PCI London – January
InfoSec Conference Summary
The description was submitted by the Conference Organizer. We sometimes edit it to enhance the listing.Add this conference to your favourites
When the Panama Papers finally proved that law firms were a cybersecurity issue, it simply confirmed a truth the key participants had known for many years. The effect though was finally to bring the issue to the attention of enough senior stakeholders at firms, their clients and the regulators that things began to change. Firms accepted that stakeholder demands were here to stay, that their own narrow view was out of step with business realities and that security could be turned into a competitive advantage.
This is where we are with PCI DSS. We all know that after almost 15 years of the existence of the PCI DSS standards, around half of the relevant companies are still non-compliant.
Indeed, after documenting improvements in the overall level of PCI DSS compliance for several years in a row, Verizon’s 2018 Payment Security Report has revealed a decline in organizations’ level of full PCI DSS compliance for the first time. In the 2018 report, 52.5 percent of organizations were compliant with PCI-DSS, declining from the 55.4 percent that was reported last year.
Things can look even worse at a sector level: according to a recent SecurityScorecard report of more than 1,500 domains, “over 90 percent of the retail domains analysed indicated non-compliance with PCI DSS standards.”
And recent events in the UK have shown us that for a variety of reasons, even large, highly-regulated companies fail annual compliance and many have never complied at all.
Those events are a serious challenge to the old ways of doing things in PCI DSS, but a huge opportunity for those willing to adapt to the new environment.
Our PCI London events have always tried to highlight tipping points in security and compliance and to help practitioners adapt to them not just by looking at the narrow PCI DSS marketplace, but by bringing in speakers and solution providers who represent the future.
So this January we will look at the inconvenient truths of PCI DSS in a new light and explore ways to leverage them – and recent hacks – to improve security, privacy and the career paths of PCI DSS professionals.