The arrival of the New Year welcomed another opportunity for Ground Labs to take a lead sponsorship position at PCI London once again at the Victoria Park Plaza Hotel on January 25th, 2012.
PCI London has established itsself as the premier PCI compliance event across Europe with the highest attendance of merchants in a single location. The many presentations delivered at the event targeted a range of important themes including network security, application security, data security, governance risk compliance (GRC), and PCI compliance scope.
The format of holding both main plenary and break-out educational sessions enabled attendees to learn and receive updates on addressing many of the common PCI compliance challenges that organisations face. It also provided senior decision makers with critical advice on how best to ensure information security compliance and implement payment security whilst minimising complexity to keep costs low.
Some of the speakers included Phil Davies from Aviva UK, who presented ‘compliance in the age of austerity’, a key note presentation on the solutions that save time and money while still maintaining or improving compliance levels. In addition to Mr Davies, Iain Johnston from BskyB presented a case study, demonstrating a story of the challenges on the journey to scope reduction, highlighting the importance of risk management, projecting the interesting notion that ‘necessity drives innovation’. This was followed by Graham Thompson of Semafone, presenting a live demonstration on ‘A day in the life of a contact centre fraudster’.
The presentation was a fantastic way of underlining the importance and necessity of PCI DSS, and practical attempts to thwart the fraudster at each step of their journey. This was complimented by Raza Al-Rehman Sharif’s presentation, from Sysnet Global Solutions on the evolving threat landscape, presenting methods used by attackers of the underground economy and how organisations should use threat modelling in order to reduce the chance of liability fines and reputation damage.
Ground Labs played a major role in the event by providing both a plenary and two educational sessions throughout the day on various aspects of cardholder data discovery and the key role it plays in addressing challenges that many organisations encounter when achieving or maintaining PCI DSS compliance.
The main-stage plenary was presented by our Director of Corporate Development, EMEA, Mohamed Zouine, on ‘The good, the bad and the ugly’, offering advice on how to avoid the often repeated but rarely identified errors and mistakes that lead to a breach.
The education sessions were led by our Director of Corporate development, Stephen Cavey, on using Cardholder data discovery to establish your true PCI scope. In the morning session Stephen provided the audience with detailed insights on where cardholder data is often found within typical organisations including some of the more interesting locations such as Emails and their attachments within Microsoft Outlook and Exchange Server, Microsoft Office files stored as Binary Large Objects (BLOBs) within Enterprise Databases and the large number of findings often encountered within compressed backup
archives that have been in storage for several years.
A live scan using Card Recon was performed showing just how easy it is to find hidden cardholder data within any type of environment and what can be done to permanently delete or remediate such findings.
Later in the day delegates returned for another session where a live demonstration of Enterprise Recon was given showing the importance of establishing automated cardholder data discovery scans to occur at scheduled intervals, thus ensuring any non-compliant cardholder data that was previously identified does not find its way back into your environment. Many people have asked for a copy of the transcript which can be requested by emailing enquiries (at) groundlabs dot com.
Europe has become the fastest growing market globally for Ground Labs and it is clear organisations throughout the region require the ability to perform accurate Cardholder Data Discovery as part of their on-going PCI compliance. This was further supported by the large numbers of delegates who requested post-event evaluations of our Card Recon and Enterprise Recon cardholder data discovery solutions.
Overall, PCI London was a very successful and well executed event and once again our thanks to AKJ Associates for all their hard work. Other sponsors in attendence were Nettitude, Veritape, Logrhythm, IP Payments, Barclaycard, Datapipe, Fortinet, Foregenix, Security Metrics, Dell Secureworks, Eckoh, HP Enterprise Security, Trustwave, Voltage, Commidea, Datacash, 4techSoftware, Digital Persona, Idera, Ingenico, Protegrity, Quarri, Quotium, Saint, Surecloud, The Bunker and The Logic Group
Ground Labs will be lead sponsors at the PCI London event in July once again. If you are looking for more information in the meantime please do not hesitate to contact our UK office on +44 203 137 9898