Please check back for ongoing updates.


Jacob Ansari
QSA (P2PE), PA-QSA (P2PE), CISSP, Director, Schellman & Company, LLC

Mr. Ansari’s career spans 18 years of security assessments, consulting, and security engineering. He has been involved in payment card security since the card brands operated their own standards before PCI DSS. In his current role, he provides technical leadership for its PCI practice, and oversees other Payment Card Industry assessment services, namely PA-DSS and P2PE.


Tom Avery
Record-Breaking Explorer, Author and International Speaker

Adventure has been in Mr. Avery’s blood all his life. A pioneering polar explorer, climber and ski mountaineer, Tom is one of the UK’s foremost adventurers. He is best known for his record-breaking polar expeditions which have taken him to the furthest corners of the planet. Tom is part of an elite group of less than ten people in history to have completed the polar trilogy; the South and North Poles and a crossing of Greenland.


Avery has organized over a dozen expeditions across the globe and is the youngest Briton to have been to both Poles. His 2005 Ultimate North team made headlines around the world for recreating Robert Peary and Matthew Henson’s disputed discovery of the North Pole in 1909, and in the process entering the Guinness Book of Records for “The Fastest Surface Journey to the North Pole”.


Avery’s passion for adventure began when he first read about the exploits of Captain Scott as a seven-year-old boy. So consumed was he by Scott’s story that he knew his life wouldn’t be complete until he had followed his hero’s footsteps to the South Pole. He learnt to climb in the Welsh and Scottish mountains, first on rock, before moving on to snow and ice. A born leader, he subsequently went on to organize and lead expeditions to some of the world’s biggest mountains, including the Alps, Tanzania’s Rift Valley, the Andes, New Zealand’s Southern Alps, the Atlas Mountains of Morocco and the Himalayas, climbing an array of challenging peaks, including several unclimbed summits up to 20,000 feet in height.


Avery’s most recent challenge saw him breaking another World Record, this time for the fastest coast-to-coast crossing of Greenland in May 2015. Using kites and pulling two sledges each, Tom and his three team mates smashed the previous record by more than a week, completing the crossing in just 9 days, 19 hours with hardly any time for sleep. For one night, the team kited an incredible 180 miles in 16 hours, the equivalent of travelling from London to Manchester.


Tom Avery is a graduate of Bristol University, where he gained a degree in Geography and Geology. His highly acclaimed first book, Pole Dance, was released in 2003 and his second, To the End of the Earth, was published on both sides of the Atlantic in 2009. He was an official ambassador for the London 2012 Olympic Games and is a Fellow of the Royal Geographical Society and Explorers Club of New York.


Natasja Bolton
Senior Acquirer Support QSA, Sysnet Global Solutions

Ms. Bolton is one of Sysnet’s managing consultants, within their Cyber Risk Services division. In her role as Senior Acquirer Support QSA she engages with Sysnet’s acquiring clients and their merchants, providing guidance and support on payment security and the PCI standards. She spends a lot of time helping merchants understand PCI DSS and how it applies to their business. Ms. Bolton’s role encompasses consultancy, as well as information security and payment security advocacy through industry participation (such as her participation in the PCI Small Merchant Taskforce), direct client interaction and development of articles and whitepapers published on the Sysnet website. She also delivers technical pre-sales support and provides payment security specialist input to Sysnet’s product and marketing teams.


Ian Butler
Head of EU Security Products, Elavon Merchant Services

In his current role, Mr. Butler is responsible for Elavon’s Customer PCI compliance and data security solutions. He is actively engaged in several industry groups where he focuses on merchant’s PCI pain points. Following many years of delivering business technology solutions, mainly at Sky, Mr. Butler began his working in payments with by taking over the PCI and Payments Programme for Costa, Premier Inn and Beefeater at Whitbread, followed by time with Worldpay.


Christopher Campbell
Solution Architect, Veracode

Chris Campbell has over 10 years of experience in the security industry, as a consultant in the vendor world and as a practitioner at one of the UK’s biggest banks. He is a key member of the Strategic Accounts team at Veracode and he is responsible for presenting Veracode’s vision and technology to a wide range of UK enterprises.


