SureCloud attended the annual PCI SSC North America meeting last month both as a delegate and an exhibitor in the Vendor Showcase.
As PCI DSS v3.0 was launched during the 2013 PCI SSC meetings, all ROCs and SAQs need to meet v3.0 requirements from January 2015. With this on the horizon, the sessions focused heavily on clarifying the latest standard as well as the changes from v2.0.
Treating PCI DSS Compliance as Business-as-Usual (BAU) and getting into the spirit of the standard as opposed to approaching it as a tick-box exercise were both strong focus areas along with;
- Third Parties – most breaches still stem from weaknesses in Third Party suppliers’ security and controls
- P2PE – New guidelines drawn up following negative feedback from the community on the last paper
- Mobile – The future of payments
- Tokenisation
The Council were also able to announce Stephen Orfei as the successor to Bob Russo as the PCI SSC GM once Bob retires later this year. The delegates at the Orlando meeting were most impressed to hear Stephen’s emphasis on the Council’s move to focus more on the risk-based and prioritised approach to meeting the PCI DSS. Read the interview with Stephen Orfei in Bank Info Security which took place at the Meeting.
European PCI SSC Community Meeting
If you’re attending the European meeting in Berlin this week, we’d love to see you! Just pop along to the Vendor Showcase to say ‘Hello’! You’ll find us a stand 20 demonstrating the SureCloud Platform. If not, learn more about our PCI Automation capabilities here.
A few photos from the Vendor Showcase at the PCI SSC North American Community Meeting.