Navigation: Home / Events / PCI Europe 2009 / PCI Europe 2009: Agenda Outline

PCI Europe 2009: Agenda Outline

PCI Europe Logo Small

8.00-9.00: Registration

___________________________________________________________________________________________

Plenary Session 1

9.00-9.25: Executive Roundtable, ‘PCI Europe 2009: Compliance and Beyond’

9.25-9.50: David Civile, Programme Manager and Independent Consultant

Understanding Shades of Grey: Reinterpreting PCI DSS Requirements

  • What are the areas of PCI DSS that are open to interpretation, and is this a danger or a blessing?
  • How can you reinterpret the rules so that PCI DSS can work to gain benefit for your organisation, and what does this mean in terms of how you manage your QSA?
  • Where are the main errors made when mapping requirements to the specific structure your organisation?
  • How can you restructure your PCI DSS programme based on your reinterpretation of the requirements to ease the process of compliance and avoid last minute surprises during audits?

9.50-10.15: Thomas Raschke, Senior Product Marketing Manager, Security Solutions, Verizon Business

PCI Security Challenge Number One: Reduce Complexity!

  • The challenge: Which trends and problems keep PCI stakeholders up at night?
  • The mistakes: What can you learn from the PCI-related pitfalls others have experienced?
  • The answer: How does applying a structured approach to security, risk and compliance improve your PCI posture?

________________________________________________________________________________________________

10.15-10.55: Education Seminar Session 1

End-to-end Encryption and Best Practices

Nitzan Tal, Regional Marketing Manager, VeriFone

Live Hack Demo

Ian Eyles, Director of European Business, Security Metrics

Monitoring Beyond PCI: The Necessity of Governance, Risk and Compliance

Hervé Liotaud,  Sales Director France/CH/BeNeLux, LogLogic

Gorka Sadowski, Senior Technical Consultant, LogLogic

Maintaining PCI-DSS compliance using risk-based metrics

Ciske van Oosten, PCI Practice Leader, EMEA, Verizon Business

Click here for further details.

_______________________________________________________________________________________________

10.55-11.20: Networking Break

_______________________________________________________________________________________________

Plenary Session 2

11.20-12.00: Keynote Address: Patrick Wheeler, Former IT Audit Manager, Levi Strauss & Co.

Moving Beyond PCI: The Importance of Integration

  • Is PCI DSS a viable security strategy in itself or a minimum baseline standard?
  • Why is it important to think about security strategy on an enterprise-wide level?
  • What are the most common errors companies commit?
  • How do you ensure your QSA is successful while adopting an integrated enterprise-wide security strategy?

12.00-12.25: Steve Wilson, Head of PCI DSS Compliance, Visa

Putting Security First

  • How can you reduce the scope of compliance?
  • What is the value of building a security framework beyond PCI DSS?
  • Compliance versus securing your valuable assets?
  • How effectively can the use of strategic business partnerships
    increase security?

12.25-12.50: Wenlock Free, Vice President of Business Development, SecurityMetrics

The Hidden Benefits of Compliance

  • We hear a lot of opinions regarding PCI in the news, but what are positive the points?
  • Given that it is mandated and does not generate revenue, how can compliance add business value for your company?
  • What are the important factors that play a role in PCI DSS?
  • How is PCI DSS likely to change in the future?

____________________________________________________________________________________________

12.50-13.30: Education Seminar Session 2

PCI’s Impact on Merchants Utilising Terminal Solutions

Richard Running, Vice President, Marketing, Security Metrics

End-to-end Encryption and Best Practices

Nitzan Tal, Regional Marketing Manager, VeriFone

Integrity monitoring – the first step towards effective change prevention

Robert Eatwell, Product Line Executive, Endpoint Security, McAfee

PCI Compliance in 2010 and Beyond – A QSA’s perspective

Ryan Rubin, Associate Director, Protiviti

Click here for further details.

__________________________________________________________________________________

13.30-14.20: Lunch

____________________________________________________________________________________________

Plenary Session 3

14.20-14.45: Peter Baird, PCI DSS Manager, TUI Travel PLC

Side-stepping Pitfalls: How to Overcome Obstacles when Implementing PCI DSS

  • What do you need to look at to ensure that you achieve PCI DSS compliance?
  • How can you simplify PCI DSS compliance?
  • How can you reduce the need for technology in achieving PCI DSS compliance?
  • What would a business case for simplification look like?

14.45-15.10: Lars Syberg, PCI Manager, FortConsult

The Impact of PCI for banks and bank processing centres

  • To date, banks have put a lot of effort towards securing traditional bank data, but how does that model fit with the PCI DSS Standard?
  • How did some of the large European banks and bank processing companies handle their PCI projects?
  • How did PCI DSS impact the whole business?
  • How can compliance and security be managed together?

_______________________________________________________________________________________________

15.10-15.50: Education Seminar Session 3

Security Strategies for Maximizing Your Compliance Investment and Expanding Data Protection

Nick Barratt, RSM and Security Consultant, SafeNet

Define, audit and maintain the scope of your PCI environment

Sarah Swatman, EnCE CISSP, EMEA Technical Manager, Guidance Software

Level 4 Merchants Programs: Validating Mass Merchant Compliance

Richard Jones, EMEA Alliance Manager, Trustwave Ltd

PCI and Wireless Networks

Manav Khurana, Head of Industry Marketing, Aruba Networks, Inc.

Click here for further details.

_____________________________________________________________________________________

15.50-16.15: Networking Break

___________________________________________________________________________________________

Plenary Session 4

16.15-16.40: Eamonn Skyrme, Senior Manager, PCI Compliance & Scheme Management, RBS Worldpay

How to Keep Your Acquirer Happy

  • Why is my acquirer concerned about my PCI status?
  • What does an effective merchant-acquirer model of communication look like? How can this translate into more time to achieve compliance?
  • What are the key things that organisations are struggling with from an acquirer’s perspective?
  • How can your acquirer help you?

16.40-17.05: David Froud, VP, Global Compliance Services, EMEA/APAC, Trustwave Ltd

Overcoming Analysis Paralysis:  Making the Leap from Planning to Action

  • Review Business Processes: Don’t store the data!
  • Establish Scope: Reduce the assessment scope to only the required business processes and infrastructure.
  • Qualify and Quantify: Identify all compliant and non-compliant areas; prioritise remediation activities.
  • Take Action!: Execute all remediation plans in line with end goal.
  • Achieve Compliance: Establish initial compliance; define strategies for long term compliance.

17.05-17.30: Christophe Dolique, Chairman, SPVA

End-to-end Security frameworks

  • What does an end-to-end security framework look like?
  • Who needs to be involved in that framework and at what stages?
  • Can the implementation of PCI DSS be standardised and, if so, how?
  • How does PCI PED compliance relate to the PCI DSS?

___________________________________________________________________________________________

17.30: Forum Close