Jonathan Lewis Christopherson
Principal Engineer, Target Corporation

Mr. Christopherson is a developer, software architect, and infrastructure engineer with over two decades of retail experience, with additional years in the public service and academic sectors. He is a contributing editor to the eight Linux Benchmarks published by the Center for Internet Security and an active member of several cloud and compute standards bodies and open source projects.


Joshua Costa
Senior Consultant, Investigative Response, Verizon Threat Research Advisory Center

Josh Costa responds to a wide array of cyber-security incidents, performs digital forensic examinations, and assists organizations in implementing incident response policies and procedures. He is also responsible for delivering incident response, digital forensics, and security focused training and presentations to executive management and technical personnel.


Prior to joining Verizon, Mr. Costa worked in various consulting roles where he performed digital forensic investigations in corporate, private, civil, and criminal matters. His experience includes computer forensic examinations, cellular forensic investigations, and e-Discovery collection and processing.


Oscar Covers
Cyber Security Analyst, Dutch Payments Association

Mr. Covers is Cyber security analyst at the Dutch Payments Association and has more than 15 years’ experience within Risk Management, cybersecurity, fraud and payments. In his role he analyzes ICT and payments related security threats and incidents and – where necessary – coordinates response. He has delivered multiple risk analyses together with experts in payment systems of the Dutch banks. Till 2016 he was responsible for the Dutch POS certification program. Oscar is member of several national and international security groups and the current chair of the ECPA Security working group.


Christian Delporte
European Liaison, EMVCo

Throughout his decades-long career, Mr. Delporte has established himself as a payments industry expert with unsurpassed knowledge of the EMV Chip Specifications and related industry initiatives. First with Europay, and then Mastercard, and he was involved in the early iterations of the EMV Specifications. Until his departure from Mastercard at the end of 2015, Christian served as Vice President for Mastercard and as Mastercard’s primary representative on EMVCo’s Board of Managers. During his time working with EMVCo, not only did the EMV Chip Specifications go truly global, but the technical body also laid the foundation for other EMV Specifications, including Payment Tokenisation and others. In his current role he is responsible for working with key European stakeholder groups and regulatory bodies, such as the European Cards Stakeholder Group, Euro Retail Payments Board, European Payments Council, the European Central Bank, and the European Banking Authority, to help them understand EMVCo’s role in the payments ecosystem. Given his rich experience with both EMVCo and the broader payments industry, he is uniquely suited to helping European stakeholders understand how EMVCo’s global Specifications meet European objectives and requirements.


Joachim Dorschel
Managing Partner, DPS Group 

As a lawyer at DPS Group, Mr. Dorschel is responsible for the areas of sales, project management, law, research and innovation. DPS Group is a German-based IT and consulting company for finance and retail. It takes a leading position on the European market for ATM and omnichannel software as well as payment applications. Mr. Dorschel recently edited a book on digital banking and authored a paper on the internet of payments published in “cards Karten cartes.”


Rodney Farmer
Member, European Association of Payment Service Providers for Merchants (EPSM)

Mr. Farmer has more than 20 years of international experience in technology driven financial services with the past decade in senior leadership roles leading card issuing and acquiring services for Global Payments, Euronet and Raiffeisen International. He is serving his third term as an elected member of the PCI Security Standard Council Board of Advisors providing industry input and refining the standards of financial data security for the card payment industry. Mr. Farmer has had the unique experience of certifying four multi-national card issuing and acquiring systems over the past 10 years. He can comfortably say, “I feel your pain.”


Dan Fritsche
Vice President, Solution Architecture, Coalfire

Mr. Fritsche has over 19 years of experience in application and network security architecture. In his role at Coalfire, he leads a team that is responsible for translating requirements created by IT risk and compliance mandates into business-centric cyber solutions strategies. He is adept at demonstrating emerging technology solutions and architecture with company alignment to improve both business bottom line and security posture.


Tabitha Gallo CISSP, QSA, PCIP
Senior Security Consultant in the Advisory Services team, Herjavec Group

Ms. Gallo possesses over 20 years’ experience in the areas of corporate governance, privacy and security risk management. She excels at working with organizations in their quest to safeguard critical business information assets, and helping them achieve and exceed their strategic and operational information technology control objectives.


Tabitha is currently a Senior Security Consultant in the Advisory Services team at Herjavec Group where she is the Practice Lead for Privacy, as well as performing PCI and Governance engagements. Herjavec Group is a global information security firm offering comprehensive protection services to minimize cyber attacks and threats. Herjavec Group was founded in 2003 by dynamic IT entrepreneur, Robert Herjavec.


