Coffee with the Council By PCI Security Standards Council

At our Community Meetings in 2022, the Council announced a significant change to its Participating Organization program. Today, I am joined by the Council's Senior Vice President of Education and Engagement, Mark Meissner who has been spearheading this effort, and is going to talk about some of these changes over the past couple of years, and how the PO program has evolved. 

Today, I am joined by Lance Johnson, who has been the Executive Director of The Council for more than six years and a member of the payments industry for more than 40 years. In light of your recent retirement announcement, we're here to reflect on all the moments that have defined your distinguished career, Lance, and to of course, thank you for all of the contributions you've made to our industry. 

Today I am thrilled to introduce the Council's new Executive Director, Gina Gobeyn. Gina joins PCI SSC following the announcement of Lance Johnson's retirement this year. As Executive Director, Gina will drive the organization's strategic direction, its operations, and oversee the PCI SSC senior leadership team and staff. I'm delighted to have you join us today, Gina.

Today I'm joined by three very amazing guests, and we will share a brief update of Asia-Pacific.

First, we have Aileen Liu, who is the director of PAX Technology’s Payment Technology Department. Now, PAX Technology is one of the largest POS solution providers in the world, and PAX is also a PCI Principal Participating Organization. They are a PCI Board of Advisor member as well. Aileen is the primary point of contact representing PAX in both groups.

Next, we have Gilbert Chu, who is the Chief Operating Officer for LGMS. They are a regional QSA and ASV or PCI Approved Scanning Vendor for short. It's based out of Malaysia. Gilbert is a QSA professional, and an expert in IT security with more than 15 years of experience.

And last, and certainly not the least, we have Stuart Campbell, who is the Head of Customer Success and a key leader for Quasar Scan, a solution provider based in New Zealand. And they provide a tool that is able to discover sensitive data that is stored within your environment. Quasar Scan is also a PCI Associate PO.

Today I'm joined by my co-host for the day, Director of Communications, Simon Kleine, at EMVCo. And we're having a conversation with Arman Aygen, Director of Technology at EMVCo, and PCI Security Standard Council's VP of Solution Standards, Andrew Jamieson. Today, we're going to be talking about the valuable partnership and collaboration between EMVCo and PCI SSC. We're going to take a deeper dive into mobile payments, including Tap to Mobile, and also PCI SSC's MPoC standard. Let's kick off by taking a moment to explain the relationship between our two organizations, EMVCo and PCI SSC. 

India's digital payment market is expected to grow by $10 trillion by 2026. In a span of just six years, India, primarily a cash-based economy, now leads the world in real time digital payments, accounting for almost 40% of all such transactions. The mass adoption of UPI and cardless payments during the COVID-19 pandemic has extended far beyond the urban, to even rural India, an effect that left the experts in amazement.

This rapid expansion of the digital payments systems is happening at a time when cybersecurity threats to payment systems are increasing globally. With organized criminal syndicates committing cybercrimes, India is not immune from these threats. The threat landscape in cybersecurity is constantly evolving and, with the rise of new technologies, it becomes even more challenging for organizations to secure their assets.

We are already witnessing greater involvement from India and South Asia with having stakeholders coming forward and joining us as an Associate Participating Organization (APO). And, more importantly, on our 2023-2025 Board of Advisors, we have three leading organizations from this region, which is NPCI, HDFC Bank and NEPS, which is Nepal Electronic Payment Systems, joining the global Board of Advisors that shows the commitment from the region to improve the payment security, just not regionally, but globally.

Today I would like to welcome two prominent leaders from the payment industry. And they are none other than Ms. Anuprita Daga, CISO, YES BANK and Mr. A V S Prabhakar, Chief Risk and Compliance Officer from Zeta.

Both YES BANK and Zeta are Associate Participating Organizations of PCI SSC. We'll be talking about their experience as Associate Participating Organizations as well.

Today we'll meet one of the Council's newest employees, our Regional Vice President of North America, Wenlock Free. Wen is based in the USA and spent 20 years in a senior role at Security Metrics, where he led strategic partnerships and business development activity. 

Today, I am so excited to bring you a sneak peek interview with PCI SSC's Community Meeting Keynote Speaker, Jenny Radcliffe. Jenny is a world-renowned social engineer, hired to bypass security systems through a mixture of psychology and con artistry. A burglar for hire and entertaining educator, she has spent a lifetime talking her way into secure locations, protecting clients from scammers, and leading simulated criminal attacks on organizations of all sizes in order to help secure money, data, and information. I am delighted to have you join us today, Jenny.

Today we'll speak with Jeremy King, the Regional Vice President of Europe, the Middle East and Africa, for PCI SSC. 

Today we'll meet the Council's Regional Director of Latin America and the Caribbean, Guilherme Scheibe. Guilherme is based in Brazil and joined the Council last year to help us educate and promote the importance of the PCI Security Standards within the region.

New this year, the size and the role of the Board are expanding to provide a greater range of input for the Council. For the first time ever, the Board of Advisors will have the opportunity to vote on new standards and major revisions to standards prior to their release.

