- This event has passed.
Join Us To Learn
- How to simplify compliance validation
- What will a QSA be looking for during an assessment
- Why the 'Customised Approach' future-proofs both the standard and your approach to it, and why you’ll never use it
- How to stay ahead of the inevitable changes
- How to develop Continuous Compliance Validation (CCV) processes through automation
Who Should Attend
CISOs, Information Security Managers, PCI DSS Programme Managers, Card schemes, acquiring banks, merchants, service providers.
Where it's Happening
- Tower 42
- 25 Old Broad Street
- London EC2N 1HN United Kingdom
When it's On
- Thursday, November 21, 2024
- 9:30 am - 5:00 pm
About the Facilitator
David Froud has 25+ years of experience in areas of Information / Data / Cybersecurity, including Regulatory Compliance, Governance Frameworks, Data Protection / Privacy, and FinTech. As Project Lead for several Fortune / FTSE ‘Enterprise Class’ clients, and many startups, David has performed 100s of on-site security and compliance assessments for merchants and service providers globally. Currently focused on helping organisations unify their security and data protection programs with regulatory compliance regimes including PCI, GDPR & PSD2.
Agenda
09:00 | Welcome, tea, coffee, introductions | |
09:30 | Session 1: ‘Does the New Standard Makes Sense? Background and Context’ | Subject: The PCI DSS, a Very Slow Evolution Subject: Is This Where the Standard Should Be? Subject: Is the ‘Customised Approach’ Really Such a Radical Change? |
10:30 | Break and Refreshments | |
10:45 | Session 2: New Reporting and Other ‘Innovations’ | Subject: Reports on Compliance (RoC) are at a Whole New Level Subject: Your Policy Set is now front and centre Subject: Overall Impressions and Things to Note |
12:15 | Lunch | |
13:15 | Session 3: New Requirements – Significant Impact | Subject: Significant New Requirement – What is the True Impact?’ Reqs. 3.2.1 / 3.3.2 – Encryption of Pre-Authorisation Data Subject: Web-Facing Infrastructure Req. 6.4.2 – Removal of Manual Review of ‘Public-Facing Web Applications’ Subject: Vulnerability Management / Incident Response Req. 10.4.1.1 – Automated Log Reviews |
14:45 | Break and Refreshments | |
15:00 | Session 4: Other Notables | Subject: Enhanced and Targeted Risk Assessments Subject: Continuous Compliance Validation Subject: So What Now? Subject: Discussion, Q&A |
17:30 | Event close and onto Networking Drinks and Canapes |