Adriana Gliga-Belavic
CISSP, PCI QSA, Partner Cyber Security and Privacy, Canadian Payments Security & PCI Practice Leader, PricewaterhouseCoopers LLP (PwC)

Ms. Gliga-Belavic has more than twenty years of consulting experience in the areas of Information security strategy, architecture design, Security & Privacy governance, Payment Card Industry (PCI). She advises executives both in public and private clients on leveraging new technologies to enhance business results while maintaining customer digital trust. Ms. Gliga-Belavic is a thought leader in cybersecurity, payments security and privacy and a member of both security and privacy industry groups. She is also a frequent speaker at conferences and committed to building the next generation of cybersecurity and privacy professionals.


Berny Goodheart
Standards Manager, PCI Security Standards Council

Mr. Goodheart is a computer scientist and author. He is best known fo his books about Internet and Unix technologies. He started working with Unix in 1977 for Root Computers and Digitus. In 1987 he emigrated to Australia and initially worked for NEC before moving to Tandem Computers where he remained for 14 years during its merger with Compaq and then Hewlett-Packard. He returned to Britain in 1996. His most notable achievement upon his return was at Sun Microsystems where he was Project Manager and Chief Technical Architect for project Janus: an in-kernel Linux binary emulation and compatibility layer for Solaris 10 x 86 and AMD64 which has since appeared in OpenSolaris. He has also developed Ultra Density Optical disk based file systems on Linux-based servers for Plasmon and was the technical architect behind the Seagate Object-based Storage Device design. In 2005 he co-founded Secure Electrans Ltd and as CTO, developed a PCI compliant POI device for accepting utility payments in the home. He then took up position at Huawei as Director of R&D for mobile and tablet devices based in Helsinki and during his tenure was a member of the ARM Linaro technical steering Committee.


He was awarded an Honorary Doctorate in the discipline of Computer Science by Associate Professor John Lions, University of New South Wales, Australia, for his work The Magic Garden Explained, The Internals of Unix System V Release 4 (1995) which, among other things outlines the history of Unix and its Australian connection.


Mathieu Gorge
CEO and Founder, Vigitrust

Mr. Gorge has lived and worked in Ireland for over 20 years and graduated in Business Studies with Languages at the University of Ulster. He has an entrenched authority on IT security, risk management, information governance and compliance with more than 15 years’ experience in Europe, Australia, and the United States. He has established a name for himself as a PCI DSS and data expert as well as a published domain author and International speaker on Security, Compliance, IoT and Blockchain issues, such as Bitcoin currency. Since 2006, Mr. Gorge has been a Councillor for France Ireland Chamber of Commerce (FICC), and he was appointed as the President this year. In 2014, he was named French Trade Foreign Advisor by the French government (Conseiller du Commerce Extérieur de la France). Mathieu is also involved as Chairman of InfoSecurity Ireland which is an official Reviewer for ANSI (American National Standards Institute). Moreover, he works closely with the PCI Council as well as ANSI. He also speaks regularly at Global Security Conferences, such as RSA, ENISA, EUROCACS & ISACA. He works in close collaboration with the PCI Council in the United States and the European Union.


Laura K. Gray
Senior Director of Communications, PCI Security Standards Council

Ms. Gray develops and executes integrated communications strategies that inform, educate and help PCI Security Standards Council stakeholders take advantage of PCI SSC programs, resources, research and initiatives.


Alan Gutierrez-Arana
Principal, Risk Advisory Services National Leader Payment Card Industry (PCI) Services, RSM US

Alan Gutierrez-Arana has over 20 years of experience providing IT security and controls assessments, and regulatory compliance consulting services for a broad range of consumer services, including insurance, banking, finance, and government including high technology entities. He specializes in Payment Card Industry (PCI) controls assessment and compliance, federal and state IT regulatory compliance (PCI-DSS, SOX, HIPAA-HITECH, BASEL II, FFIEC), controls design and implementation, SSAE16 assessments, disaster recovery, IT outsourcing and off-shoring, IT governance, business continuity, change management, information security, computer operations and e-business. His client portfolio includes several Fortune 100 and Fortune 500 companies, with locations in Asia, Latin America, Europe and the U.S. He holds an undergraduate degree in electronic engineering from Universidade Federal do Para, Brazil, a bachelor’s degree in information systems management, magna cum laude from Walden University and a master’s degree in information assurance and security from Capella University. His professional affiliations and accreditations include: CISA, CRISC, QSA, PCIP, HTCC, ISACA PCI DSS, IASA, SOFE , CSA, ISSA , SOFE, SIG and Cloud Computing member and GEAR Representative for RSM US.


