Recorded: February 19 | 2015 On-Demand!
The clock is ticking for enterprises that have not yet upgraded their payment card processing systems to be compliant with Payment Card Industry Data Security Standard (PCI DSS) 3.0. As the Jan. 1, 2015 mandatory deadline approaches, there is increasing urgency to not only understand the most important changes in PCI DSS 3.0, but also to be ready for a rigorous QSA assessment against those changes. Since PCI 3.0 is bigger, harder and more expensive than the previous iteration, merchants have their work cut out for them.
PCI DSS founding member, Visa Inc. recently changed its policy on compliance assessments for the PCI DSS. More specifically, Visa decided that merchants who meet a stringent set of criteria including processing 75% of transactions using "Chip and PIN" enabled terminals, may be able to apply for an exemption from PCI DSS assessment requirements. Unfortunately, not all merchants are aware of the change, and fewer understand what it means.
In this special presentation, our expert panel will explain the changes and their implications, and offer a detailed review of PCI DSS 3.0 to help enterprises prepare for assessments and make PCI compliance a whole lot easier.
Branden Williams has nearly two decades of experience in technology and information security with a formidable background in the the technologies that drive today's businesses. After spending the first several years of his career working with education institutions and internet service providers to secure their infrastructures, Branden co-founded and sold an IT consulting business. He continued in this entrepreneurial spirit and worked with several of the buyer's portfolio companies to enable secure growth of their business. Branden has practical experience working with global clients in multiple verticals and is known for creating innovative solutions to challenging problems.He has current, extensive experience in a number of popular server platforms, and further experience in other operating systems including Mainframe (z/OS) and OS X. From a networking perspective, Branden has experience with many of the major networking players as well as practical deployments of infrastructure to promote efficiency and order where cost and chaos normally exists. Branden is a Distinguished Fellow of the Information Systems Security Association (ISSA) and was also an Adjunct Professor at the University of Dallas's Graduate School of Management where he taught in their NSA Certified Information Assurance program. He publishes regularly and co-authored multiple books on PCI Compliance.
Emma Sutcliffe is the Director of Standards Coordination at the PCI Security Standards Council. Ms. Sutcliffe works closely with the standards development teams and the operations and delivery teams to help provide consistency and alignment across the standards and supporting materials, including the development of training content for all PCI SSC programs. Ms. Sutcliffe is also Chair of the PCI SSC's Technical Working Group (TWG), where she works closely with payment brand and affiliate members to develop the PCI security standards, supporting documentation, and guidance. Ms. Sutcliffe is actively involved in a number of PCI taskforces and Special Interest Groups (SIGs) and was Chair of the PCI Cloud SIG in 2012. Emma is a current CISSP, CISM, and CISA with over 15 years' information security experience.
Terence Spies is the Chief Technology Officer at Voltage Security. He has over 19 years of security and systems software development experience, working with leading companies such as Microsoft, Asta Networks and others. Terence now serves as Chief Technology Officer, overseeing the expansion of Voltage technology into new application areas such as mobility, payments and other areas where application data security is required. He is active within the standards community and currently serves as chair of X9F1, the Cryptographic Tools group of X9 whose charter is to draft cryptographic algorithm standards for use in the financial industry. Terence graduated with a Bachelor of Science degree in Logic and Computation from Carnegie Mellon University.
Matt Getzelman is the PCI Practice Director at Coalfire and his experience with financial systems security covers a broad spectrum of disciplines including audit and assessment for merchants of all sizes, processors, and banks. He has more than nine years of experience working with financial systems security. His experience covers a broad spectrum of security disciplines from application and systems development to securing multiple distributed platforms, mainframe and acquiring financial environments. Matt has audit and assessment experience across the entire hierarchy of financial organizations from the largest processors and banks, Fortune 500 companies and on down to the smallest of merchants.