FREE GRC Workshop

LEARN MORE

Recommended Event: Convene: Boston | Cybersecurity & Human Risk Conference Aug 13 - 14, 2026

PCI SSC Europe Community Meeting 2026

Type Conference
Organization PCI Security Standards Council
Event Format Physical
Size 500+ approximate delegates
Registration Not Free
SPEAKING OPPORTUNITIES

Search for other Cybersecurity Conferences in the United Kingdom in 2026-2027.

Conference Description

Key Takeaways

  • Annual gathering organised by the PCI Security Standards Council for European payment security stakeholders
  • Covers PCI DSS compliance, emerging threats, risk management and evolving payment technologies
  • Designed for CISOs, compliance officers, merchants, acquirers, processors and financial institutions
  • Addresses practical challenges of maintaining compliance amid changing regulatory requirements
  • In-person format featuring presentations, panel discussions and networking opportunities

Introduction

The PCI SSC 2026 Europe Community Meeting brings together payment security professionals from across the continent to examine the current state of payment card protection and the standards that govern it. Organised by the PCI Security Standards Council, the event serves compliance officers, security managers, merchants, service providers and financial institutions responsible for safeguarding cardholder data. With payment fraud techniques growing more sophisticated and regulatory expectations continuing to tighten, the meeting provides a timely forum for understanding how organisations can strengthen their security posture while meeting evolving compliance obligations.

About the PCI SSC Europe Community Meeting

The PCI Security Standards Council hosts regional community meetings throughout the year to engage directly with stakeholders who implement and maintain payment security controls. The Europe Community Meeting represents one of the organisation’s flagship gatherings, drawing participants from merchant organisations, payment processors, acquiring banks, technology vendors and consultancies operating within the European payment ecosystem.

Unlike vendor-driven conferences, the community meeting format emphasises education and collaboration over commercial promotion. The PCI SSC uses these events to communicate updates to its suite of standards, gather feedback from practitioners and provide implementation guidance that reflects real-world operational challenges. Attendees gain direct access to council representatives and technical experts who shape the standards affecting their compliance programmes.

Payment Security Standards and Compliance Requirements

The PCI Data Security Standard remains the foundational framework for organisations that store, process or transmit payment card data. PCI DSS establishes technical and operational requirements across areas including network security, access control, encryption, vulnerability management and security monitoring. Compliance validation varies based on transaction volumes and the specific role an organisation plays within the payment chain.

The transition to PCI DSS version 4.0 has introduced significant changes that organisations must address within defined implementation timelines. New requirements around authentication, security awareness and targeted risk analysis demand adjustments to existing compliance programmes. The community meeting provides an opportunity to understand these changes in detail and learn how other organisations are approaching implementation.

Beyond PCI DSS, the council maintains additional standards addressing specific use cases. The Payment Application Data Security Standard governs software vendors, while the PIN Transaction Security standard applies to hardware manufacturers. Point-to-Point Encryption and the Software Security Framework address emerging technology architectures. Understanding how these standards interrelate helps organisations build comprehensive security programmes rather than treating each requirement in isolation.

Emerging Threats and Risk Management Strategies

Payment card fraud continues to evolve as attackers adapt to improved security controls. Card-not-present fraud has grown substantially as e-commerce volumes increase, while sophisticated social engineering campaigns target employees with access to payment systems. Supply chain compromises affecting payment software and hardware represent another area of concern, as demonstrated by several high-profile incidents in recent years.

The community meeting addresses these threats through sessions examining current attack patterns and defensive strategies. Threat intelligence sharing among payment industry participants helps organisations understand which vulnerabilities attackers are actively exploiting and where to prioritise security investments. Risk management discussions explore how to balance security spending against business objectives while maintaining compliance.

Practical guidance on security control implementation forms a significant portion of the programme. Rather than simply restating standard requirements, sessions typically explore how organisations have addressed specific challenges such as securing legacy systems, managing third-party risk and implementing continuous monitoring capabilities.

The Evolving European Payment Landscape

European payment security operates within a complex regulatory environment that extends beyond PCI standards. The General Data Protection Regulation imposes additional obligations around personal data handling that overlap with cardholder data protection requirements. The revised Payment Services Directive has introduced strong customer authentication requirements affecting card transactions. Organisations must navigate these intersecting frameworks while maintaining operational efficiency.

Payment technology continues to advance rapidly across the region. Contactless payments have become dominant at physical point-of-sale terminals, while mobile wallets and embedded payment capabilities create new integration points requiring security consideration. Open banking initiatives are reshaping how payment data flows between institutions. Each technological shift introduces both security challenges and opportunities for improved protection.

The community meeting provides context for understanding how PCI standards apply to these emerging payment methods and how the council is adapting its guidance to address new architectures. This forward-looking perspective helps organisations prepare for changes before they become compliance requirements.

Who Should Attend

The event serves professionals across the payment security ecosystem who bear responsibility for protecting cardholder data or ensuring organisational compliance. Chief Information Security Officers and security managers benefit from strategic discussions about programme development and resource allocation. Compliance officers gain detailed understanding of standard requirements and validation processes.

Technical practitioners including IT security engineers and architects find value in implementation-focused sessions addressing specific control requirements. Risk managers can explore frameworks for assessing and communicating payment security risks to business leadership. Qualified Security Assessors and Internal Security Assessors who conduct compliance evaluations benefit from direct engagement with council representatives on interpretation questions.

Merchants handling significant payment volumes, payment processors, acquiring banks and service providers all have direct compliance obligations that make the community meeting relevant. Technology vendors developing payment applications or security solutions gain insight into upcoming standard changes that may affect their product roadmaps.

Networking and Knowledge Exchange

Beyond formal presentations, the in-person format facilitates valuable peer connections among professionals facing similar challenges. Networking sessions allow attendees to discuss implementation approaches, share lessons learned and establish relationships that support ongoing collaboration. These informal exchanges often prove as valuable as structured content for solving specific organisational problems.

The community meeting also provides a channel for practitioners to influence future standard development. The PCI SSC actively solicits feedback during these events, and participant input shapes how requirements evolve over time. Organisations that engage in this process help ensure standards remain practical and achievable.

Conclusion

The PCI SSC 2026 Europe Community Meeting offers payment security professionals an opportunity to deepen their understanding of current standards, prepare for upcoming changes and connect with peers across the industry. As payment technologies evolve and threat actors develop new attack methods, maintaining effective security programmes requires ongoing education and engagement with the broader community. The event provides a structured environment for this essential professional development.