Recorded: May 24 | 2016
There is a substantial cost associated with reaching and maintaining PCI DSS compliance requirements, but the cost of non-compliance is often much greater. While the initial cost of the technology, staff and other resources necessary to implement satisfactory controls has its price tag, it is vital that all organizations affected by the PCI standard consider both the short and long-term costs of non-compliance as well as the benefits to meeting the requirements.
This is especially important as PCI DSS evolves and increase in complexity as the standard moves towards becoming a federal regulation. The costs of non-compliance can far exceed the cost of systems to bring a company into compliance, as demonstrated by so many high profile data breaches. Join this executive panel as we discuss ways to prevent costly cases of non compliance with PCI DSS.
Mathieu Gorge is the CEO and founder of VigiTrust (2003) and an established authority on IT security and risk management with more than 15 years international experience. Thanks to his international reputation and, building on the mathieu-gorge-vigitrust success of the 5 Pillars of Security Framework™ which he created, Mathieu is in high demand as a speaker at international security conferences such as RSA, ENISA & ISACA. He is a well-respected figure in the security industry in EMEA and North America. Mathieu's specialty areas include PCI DSS, HIPAA & ISO 27001 and he works closely with the PCI Council (US& EU) as well as ANSI (US). Since 2006, Mathieu has been a Councillor for the Ireland France Chamber of Commerce and he has also recently taken on the role of Information Security Officer. Mathieu is also the Chairman of Infosecurity Ireland and an Official Reviewer for ANSI (one of the few Europeans!). Mathieu is heavily involved in security research and collaborative programs. He regularly moderates and speaks at security events organized ISACA (NYC, UK Central Chapter, Dublin), ISSA (Global Web Conference Committee), Geneva Security Forum (International collaboration on CIP), East West Institute (Cyber Security Forum & working groups), and ICTTF & ISS world. Mathieu has also completed extensive research work in the area of secure printing, data storage & archiving. Mathieu is also the brainchild behind the PCI DSS European Roadshow now in its third year (www.pcidsseuropeanroadshow.com). Mathieu regularly writes for TechTarget, Searchsecurity.com, ISACA, Searchstorage.com, Computer Fraud & Security, SC Magazine, ISSA Journal, Security Director and Baseline.
Terence Spies is the Chief Technology Officer at HP Voltage Security. He has over 19 years of security and systems software development experience, working with leading companies such as Microsoft, Asta Networks and others. Terence now serves as Chief Technology Officer, overseeing the expansion of Voltage technology into new application areas such as big data, payments and other areas where application data security is required. He is active within the standards community and currently serves as chair of X9F1, the Cryptographic Tools group of X9 whose charter is to draft cryptographic algorithm standards for use in the financial industry. Terence graduated with a Bachelor of Science degree in Logic and Computation from Carnegie Mellon University.
Derek Brink is the Vice President and Research Fellow at Aberdeen group. He is a senior high-tech executive experienced in strategy development and execution, corporate / business development, and product management / product marketing. He is a results-oriented leader with a proven track record of driving growth through new and enhanced product offerings, in companies ranging from start-up to Fortune 500. He brings a unique blend of analytical / technical background, combined with excellent communication skills and extensive information security industry expertise. Derek earned an MBA with honors from the Harvard Business School and a BS in Applied Mathematics with highest honors from the Rochester Institute of Technology.
Dan Fritsche is the Vice President of Solutions Architecture, at Coalfire. Mr. Fritsche oversees a team that specializes in multiple industry verticals including retail and payments, healthcare, cloud and technology providers. He has worked in information security for more than 16 years. His experience covers a broad spectrum of security disciplines including payment security, vulnerability scanning, application security, penetration testing, mobile security, software development, encryption, compliance, anti-virus, and IDS/IPS.He also has extensive knowledge of business intelligence applied to security and has designed web sites and security reporting interfaces. Mr. Fritsche works with a broad spectrum of clients across all industries, including many of the largest payment processors, to assist them in bringing their software and security solutions into compliance with various standards including PA-DSS and P2PE, HIPAA and more. He also advises in the latest emerging security technologies including virtualization, EMV, encryption, and tokenization to support client needs to understand their business risks and security status.