Rob Harvey
Director, Risk, Security and Privacy, Online Business Systems

Mr. Harvey is a business and technology expert with over nine years of PCI consulting experience, 14 years of security consulting experience, and 18 years in IT. In his current role, Mr. Harvey helps to build, grow, and lead a pragmatic, risk-based, business-minded security consulting practice that focuses on governance and program management, including PCI, vulnerability management, and data protection.


Andrew Henwood
CEO, Foregenix

Mr. Henwood is a PCI security industry entrepreneur and active in evangelizing and recommending cyber security best practices through experience garnered from over 18 years of working in the field. Mr. Henwood has been involved in the payments industry since 2001, where he assisted in developing the first versions of the payment brand security standards in Europe. Mr. Henwood is a frequent public speaker on cyber security topics. Foregenix is a cyber security consultancy and solution provider, a PCI QSA, PA-QSA, P2PE and PFI certified company and provides assessment services and innovative, baked-in cyber security solutions globally.


Lauren Holloway
Director of Standards Coordination, PCI Security Standards Council

Ms. Holloway’s role includes coordinating PCI SSC’s efforts for the Small Merchant Business Task Force as well as working closely with the various PCI teams to drive consistency and alignment across the standards and supporting programs. She joined PCI SSC in 2010 as the Director of Data Security Standards. Prior to joining the Council, Ms. Holloway led and coordinated Visa’s efforts for PCI DSS and PA-DSS and related programs for several years. Ms. Holloway’s extensive information security and audit background includes managing information security at an internet payment gateway, consulting with a Big 4 audit firm, and conducting and managing internal audits for computer systems at a Fortune 500 company. Ms. Holloway holds the CISSP, CISM, and CISA designations.


Stacy Hughes
CITP, CRISC, CGMA, PCI ISA, PCIP, CISM, SVP, IT Governance, Risk and Compliance, Global Payments

Ms. Hughes has worldwide responsibility for the IT and Security compliance functions – external (e.g. PCI, SOX), merchant, and payment. In her current role, Ms. Hughes serves as SVP of IT Governance, Risk and Compliance for Global Payments Inc. (GPN), a leading worldwide provider of payment technology services. Headquartered in Atlanta, Georgia with more than 10,000 employees worldwide, GPN is a member of the S&P 500 with merchants and partners in 30 countries throughout North America, Europe, the Asia-Pacific region and Brazil. Ms. Hughes also represents GPN on the PCI Security Standards Council Board of Advisors.


Gert Huizinga
Senior Consultant Card Solutions, ING

Mr. Huizinga holds a Bachelor of Science in electronics. During his career, he has gained broad and deep experience in cards related matters, both on terminal, networks, processing, e-commerce, mobile etc. He combines a business, technology and security perspective on cards issues.


Within ING he is involved in advising on security aspects of EU legislation such as the IFR, PSD 2, EBA Guidelines and PCI regulation (PCI DSS, PCI PTS). He is an active member of national and international working groups and committees, representing ING, the Dutch banking community and the European Payments Council (EPC). Mr. Huizinga is member of the PCI BoA representing EPC.


Lance J. Johnson
Executive Director, PCI Security Standards Council

Mr. Johnson is responsible for driving and implementing the Council’s strategic direction. For the past five years, he served as the Chief Operating Officer at Sequent Software, Inc. where he led all corporate administration and operations. Prior to Sequent, Johnson spent more than twenty years at Visa Inc., as a senior leader directing Visa’s efforts in global risk management and security, fraud detection and control, and global payment data and device security. As an expert in payment security, Mr. Johnson holds several patents, served in the U.S. Navy, and has a Bachelor’s degree in Business Administration and Management from the University of Central Florida.


