2019 PCI DSS Workshop Materials
Tampa Marriott Waterside Hotel | Tampa, FL
May 5 - May 8, 2019

 

Attendee List by Name Attendee List by Organization

Guidebook Event App Access is by invitation only. Invitations were sent to the email address used for your registration on April 24, 2019. The PCI DSS Workshop 2019 guide is archived in the app and accessible to you going forward using your registration email and password.

Presentations Decks are hyperlinked to the session title for download. Missing and revised decks will be posted as they are received. PDFs of the decks are also linked to each session in the Guidebook App.

Continuing Education Credits Certificates of Attendance were emailed the week after the conference to the email address used for registration. Credit Reporting Forms

PCI DSS Glossary 2019

Sunday May 5, 2019

No sessions with materials

Monday May 6, 2019

General Sessions

8:00 − 8:30 am Opening Remarks and Pre-conference Survey Results

PCI DSS Workshop Co-Chairs: Ruth Harpool, AAP, APRP, CTP and Ron King

8:30 − 9:00 am PCI Workshop Orientation

PCI DSS Workshop Planning Committee Members: Robbyn Lennon, M.Ed., Senior Program Coordinator, University of Arizona; Kevin Sisler, CTP, Director of Treasury Services, University of Kentucky; and Linda Wilson, Director, Finance Systems & Services, Gonzaga University

Concurrent Sessions

9:00 – 10:00 am PCI DSS Refresh

Jon Allen, CISSP, Chief Information Security Officer & Interim CIO, Baylor University and Ron King, PCI DSS Workshop Co-Chair, Treasury Institute

9:00 – 10:00 am QSA/ISA/PCIP: Which is Right for You?

Robbyn Lennon, M.Ed., Senior Program Coordinator, University of Arizona; Kevin Sisler, CTP, Director of Treasury Services, University of Kentucky; and Peter Campbell, CISA, CISSP, QSA, Security Advisor, CampusGuard

General Sessions

10:30 am − 12:00 pm PCI’s Evolving Approach to Address NextGen Threats

Troy Leach, CISSP, CISA, Chief Technology Officer, PCI Security Standards Council

Concurrent Sessions

1:00 − 2:00 pm Point to Point Encryption in Higher Ed: What It Can Mean for Your PCI Scope

Linda Wilson, Director, Finance Systems & Services, Gonzaga University and Mike Sullivan, Vice President, Cashnet Sales, Cashnet

1:00 − 2:00 pm Mobile Payments Revisited

Preston DuBose, ISA, E-Commerce & Payment Security Manager, Texas A&M University

Concurrent Sessions

2:30 − 3:30 pm How the University of Florida Became PCI Compliant in One Year.... The Four Year Story

David Huelsman, Information Security Architect, University of Florida and Eric DeLaet, PCIP, Payment Card Assistant, University of Florida

2:30 − 3:30 pm Sustaining a PCI Environment

Kim Stringham, Systems Analyst, Texas State University

General Sessions

3:45 − 5:00 pm PCI DSS Lightning Round

PCI DSS Workshop Planning Committee

Tuesday May 7, 2019

General Sessions

8:00 − 8:15 am Opening Remarks

PCI DSS Workshop Co-Chairs: Ruth Harpool, AAP, APRP, CTP, and Ron King

8:15 − 9:30 am Verizon Payment Security Report: What Breached and Non-Breached Companies Are Doing Differently

Rodolphe Simonetti, CISSP, CISM, PCI QSA, Managing Director, Verizon Enterprise Solutions

Concurrent Sessions

10:00 − 11:00 am Building a Vendor Risk Management Program

Thierry Lechler, PCIP, Information Security Professional III, University of Central Florida; Ross Cooper, ITILF, Information Security Professional III, University of Central Florida; and Kevin Doar, CIA, CISA, ISA, PCIP, Director, Office of Merchant Services, University of Washington

10:00 − 11:00 am Your Website is Compliant, but is It Secure?

Corey Graves, Compliance Analyst, University of Minnesota and Jefferson Hopkins, CISA, CISSP, Security Advisor, CampusGuard

11:15 am − 12:15 pm Lessons Learned from our PCI Incident Response Tabletop Exercise

Tim Bradish, CISSP, ISA, Assistant Director, Security Operations & Incident Response, Cornell University and Kevin Mooney, CTP, Assistant Director of Cash Management, Cornell University

11:15 am − 12:15 pm Follow the Money

Jon Bonham, QSA, CISA, Principal, Coalfire Systems Inc.

General Sessions

1:15 − 2:15 pm Think Passwords are Enough? Live Hack and Password Crack Shows Why Multi-Factor Authentication is Crucial

Jennifer Stone, MSCIS, CISSP, QSA, CISA, SecurityMetrics, Inc.

Concurrent Sessions

2:45 − 3:45 pm The Evolution of PCI-Validated P2PE and Payment Security across the Higher Ed Campus

Eldred F. Garcia, VP Security Solutions, Bluefin

2:45 − 3:45 pm Unified Campus Commerce

Ethan Solomon, Vice President, Sales and Business Development, Adyen and Rhys Coles, Merchant Data Security Engineer, Adyen

4:00 − 5:00 pm HECVAT Update

Jon Allen, CISSP, Chief Information Security Officer & Interim CIO, Baylor University

4:00 − 5:00 pm Cyber Criminals, Compliance and Payment Security in Higher Education

Ruth Harpool, AAP, APRP, CTP, Managing Director, Treasury Operations, Indiana University and Ben Focht, Manager, Cyber Security Team, Nelnet Campus Commerce

Wednesday, May 8, 2019

General Sessions

8:00 − 9:00 am Compliance vs Security: Is It Possible to Have One Without the Other?

Jason Gray, Chief Information Officer, U.S. Department of Education; Michael Johnson, CISSP, ISA, Executive Director J.P. Morgan Chase Cybersecurity; Matt Leman, Executive Director, J.P. Morgan; and Dana Hwu, Associate, J.P. Morgan

9:00 − 10:15 am Protecting Your Organization from Business Email Compromise

Andrew Sekela, Supervisory Special Agent FBI

Agent Sekela’s deck cannot be shared, but he is sharing the following handout: BEC Handout - General Public

10:15 – 11:15 am Alternative Payments

Kevin Mooney, CTP, Assistant Director of Cash Management, Cornell University and Glenn Morgan, CISSP, CISA, ITIL, PCI-ISA, CCSP, CRISC, Information Security Analyst, University of North Carolina, Chapel Hill

11:15 − 11:30 am Wrap up, Last Chance Questions, and Forward Looking to 2020

PCI DSS Workshop Co-Chairs: Ruth Harpool, AAP, APRP, CTP, and Ron King

This webpage will be accessible until December 2019.