To talk more about the importance of the Board, I caught up with one of our current Board members, Michel Léger, who is the Executive Vice President of Global Solution Development & Innovation at INGENICO.

In this episode of Coffee with the Council, PCI SSC’s Executive Director Lance Johnson looks ahead to what 2023 will bring to the PCI Security Standards Council.

In this episode of Coffee with the Council, PCI SSC’s Andrew Jamieson, VP Solutions Standards, discusses the Council’s newest standard for mobile solutions: Mobile Payments on COTS or MPoC. Learn more about how this standard was developed and how it differs from PCI SSC’s other mobile standards.

Today, we'll meet one of the Council's newest employees, our Regional Vice President of Asia-Pacific, Yew Kuann Cheng. Yew Kuann is based in Singapore and spent 15 years as the Senior Director of Risk, Strategy, and Operations in Asia-Pacific for Visa. Thank you for joining us today, Yew Kuann, and also welcome to the team.

Today was the final day of the 2022 Europe Community Meeting. Alicia Malone, Senior Manager of Public Relations sits down to provide a recap of the event. Highlights from the conversation include:

• Lance Johnson, Executive Director, PCI SSC, announces a new engagement opportunity that will significantly expand the Board of Advisors and create new participation opportunities for stakeholders.
• Sherron Burgess, Senior Vice President and Chief Information Security Officer, BCD Travel; Board Member and Vice President, Strategic Development, Cyversity talks about her role as emcee for the event as well as her passion for diversifying the cybersecurity community.
• Kandyce Young, Standards Manager at PCI SSC, discusses PCI DSS v4.0 and where stakeholders can find supporting resources to help drive their understanding of the standard.
• Community Meeting attendees talk about what it’s like to be back in-person again at the Welcome Reception at the Spirit de Milan.
• Women in Payments honorees Sherri Collis of Online Enterprises, DBA Online Business Systems, Diana Greenhaw of Square and Julie Quandt of Discover chat about the importance of raising the profiles of female leaders in payment security.

If you couldn’t attend the Europe Community Meeting, there is still an opportunity to register for the Global Content Library.

Recently, our organization teamed up with the Consumer Technology Association to issue a joint bulletin on a very important topic, security surrounding the Internet of Things, or IoT. Joining me today for this episode are Andrew Jamieson, Vice President of Solution Standards at PCI Security Standards Council, and Mike Bergman, Vice President of Technology and Standards at the Consumer Technology Association.

In this episode of Coffee with the Council, PCI Security Standards Council’s Executive Director Lance Johnson gives a mid-year update on Council activities so far. These include the release of PCI DSS v4.0 and our newly redesigned website. He also discusses what you need to know for the second half of 2022 including the return of our in-person Community Meetings, the extension of the term of our current Board of Advisors, and the upcoming release of a new mobile standard.

In this episode, PCI SSC’s Nitin Bhatnagar, Associate Director, India, is joined by three Indian stakeholders from Amazon Pay, SBI Card, and HDFC Bank to discuss the newly released PCI DSS v4.0. These stakeholders offer their impressions of some of the changes to the standard, and their benefits, as well as the overall evolving payments landscape.

Neste episódio, Carlos Caetano do PCI SSC, Diretor Associado da Região LA do Brasil, é acompanhado por três participantes brasileiros da Adyen, Cielo e CloudWalk para discutir o recém-lançado PCI DSS v4.0. Esses membros do Conselho Consultivo Regional  do PCI SSC oferecem suas impressões sobre o padrão e como os comerciantes brasileiros e outras empresas podem fazer a transição para aderir aos novos requisitos.

Listen or read in English.

In this episode, PCI SSC’s Carlos Caetano, Associate Director, LA Region for Brazil, is joined by three Brazilian stakeholders from Adyen, Cielo and CloudWalk to discuss the newly released PCI DSS v4.0. These members of PCI SSC’s Regional Engagement Board offer their impressions of the standard and how Brazilian merchants, and other companies, can transition to adhere to the new requirements.

Leia ou ouça em português.

This episode highlights the release of PCI DSS v4.0. Elizabeth Terry, senior manager, community engagement at PCI SSC, will discuss upcoming engagement events such as webcasts and the PCI DSS v4.0 Global Symposium on 21 June. Lindsay Goodspeed, senior manager, corporate communications at PCI SSC, will discuss the variety of available resources to help navigate the changes to the new version of the standard.

This episode previews the much-anticipated release of the PCI Data Security Standard (DSS) version 4.0, scheduled to debut at the end of March 2022. Kandyce Young, Standards Development Manager at PCI SSC, will discuss the timeline and key highlights of the standard while Tom White, Training Content Manager at PCI SSC, will talk about what you need to know to prepare for transition training.

PCI Security Standards Council’s Executive Director Lance Johnson offers a preview of what’s new for the Council in the year ahead. In this episode, Johnson touches upon a variety of topics including recent personnel changes, and updates on new and existing payment security standards, including the much-anticipated debut of PCI DSS v4.0. From training programs and new Council endeavors, to the format of this year’s Community Meetings, Johnson describes what stakeholders can expect in 2022.