Adam Kehler
Senior Consultant, Risk, Security and Privacy, Online Business Systems

Mr. Kehler is a proven leader in Information Security with over 20 years of experience in technology and over 8 years as an expert consultant in Information Privacy and Security. He holds CISSP and Certified Ethical Hacker (CEH) certifications and has conducted hundreds of Security Risk Assessments, Virtual CISO, and Compliance Gap Analyses for State and Healthcare organizations.


Jeremy King
International Director – Europe, PCI Security Standards Council

Mr. King leads the Council’s efforts in increasing adoption and awareness of the PCI security standards internationally. In this role, Mr. King works closely with the Council and representatives of its policy-setting executive committee from American Express, Discover, JCB International, MasterCard, and Visa, Inc. His chief responsibilities include gathering feedback from the merchant and vendor community, coordinating research and analysis of PCI SSC managed standards through European markets, and driving education efforts and Council membership recruitment through active involvement in local and regional events, industry conferences, and meetings with key stakeholders. He also serves as a resource for Approved Scanning Vendors (ASVs), Qualified Security Assessors (QSAs), Internal Security Assessors (ISAs), PCI Forensic Investigators (PFIs), and related staff in supporting regional training, certification, and testing programs.


Rashmi Knowles

In her current position, Ms. Knowles works to promote the adoption of RSA’s core strategy with customers and partners and drives thought leadership initiatives in EMEA. She is a prominent evangelist and spokesperson for both professional and industry conferences. She is a frequent blogger and has appeared on the BBC both television and radio as a subject matter expert for Advanced Cyber Threat. She has over twenty years’ experience in Information Security. Prior to joining RSA, Ms. Knowles has held various roles as a Network Consultant, Product Marketing and Technical consultant working with vendors. Her last role took her over to the other side working as a Security Advisor for a Managed Service Payments provider. She holds a degree in Computer Science from the De Montfort University and a Post Graduate in Computer Studies from the University of the South Bank, London.


Jean-Louis Lamacchia
Standards Development Manager – UK, PCI Security Standards Council

Mr. Lamacchia has worked in numerous industries such as card payment, bank, finance, electronics, railway transport, space and aeronautics. He possesses a deep knowledge of PCI and ISO 27x standards, secured development life cycles and computer forensics. He is CISSP and ITIL certified. Mr. Lamacchia specializes in security management, securing a business and its information systems using risk management, architecture, security tools and controls, good governance and training. He also has practical experience in audits, technical and functional analysis, design and modeling, development, data management and modeling, and data warehouse.


Mauro Lance
Chief Operating Officer, PCI Security Standards Council

Mr. Lance is responsible for the day to day operations, business strategy, investments and growth of the Council. He leads the creation and implementation of programs and world-class processes for certification, assessor quality management and training, critical to the Council’s mission of increasing payment card security globally through adoption of the PCI Security Standards.  Prior to joining the Council, Mr. Lance held leadership positions at the MIT Media Lab and the World Wide Web Consortium, and was a founding director of the Web Foundation. He is a Fulbright Scholar and holds a Master’s degree in Business Administration from Suffolk University, and a Bachelor’s degree in Business Administration from the Pontificia Universidad Católica de Valparaiso. Mr. Lance has lived and worked in Chile, China, France, and the United States.


Troy Leach
CISSP, CISA, Chief Technology Officer, PCI Security Standards Council

Mr. Leach partners with Council representatives, Participating Organizations and industry leaders to develop comprehensive standards and strategies to secure payment card data and its supporting infrastructure.


He is a subject matter expert on payment security and has testified on several occasions before various House and Senate Congressional committees. Mr. Leach also provides guidance and security expertise to a multitude of U.S. and international government entities as well as law enforcement. Mr. Leach serves on several advisory boards such as ANSI X9, Merchant Acquirer Committee and contributes to online communities such as BankInfoSecurity and CSO Online. Mr. Leach is often quoted in cybersecurity news stories and has been quoted by news organizations including the Washington Post and Wall Street Journal.


Tracey L. Long
Senior Payment Data Security Manager, WorldPay

Ms. Long leads the global merchant PCI Compliance programs on behalf of the largest global acquirer and payment processor, Worldpay. She has a wealth of experience in PCI compliance, account data compromises and card scheme relationships. In addition to managing Worldpay’s PCI compliance programs for their UK & European corporate customers, Ms. Long globally manages their E-commerce merchant portfolio and has oversight of their small merchant compliance program. She has been a serving member of the PCI SSC Board of Advisors since 2015 and she is pleased to part of a board that helps to shape the future of payment security standards.


