SureCloud is proud to sponsor of the 18th PCI London with AKJ Associates.
What is the event focusing on?
The event aims to highlight tipping points in security and compliance and to help practitioners adapt to them not just by looking at the narrow PCI DSS marketplace, but by bringing in speakers and solution providers who represent the future.
This January the event will look at the inconvenient truths of PCI DSS in a new light and explore ways to leverage them – and recent hacks – to improve security, privacy and the career paths of PCI DSS professionals.
The PCI DSS standard has been around since 2004. Compliance has always been a moving target as technology rushes ahead. Digital transformation, new payment, banking, and e-Commerce platforms complicate things further, as do acquisitions and other core business issues.
This 18th edition of PCI London will help you chart a path through a new and unfamiliar environment fraught with risk but also loaded with opportunity.
Where will the event take place?
On the 24th of January 2019, at the Park Plaza Victoria in London.
Who will be attending?
The SureCloud team will be there to discuss your Risk and Compliance needs.
Who will be speaking?
Our GRC Practice Director, Alex Hollis will be presenting on “PCI and beyond”.
Alex Hollis will be sharing some of his experiences and strategy when combining PCI compliance programs more broadly. PCI professionals will rightly constrain their thinking and approach to only satisfying PCI, and, with the goal of efficiency, reducing the effort as far as possible. This strategy works well in smaller, but with the ever-increasing demand of regulatory and industry compliance, often the areas which fall outside the scope for PCI may still be in scope for other compliance needs such as GDPR or ISO Standards. When looking at overall corporate compliance, some of the rules and techniques which PCI professionals excel at must be ignored otherwise the efficiency gain will just be temporary as the problem into another team or function. Four key aspects to this are:
- Ensuring that you are not limiting efforts around system inventories
- Building a model for your control framework which allows controls to be defined and managed once, which when compliant answer multiple compliance needs.
- Creating control compliance as part of the business as usual activities within the first line teams, making the accountability for controls and ease of management accessible to those who have other priorities within the business.
- Managing the compliance of third parties with appropriate assessments, avoiding assessment fatigue while getting high-quality, honest answers quickly and with as little impact to both sides.
Find out more about the event here.
Learn about our Compliance Management for PCI here.
Learn about our PCI ASV Scan Management here.