PCI Security Standards Council

11:20

11:40

PCI Point-to-Point Encryption (P2PE) Updates  
Presented by: Michael Thompson, Standards Manager, PCI Security Standards Council and Andrew Bontoft, Director, Foregenix Ltd

2016 Special Interest Group (SIG) Update: Best Practices for Securing E-commerce
Presented by: Elizabeth Terry, Advanced Research Manager, PCI Security Standards Council and Martin Hackleman, Parking Soft LLC

11:40

12:10

In-depth look into PCI DSS v3.2
Presented by: Emma Sutcliffe, Senior Director, Data Security Standards, PCI Security Standards Council

Protecting Yourself from Skimming and Other Attacks
Presented by: Tim Cormier, Manager, Device Standards, PCI Security Standards Council

12:10

12:30

All Things Mobile
Presented by: Emma Sutcliffe, Senior Director, Data Security Standards, PCI Security Standards Council and Leon Fell, Director of Solutions Standards, PCI Security Standards Council

Measuring and Benchmarking PCI Compliance Costs: A Practical Session
Presented by: Sam Pfanstiel , Director, Solution Architecture, Coalfire

12:30

13:30

Networking Lunch and Vendor Showcase

Sponsored by:
protiviti

13:30

13:50

Cloud Security, Compliance, and Incident Response in the Amazon EC2 Cloud

Presented by: Brad Dispensa, Senior Solutions Architect (WWPS), Amazon Cloud Services, Amazon Corporation and Tom Arnold, Head of Digital Forensics, Payment Software Company (PSC)

Balancing Security and Compliance
Presented by: Tim Rohrbaugh, VP North America, ControlCase and Kishor Vaswani, CEO, ControlCase

13:50

14:10

Configuring Transport Layer Security (TLS) and the Fundamentals of Public Key Infrastructure (PKI)  
Presented by: Ralph Poore, Director, Emerging Standards PCI Security Standards Council and Jeff Stapleton, Information Security Architect, Wells Fargo Bank

Setting Them Up For Failure

Presented by: Joseph Pierini, Director of Technical Services, Security Assessor - Penetration Tester, Payment Software Company (PSC) , CISSP, GCIH, PCI: QSA, PA-QSA, PFI, QAE

14:10

14:30

EMVCo Beyond Chip: Latest insights on EMV 3DS 2.0
Presented by: Brian Byrne, Director of Operations for EMVCo and Troy Leach, Chief Technology Officer, PCI Security Standards Council

From Assessor to Assessed: Perspectives on PCI
Presented by: Todd Aument, Head of GRC, Square

14:30

15:00

Application Security at Scale
Presented by: Jake Marcinko, Standards Manager, PCI Security Standards Council and Jeff Williams, CTO, Contrast Security

Hunting Paper Tigers: A Security-First Approach to Compliance
Presented by: Jacob Ansari, Manager, Schellman & Company, LLC 

15:00

15:30

Networking Break and Vendor Showcase

Sponsored by:

15:30

15:50

The Evolving ATM Security Landscape
Presented by: Dave Phister, Diebold Nixdorf Product Management – Platform Security Technologies

The Dark Web: Coming to a Retailer Near You 
Presented by: Beth O'Brien, Principal Product Marketing Manager, RSA, The Security Division of EMC

15:50

16:20

Measuring Security and Compliance – a Proactive approach to PCI Scorecarding
Presented by: Christopher Strand, Senior Director, Compliance and Governance Programs, Carbon Black Inc.

EMV & P2PE: PCI Qualified Integrators and Resellers (QIR) Lessons Learned
Presented by: Phil Stead, CISSP, CISM, PCI-QIR, VP Of Retail Solutions, Limited Partner, Reliant Solutions and Gill Woodcock, Senior Director of Certification Programs, PCI Security Standards Council

16:20

16:40

The Song Remains the Same: A Decade of Unchanged Attack Vectors
Presented by: Greg Johnson, Vice President of Business Development, A-LIGN

The Zen of PCI: How to Maintain PCI Compliance Without Losing Your Mind
Presented by: Peggy Nolan, PCI ISA, Principal IT Compliance Analyst, Liberty Mutual Group, Inc.

16:40

17:00

How did you get in?  Managing Failed Penetration Tests Presented by: Stacy Hughes, Senior Vice President, IT Governance, Risk and Compliance and Kevin Simmonds, Director, Cybersecurity and Privacy Practice, PricewaterhouseCoopers

Third Party Service Providers - at the Heart of the Compliance Web
Presented by: Raji Ganesh, Vice President, Fiserv Solutions Inc.

17:00

18:30

Networking Reception and Vendor Showcase

Sponsored by:




Thursday, 22 September 

7:30

12:30

Payment Brand and Council Office Hours

7:30

9:00

Networking Breakfast and Vendor Showcase
Breakfast with the Council: Come and meet members of the Council. Enjoy breakfast while discussing hot topics and industry trends with Council members from the Standards, Certification and Training teams.


Qualified Integrators and Resellers (QIRs) are invited to a specially designated area to meet members of the Council during the morning breakfast.

Sponsored by:

9:00

9:15

Welcome Remarks
Jeremy King, International Director, PCI Security Standards Council

9:15

10:15

Keynote: From Payment to Ransomware, via the Internet of Things
Presented by: Ken Munro, Partner and Founder, Pen Test Partners LLP

10:15

10:45

Networking Break and Vendor Showcase


Sponsored by:

10:45

11:30

Compliant vs. Secure: Can Security Governance Resolve the Dilemma?

Panel Discussion: Rocco Grillo, CISSP, Executive Managing Director - Cyber Resilience Leader, Stroz Friedberg, Chad Thiemann, Director Privacy, Compliance & Legal, CVS Health, Julie Schwartz, Director of Compliance and Risk, WorldPay and William Noonan, U.S. Secret Service, Senior Cyber Advisor, Special Agent in Charge, Dallas Field Office

11:30

12:00

PCI's Quality Assurance Program: Then and Now

Presented by: Brandy Cumberland, Director of Assessor Quality Management (AQM) Programs, PCI Security Standards Council

12:00

12:30

Q&A with PCI Security Standards Council and Closing Remarks

12:30

15.30

Assessor Lunch and Session (QSAs, ASVs, and ISAs only)

Join your peers for an interactive session and Q&A with the PCI SSC team to discuss what is new for assessors and tips for ensuring your assessments get great feedback.