Jake Marcinko
Standards Manager, PCI Security Standards Council

Mr. Marcinko is responsible for the ongoing development of numerous security standards including the Payment Card Industry Data Security Standard (PCI DSS), the Payment Application Security Standard (PA-DSS) and the Point-to-Point Encryption Standard (P2PE). In addition, Mr. Marcinko works closely with the payment brands, affiliate members, Task Forces and Special Interest Groups (SIGs) to develop new and emerging standards and guidance documents, information supplements, and self-assessment questionnaires. Prior to joining the Council in 2013, he held various leadership positions in IT and Information Security management for the software industry. He has over 15 years of experience leading large, multi-million-dollar design projects in areas such as virtualization, mobile computing, electronic payments, tokenization and compliance. He is also a frequent speaker and contributor on general Information Security and Privacy matters.


John Markh
Standards Manager, PCI Security Standards Council

Mr. Markh’s role with PCI SSC includes technical contributions to PCI Security Standards and related efforts, as well as serving as the current chairman of the Maintaining PCI DSS Compliance Special Interest Group. Prior to joining the Council, Mr. Markh was a consultant and a subject matter expert with various companies across Europe, North America and the Middle East, ranging from performing complex hands-on security assessments to managing a diverse security services portfolio while leading a team of highly skilled consultants.


Mr. Markh has over 15 years of experience in information security encompassing compliance, threat and risk management, security assessments, digital forensic, application security and emerging technologies such as Artificial Intelligence, Machine Learning, IoT and Blockchain. He holds an MSc in Computer Security, BSc in Software Engineering and is a Payment Card Industry Professional


Mark Meissner
Vice President, Public Relations, PCI Security Standards Council

Mr. Meissner works closely with the Council’s leadership team to develop communications strategies that promote the PCI Security Standards and the priority initiatives of the Council globally and with a wide range of stakeholders. Mr. Meissner brings more than two decades of experience in helping Fortune 500 companies, elected officials, trade associations and high-profile individuals navigate a myriad of communications challenges in the global marketplace. Over the years Mark has worked with many high-profile clients in engaging with major news organizations such as USA Today, The Washington Post, 60 Minutes, The New York Times, The Wall Street Journal, CNN, and The Times of London.


Before joining the PCI Security Standards Council, Meissner was the Founder and President of MJM Strategies, a strategic communications consulting firm.


Meissner began his career in the world of politics working on the staffs of U.S. Senator Evan Bayh (D-IN) and U.S. Representative Tim Roemer (D-IN). Meissner served as Campaign Manager for Representative Roemer’s successful 1994 re-election campaign. Mark was a candidate for U.S. Congress in 2002, finishing second among a crowded field of five better known candidates for Indiana’s 2nd Congressional District.


Meissner teaches as an Adjunct Professor at The George Washington University Graduate School of Political Management (GSPM) where he has served on the faculty for more than a decade. Meissner holds a Master’s Degree from The American University and a Bachelor’s Degree from Indiana University.


Ruston Miles
PCIP, CPP, Chief Strategy & Innovation Officer, Bluefin

As Bluefin’s payment security thought leader and evangelist, Mr. Miles brings 20 years of payment security experience to Bluefin Payment Systems. He founded Bluefin in 2002 and is a PCI Professional (PCIP) and a Certified Payment Professional (CPP) and specializes in PCI-validated Point-to-Point Encryption (P2PE), End-to-End Encryption (E2EE), EMV, PCI-DSS, PA-DSS, NESA, tokenization, POS architecture & implementation, payment gateways, payment switches, ISO’s, embedded payments, secure iFrames and transparent redirection.


Wayne Murphy
Senior Security Consultant, Sec-1 Ltd.

Mr. Murphy has a Bachelor of Science in Computer Science and a Master of Business Administration. He has worked in IT since leaving University in 1997. He gained extensive Networking, Windows, and IT Security knowledge before moving on to an IT Security role in 2007 at Sec-1 Ltd. Mr. Murphy obtained his Information Security Systems Professional (CISSP) certification in 2007 and his IT Security job roles have included penetration testing, management, security engineer and PCI DSS QSA. Wayne has recently stepped away from previous job responsibilities to focus on PCI engagements, which is where he feels his expertise and drive can add the most value to Sec-1 and Sec-1’s clients.


