Training at the Conference
2 – 4 October

Point-to-Point Encryption Assessor Training

3 – 4 October

Qualified Security Assessor Training

5 – 6 October

Internal Security Assessor Training

5 – 6 October

Payment Application Qualified Security Assessor Training

Conference Tracks:

Business

Sessions are designed to address payment security topics at a high-level with broad application across business functions and job titles.

Technical

Sessions are specifically geared towards those that are directly involved or responsible for the implementation, assessment, and maintenance of PCI Standards, providing updates and application guidance on the standards and supporting programs and resources.

Day one – 7 October
7:3017:30

Registration Open

13:0015:00

The Technology Symposium

Presented by: PCI Security Standards Council Standards and Operations Team

Conference Track: Technical

Understanding PCI Standards, the additional services and technology solutions available and how to apply them in today’s business environment is critical to securing the future of payments.

This in-depth session will cover a variety of these resources and topic areas, including:

  • Making payment security business-as-usual with PCI Data Security Standard (PCI DSS) 3.0
  • Scoping and segmentation
  • Service provider relationships
  • Self-Assessment Questionnaires (SAQ) and compensating controls
  • How do Qualified Security Assessors (QSA), PCI Forensic Investigators (PFI), and acquirers and merchants work together?
  • Myths about PCI Standards
15:0015:30

Networking Break

15:3017:30

The Technology Symposium (continued)

Presented by: PCI Security Standards Council Standards and Operations Team

Conference Track: Technical

Understanding PCI Standards, the additional services and technology solutions available and how to apply them in today’s business environment is critical to securing the future of payments.

This in-depth session will cover a variety of these resources and topic areas, including:

  • Point-to-Point Encryption (P2PE)
  • PCI Payment applications and PIN Transaction Security devices  (PA-DSS and PTS)
  • Approved Scanning Vendors  (ASV)
  • Other PCI initiatives

Attendees will have the opportunity to submit questions to be addressed at the end of the session.

16:0017:30

Welcome to the Community Meeting – An Overview of PCI for First Time Attendees

Presented by: PCI Security Standards Council Standards Staff

Attend this session to hear all you need to know to make the most of your experience and understand what’s ahead, including: networking opportunities, social media and the mobile app, and a PCI 101.

18:0019:30

Welcome Reception

All attendees are invited to join the Council at the Welcome Reception, which will provide networking opportunities for attendees across global regions and markets.

Transportation will be provided to the Welcome Reception. Buses will pickup from outside the hotel lobby and will begin running at 17:30, running on cycles until 20:00.

Day Two – 8 October
7:3018:30

Registration Open

7:309:00

Networking Breakfast and Vendor Showcase
Payment Brand and Council Office Hours

9:009:30

Welcome and Introductions

Presented by: Jeremy King, International Director, PCI Security Standards Council

Hear welcoming remarks and to learn what will be covered over the next two days.

9:3010:30

Securing the Future of Payments Together

Presented by: Jeremy King, International Director, PCI Security Standards Council; Lib de Veyra, Vice President Emerging Technologies, JCB International; Chairperson, PCI Security Standards Council; Bob Russo, General Manager Emeritus, PCI Security Standards Council; Stephen Orfei, General Manager, PCI Security Standards Council

Hear an overview of current Council initiatives and what’s in store for 2015.

10:3011:00

Networking Break and Vendor Showcase
Payment Brand and Council Office Hours

11:0012:00

Keynote — Sailing the Cyber Sea: The New Realities of 21st Century Security

Presented by: Adm. James Stavridis, Former NATO Supreme Allied Commander Europe and Commander of the U.S. European Command

Emerging security concerns will be addressed in the future with a combination of cyber capabilities, unmanned vehicles and drones and special operations forces. In particular, the reach and function of cyber tools will change how we view the world and keep ourselves safe in it. Admiral James Stavridis lays out the future of 21st century security tools that are very untraditional in their reach and application. He describes for audiences how the world of international defense is fundamentally changing before our eyes, and how that will impact business, personal life and the global marketplace.

12:0012:30

PCI in Practice: Implementing Point-to-Point Encryption in a Merchant Environment

Conference Track: Business

Presented by: Delia Pedersoli, International Sales Director, European Payment Services

In this session, European Payment Systems and a member of the merchant community will discuss how they implemented a PCI Point-to-Point Encryption solution in the merchant environment, and share lessons learned and recommendations for leveraging this technology in a merchant’s payment security efforts.

12:3013:30

Networking Lunch and Vendor Showcase

12:3018:30

Payment Brand and Council Office Hours

13:3017:00

Breakout Sessions

Let’s Talk Technology

The Business of PCI

13:3014:20

PTS Particulars

Presented by: Leon Fell, Director, Solutions Standards, PCI Security Standards Council

Conference Track: Technical

Device manufacturers, card vendors and testing labs will have the chance to hear the latest updates on the PIN Transaction Security (PTS) program as well as a dedicated Q&A session. Other stakeholders will understand the breadth of the PTS requirements and learn how to use PCI SSC PTS program listings to choose a secure device.

