Annual PCI London Summit
InfoSec Conference Summary
The description was submitted by the Conference Organizer. We sometimes edit it to enhance the listing.Add this conference to your favourites
PCI DSS will present a unique challenge to compliance experts. The technical complexity of the Standard, and the granular understanding of both business and technology processes required to implement it, impose a huge burden on organizations of all sizes as digitalization of payments and commerce in general accelerates.
The detail in the Standard, in contrast to the vague, principles-based approach in key data privacy legislation, places huge emphasis on tracking and monitoring access, access automation and control, ensuring effective segmentation and scoping and security testing. This means that PCI DSS compliance makes specific demands across a range of key enterprise technologies and processes.
The problems for any compliance function faced with this level of complexity are manifold: does the compliance function have the required level of technical expertise? If not, does internal IT and is compliance the right team to liaise with them? And if not, who are the right people to interpret the Standard for the organization, engage third-party help, and evaluate and buy the complex solutions needed for compliance?
And what kind of compliance function is equipped to monitor and test continued compliance? The difficulty is reflected in the fact that most companies review compliance just once a year – meaning that they do not comply most of the time. The difficulties are enormous, so what is the right approach and who in the enterprise should be held accountable?
The 20th PCI London will look at the most recent processes and technologies used to protect personal and payment data. There will be strategic talks, real-life case studies, and technical break-out sessions from PCI teams behind some of the world’s most admired brands, who know, just like you, that payment security is now more important to business than ever.