Christopher Novak
Director, Verizon Threat Research Advisory Center

Mr. Novak is a co-founder and the Director of the Verizon Investigative Response Unit – a division of the Verizon RISK Team. He is an internationally recognized expert in the field of Investigative Response and Computer Forensics. He has been involved with information security for over 15 years. Mr. Novak has assisted corporations, government agencies, and attorneys with all matters involving computer forensics, fraud investigations, and crisis management. He has testified as an expert witness in various matters and before such bodies as the Supreme Court of the State of New York. He has also briefed United States congressional committees such as Senate Banking, House Financial Services, Senate Commerce, House Energy & Commerce, Senate Judiciary, House Homeland Security and Senate Homeland Security & Government Affairs.


Mr. Novak has been an advisor on dozens of high-profile intrusion and data breach investigations around the globe. He works closely with local, state and federal law enforcement agencies as well as joint investigative operations coordinated with foreign law enforcement.


He has also worked in various consulting positions within Verizon; from individually contributing to a larger tactical response team to his current position, where he manages a global team of highly skilled consultants. Each of these teams around the world maintains experts in various fields of study and practice, such as forensic analysis, malware reverse engineering, threat intelligence analysis and threat actor attribution, among others. He specializes in high-level crisis and emergency response matters and is consults with executives from Fortune 500 companies on pre-planning for such situations as well as leading active crisis response matters and liaising with external partners.


Eric O’Neill
Former FBI Counterintelligence Operative, Founder, The Georgetown Group and National Security Strategist, Carbon Black

Mr. O’Neill is an attorney, security consultant and professional public speaker. In 2001, Eric helped capture the most notorious spy in United States history: Robert Hanssen, a 25-year veteran of the FBI. The remarkable true events of his life are the inspiration behind the critically acclaimed dramatic thriller Breach, starring Ryan Philippe as O’Neill. The film is the story of the greatest security breach in US history.


Eric began his career in the FBI as a “Ghost” – an undercover field operative tasked to surveil and monitor foreign, national, and domestic terrorists and spies. During the Hanssen investigation, Eric worked directly undercover with the spy within the FBI’s Information Assurance Division – created to protect all classified FBI intelligence.

Currently, Eric runs The Georgetown Group, a premier investigative and security consultancy out of Washington, DC. Eric is also the National Security Strategist for Carbon Black, the leader in next generation endpoint protection.


A talented motivational speaker who weaves real life experiences into a presentation that is both entertaining and rewarding, Eric O’Neill provides practical insights into real work situations relevant to many industries.


Joseph Pierini

Mr. Pierini is responsible for the development and execution of the penetration testing programs used for PCI and other privacy laws and regulations at PSC. He was a co-sponsor of the Payment Card Industry Council’s Special Interest Group on Penetration Testing and a lead contributor to the PCI Data Security Standard (PCI DSS) Information Supplement: Penetration Testing Guidance published in March of 2015.

Erik Pols new

Erik Pols
Retail Information Risk Manager, Royal Dutch Shell Ltd.

Mr. Pols has a strong background in information risk, with over 25 years of experience in Information Security and Audit. He leads the Retail Customer and Payment Security Programme to further improve Royal Dutch Shell’s PCI compliance and to embed sustainable processes to maintain compliance levels. Mr. Pols is an experienced PCI ISA and works to manage a risk-based approach to PCI compliance to help support the business and make informed decisions on compliance, risks and risk acceptance.


Ralph Spencer Poore
PCIP, CFE, CISA, CISSP, CHS-III, Director, Emerging Standards, PCI Security Standards Council

Mr. Poore has over 35 years of information security experience, including more than 20 years of applied cryptography. He has written extensively on information security and cryptography and his work is cited in academic papers, national standards, professional journals, and books. He came to PCI SSC from a small business that was a QSAC, where he was a QSA. In various capacities, he has designed and led teams of developers in cryptographic system projects, resulting in patents of systems based on cryptography. He is also a long-time member of International Association for Cryptologic Research (IACR). Mr. Poore has also supported classified government projects and assisted in the development of cryptanalytic tools. He has extensive experience in financial services industry and in the development of national and international standards. He is an ISSA Distinguished Fellow, an ACM Senior Member, and he has received numerous awards for his professional work. Mr. Poore holds the following certifications: PCIP, CFE, CISA, CISSP, CHS-III.