Measuring the Success of Your PCI Strategy

Presented by: Troy Leach, Chief Technology Officer, PCI Security Standards Council

Conference Track: Business

Wondering how to measure the ROI of your PCI efforts? Attend this session to hear first-hand from the Council’s Chief Technology Officer, Troy Leach, on how to evaluate metrics around your security efforts and how they contribute to your bottom line.

14:3015:20

Forensics Presentation

Presented by: Christopher Novak, Managing Principal, Global Investigative Response, Verizon

Conference Track: Technical

Christopher Novak will address the evolving threats that organizations face as they seek to mitigate information security risks and protect critical PCI data. Industry best practices for protecting PCI data as uncovered by Verizon’s 2014 Data Breach Investigations Report (DBIR) will be discussed in addition to evolving security challenges in our increasingly complex, global, digital society.

Verizon’s annual DBIR gives a comprehensive view of how cybercrime is impacting organizations in the payment card industry and what those organizations can do to protect themselves and their customers. The 2014 report analyzed 1,300+ breaches, 63,000+ security incidents across 95 countries with data contributed from 50 global security organizations.

EMV Chip Update

Presented by: PCI Security Standards Council Standards Team

Conference Track: Business

In this session, the Council will share updates from the U.S market on EMV chip migration and its impact on PCI security eff orts, as well as the latest on the Council’s mobile payment acceptance security initiatives.

15:2015:50

Networking Break and Vendor Showcase

Let’s Talk Technology

The Business of PCI

15:5016:25

Tokenization

Presented by: PCI Security Standards Council Standards Team

Conference Track: Technical

Looking for more details on tokenization? Attend this session to hear the latest updates on the Council’s tokenization effort and how it supports a multi-layered approach to payment security.

PCI in Practice: Technical Case – Managing PCI Compliance in Large and Multinational Enterprise Environments

Presented by: Andy Barratt, Managing Director, Europe, Technology Audit & Advisory Services, Coalfi re and Walter Martin, TSYS Inc.

Performing PCI validation at a large service provider, or even a large merchant, can be challenge. If incorrectly scoped, or reported, it can lead to stakeholders not getting the right information. Attend this sessions to learn about these challenges and how to scale out a validation team that incorporates QSAs and ISAs to perform more thorough assessments and embed PCI within the business.

16:2517:00

Open Forum

Presented by: PCI Security Standards Council Standards Team

Conference Track: Technical

This session is designed to give attendees the opportunity to address members of the Council staff with questions on the standards and technical updates. Attendees can drop in at any time to ask their questions.

PCI in Practice: Business Case — Mega Challenges for Micro Merchants – Securing the Level Four Merchant Sector

Presented by: Lewis Herman, PCI DSS Coordinator, Leumi Card

Conference Track: Business

This session will provide an acquirer perspective on reaching the micro merchant and driving improved payment security in this vulnerable sector. Attend to hear real life examples, and practical tips and recommendations.

17:0018:30

Networking Reception and Vendor Showcase

Join the Council for a networking reception in the exhibit hall where you can connect with your colleagues
from around the globe.

Day three – 9 October
7:3010:00

Registration Open

7:3014:00

Payment Brand and Council Office Hours

8:009:00

Networking Breakfast and Vendor Showcase

9:009:05

Welcome Remarks

Presented by: Jeremy King, International Director, PCI Security Standards Council

Attend this session to hear what is in store for the third day of the European Community Meeting.

9:059:45

Keynote: Adventures of a Thiefhunter

Presented by: Bob Arno, Professor of Pickpocketry

To most security professionals, credit card thieves are invisible, mysterious, nefarious beings—rarely seen and never comprehended. Bob Arno, the celebrated comedy stage pickpocket and criminologist, has hunted pickpockets and identity thieves in the wild since 1994. From infiltrating criminal gangs of credit card thieves around the world, Bob Arno reveals the hearts, souls, and faces of men, women, and children who make their living by taking the money and property of others. Bob’s backdoor perspective will give you the thief’s-eye version of thievery, connery, scamdom, and swindlehood.

9:4510:15

Networking Break and Vendor Showcase

10:1511:00

2014 Special Interest Group (SIG) Updates

Presented by: SIG Chair Persons

Conference Track: BusinessTechnical

Hear a high-level overview of SIGs activity and what was accomplished in 2014.

11:0012:00

2015 SIG Proposals

Conference Track: BusinessTechnical

Make an informed decision in this year’s SIG election by joining your peers to hear them present firsthand their SIG proposals for 2015.

12:0012:50

PCI DSS Scoping

Presented by: PCI Security Standards Council Standards Team

This session will address common PCI DSS scoping scenarios and misconceptions and provide clarifications and tips for getting it right.

12:5013:00

Closing Remarks

Presented by: Jeremy King, International Director, PCI Security Standards Council

13:0014:00

Networking Lunch and Vendor Showcase

14:0015:00

Community Share for Assessors

Presented by: PCI Security Standards Council Standards Team

In this session, assessors will be able to ask questions directly to the Council’s Standards Team. For assessors only (QSA, ISA, ASV).

Community Meeting concludes.