21st PCI London 2021 | AKJ Associates Ltd | 21 January 2021 | Online

Securing online business and the online payments ecosystem has never been more important - so why are standards slipping?

It’s a cliché of our pandemic era that businesses must digitalise or die. It’s less often explained what this means in practice. But attacks like Garmin, the recent hack of Germany's state-owned vehicle fleet, which provides chauffeurs for parliamentarians and is run by the Bundeswehr military, and February’s DDoS attack (the largest in history) on AWS, illustrate that ‘going digital’ is seriously concrete.

It’s taking orders or bookings for your product or service online or via mobile; it’s accepting payments and providing refunds over the same channels; it’s collecting data that sits in digital shops; it’s developing digital services around even physical products and charging for them online via recurring subscriptions. Even the humble pizza merchant now takes all their orders via app, so a DDoS attack shuts down a physical food company and a breach of payment data pushes customers made disloyal by hunger to more reliable offerings.

All the while, the Magecart group is coming up with new skimming techniques to steal payment card data from the e-commerce sites of small and midsized businesses; other fraudsters have figured out how to use the Telegram app as a fast and easy way to steal payment card data from ecommerce sites; and larger companies are putting data at risk with flawed public Cloud migrations, as demonstrated by the $80 million fine recently imposed on Capital One by the US OCC for last year’s card data breach.

Into this melée comes PCI DSS 4.0 at some point in 2021. What exactly will it look like? Are people waiting for what they hope will be a major revamp that takes the practical realities of the digital revolution into account? Is that why compliance with the current standard is dropping so fast? Or has the need to digitalise created a mass of new firms who should be compliant but who have just not had time yet? Survive first, comply later?

Why attend?

In this new environment, cybersecurity and compliance professionals are facing a host of new threats - both external, from threat actors looking to capitalise on the chaos, and internal, as fast-paced business change and distracted professionals put security and compliance at risk of being overlooked.

With COVID-19 having necessitated a shift to digital business channels, payment security and risk are more critical than ever. Discussing the challenges with your peers in a confidential environment, and hearing about how they're handling the situation, is a great way to gather insights and inspiration for keeping your organisation and its clients secure.

AKJ Associates has 20 years’ experience in delivering the best in cybersecurity content to the most discerning professionals, and we have received excellent feedback on our virtual events, which have maintained our high standard of content and networking.

2021 Speakers

Jeremy King
International Director - Europe, PCI Security Standards Council

John Elliott
Director, Industry Standards, Mastercard

Geoff Forsyth
CISO, PCI Pal

Laura Morgans
Information Security, Risk & Compliance Manager, Dr. Martens

Paul Norris
Senior Sales Engineer, Tripwire

Veroniki Stamati
Information Security Lead, Skyscanner

Iain Regan
Chief Revenue Officer, Semafone

Simon Turner
PCI DSS Advisory for Cloud Services and Contact Centres (QSA), BT

Graham Thompson
VP Sales & Marketing, DataDivider Inc

Connie Penn
Card Payments and PCI DSS Subject Matter Expert, Kilrush Consultancy Ltd

Scott Bridgen
GRC Consulting Director, OneTrust

James Moncrieff
Information Security Transformation Strategist

Frederik Weidemann
Chief Technical Evangelist, Onapsis Inc

Craig Moores
Risk Advisory Practice Director, SureCloud

Steve Dobson
Director - Information Security, ATCORE Technology Ltd

Ashley Burton
Head of Product, Eckoh

Stuart Golding
PCI Compliance Manager, Retail Organisations

Simon Brady
Managing Editor, AKJ Associates Ltd

Johan Hagdahl
GCRS Director, SecureTrust

2021 Sponsors

STRATEGIC SPONSORS:
• DataDivider
• Eckoh
• OneTrust GRC
• SecureTrust
• Semafone

EDUCATION SPONSORS:
• Onapsis
• PCI Pal
• SureCloud
• Tripwire

NETWORKING SPONSOR:
• Silver Lining