Amanda Rodgers

Amanda Rodgers
Community Director, Vendorcom

In her current role at Vendorcom, Ms. Rodgers ensures that all stakeholders in the industry are connected and have access to authoritative, independent information on strategic and innovative developments, standards, regulation and market opportunities. She is recognised for her broad perspective on industry matters as well as her independence, authority and pragmatism in dealing with the increasingly complex change that both merchants and solutions suppliers face. Ms. Rodgers passionate about ensuring that the payments industry remembers that it exists to support merchants in building better business, rather than technology for technology’s sake. On a secondment from Vendorcom, she worked for a year as part of a small, independent retail business in London, getting first-hand experience of the challenges faced on a day to day basis by business owners in this sector. A further year’s sabbatical from Vendorcom Ms. Rodgers took the helm at WeAreWaterloo, the Business Improvement District (BID) for the Waterloo area of London; a key part of which was supporting small merchants; and running the local market. Her real-world experience has led her to be an enthusiastic advocate for independent merchants’ payments needs.


Rodolphe Simonetti
Managing Director, Security Consulting, Verizon

With over 18 years of IT and Security experience, Mr. Simonetti has served in positions of varying levels of responsibility, including Security Engineer to Security Manager for Managed Security Services, Chief Information Security Officer, Security Consultant, Manager and now Managing Director of a business unit within Verizon. After 15 years in Europe, then 4 years at Verizon’s Headquarters in NJ, he is now based in Houston, TX where he currently leads a team of 200 resources spread across 20 countries. He coordinates all security assurance services from simple assessments to complex programs within a global environment.


Stanley Skoglund
Co-founder & Director, The Minerva Partnership

Mr. Skoglund is a co-founder of Minerva. He is a recognised leader in the global payments industry and has held senior and board roles in several financial services companies, most recently as Senior VP of Payment System & Enterprise Risk at Visa Europe. His consultancy focuses on payments and corporate strategy, as well as organisational development, leadership capability building and executive coaching. He is an executive board member of the European Women Payments Network.


Michael Thompson
Sr. Manager, Emerging Standards, PCI Security Standards Council

Mr. Thompson’s role includes technical contributions to PCI standards and related efforts, as well as serving as chairman of the Point-to-Point Encryption working group for PCI SSC. Prior to joining the Council, Mr. Thompson spent 10 years involved in security-sensitive and safety-critical engineering roles. Mr. Thompson holds the ISC2 CISSP, ISSAP, ISSMP, and CSSLP designations, as well as being listed on 5 U.S. patents from previous collaborations.


Marie-Christine Vittet
Data Protection Manager, AccorHotels

Mrs. Vittet is in charge of the PCI DSS Program for AccorHotels Group (more than 4,100 hotels in 92 countries). With the new GDPR (General Data Protection Regulation), her role has been extended to “sensitive data,” and she participates now on the data compliance construction site as Data Risk Manager. From this position, she coordinates the annual assessment process and animates the worldwide community to follow local headquarters and hotels compliance. In the central working team, her mission is to adapt operational processes to achieve compliance.


She has spent 20 years in the hospitality industry and she specializes in the management of complex projects and scope; more precisely, during times of major restructuring changes in organizations. She initiated and directed many technological innovation projects for the IHC Group and Dorchester Collection, always oriented toward customer service.


Gill Woodcock
Senior Director of Certification Programs, PCI Security Standards Council

Ms. Woodcock is Senior Director of Certification Programs for the PCI Security Standards Council. Her role encompasses operational management of the Council’s existing programs (including QSA, PA-QSA, ISA, ASV, PFI, PCIP and QIR) as well as developing new certifications programs. Ms. Woodcock works closely with the Standards Development, Training and Assessor Quality Management teams within the Council. Ms. Woodcock has been with PCI SSC since February 2010 and has over 20 years of experience in payment cards and information security.


Phyllis Woodruff
VP, Enterprise Cybersecurity Programs, Fiserv

Ms. Woodruff is a long-time leader in financial services and has more than 12,000 clients in 80 countries. To help ensure the security of those clients, she and her team manage the ongoing compliance for more than 40 level 1 service provider ROCs. In addition to PCI, Ms. Woodruff is responsible for privilege access management, implementation of security tools, and cyber reporting to executive management.