Track: 2 Talk, 30 minutes
Start Time: 14.00 Level: No prior knowledge / entry-level

The anatomy of a payment card breach

Far too many businesses are unaware that it is mandatory to comply with the Payment Card Industry Data Security Standard (PCI DSS) if they accept credit card payments. This is a huge blind-spot and it is putting businesses in the South West at risk of attack. Many organisations are under the misguided belief that using PCI compliant payment providers such as Sagepay, Stripe or Worldpay confers PCI compliance on their business.

Businesses failing to comply with PCI DSS are at risk of large fines, and the very real prospect of an inability to trade, should payment providers terminate their service due to non-compliance, or more seriously, experience a card breach

In this discussion Pete will look at some examples of how some recent breaches have happened and what simple controls could have been put in place to prevent them.

Session takeaways

  • High level understanding of payment card data (PCI) data security standard.
  • Common attack vectors for Ecommerce sites
  • Advice on securing Ecommerce sites

Bio

Pete comes from a military background, and has worked on security projects in the public and private sectors. His experience is backed up with leading security and network accreditations, such as PCI QSA, CISSP, CEH, along with TOGAF v9 certification.

Pete cemented his passion for cyber security and co-founded the South West Cyber Security Cluster with the vision to establish a ‘Centre for Cyber Excellence’ in the South West.

All speakers