Top Sessions at the 2024 PCI SSC North America Community Meeting
September 5th, 2024 | By Jscrambler | 6 min read
On September 10-12, 2024, Boston will host the annual PCI SSC 2024 North America Community Meeting. The PCI SSC (Payment Card Industry Security Standards Council) North America Community Meeting is an annual event that gathers payment industry stakeholders, including merchants, service providers, financial institutions, assessors, and vendors, to discuss and share insights on payment security. The 2024 meeting will focus on the latest developments in PCI security standards, emerging threats, and best practices for compliance.
The event typically includes keynote presentations, breakout sessions, and networking opportunities, providing attendees with a platform to learn about the latest updates to PCI DSS (Data Security Standard) and other PCI standards, as well as to collaborate on improving security practices across the payment ecosystem. It serves as a forum for engaging with peers, sharing experiences, and staying informed about the evolving landscape of payment security and compliance.
Many QSA and PCI SSC professionals will share their insights on PCI DSS v4 compliance, payment security, and best practices when it comes to achieving compliance.
This article shares the key takeaways Jscrambler gathered from the most interesting sessions at the event in Boston. A common theme across the upcoming sessions led by QSAs and PCI SSC professionals is reducing payment risk efficiently and different approaches to achieving efficiency while ensuring compliance. If you’re visiting the Community Meeting this year, make sure to check out these sessions.
Adam Perella
Technical Director at Schellman Compliance LLC
Session info
Topic: Navigating Security Through Relationships
Date: Wednesday, September 11
Key takeaway |
Jeff Man
Trusted Advisor, PCI QSA, Online Business Systems
Session info
Topic: 6.4.3 & 11.6.1: Do You Understand Website Scoping
Date: Wednesday, September 11
Key takeaway “We want to provide some technical insights on modern web application architectures and how and where the new requirements 6.4.3 and 11.6.1 will need to be enforced. Many merchants accustomed to effectively “outsourcing” the responsibility of their eCommerce sites to third-party payment processors (e.g. qualifying for SAQ A) may be taking on more responsibility for their website whether they know it or not. Our takeaway will be for merchants to go back and evaluate their eCommerce sites and properly determine the scope and subsequent applicability of the new requirements.” |
Chad Leedy
Head of Strategic Accounts at ControlCase
Session info
Topic: The Future of PCI Assessments: Utilizing AI and Technology For Efficiency
- Current State of the Market
Date: Thursday, September 12
Key takeaway ControlCase will address the challenges and opportunities in utilizing AI and technology for security assessments. As technology footprints expand and security standards become more complex, the number of IT resources remains stagnant or decreases. AI can help offset limited resources by saving time in document review and providing expert recommendations. For security assessments, AI improves efficiency by enabling faster evidence reviews, allowing parallel processing, and facilitating collaboration without resource limitations. In the future, AI and technology are expected to play a larger role in enhancing security assessment processes. |
Mr. Kerry Steele
CISSP, CISA, CCSP, CDPSE, ISSAP, QSA, Principal Consultant, Coalfire Systems, Inc
Session info
Date: Wednesday, September 11
Key takeaway The key takeaways from Kerry Steels’s presentation include the following 3 points: - The path to zero trust is a journey, but the benefits are significant. - Organizations can enhance security, limit PCI DSS scope, reduce risk, and streamline their compliance efforts by adopting Zero Trust Architecture for payment systems with modern network security controls like service mesh with micro-segmentation and identity-based micro-segmentation. |
Jeremy King
Regional VP, EMEA, PCI Security Standards Council
Session info
Global Updates: Payment Trends and Threats
Date: Thursday, September 12
Key takeaway “Globally, payments are changing faster than ever. To keep payments secure, it’s more important than ever to stay ahead of emerging threats. Join me at the PCI SSC North America Community Meeting, 8-10 September, to hear all about “Global Updates: Payment Trends and Threats” and learn more about why your engagement matters.” |
Conclusion
Each session underscores the need for methods that can reduce risk and achieve PCI DSS compliance in the most efficient manner possible. The ways to achieve this are many, including fostering trust and communication, reevaluating website scopes under new requirements, leveraging AI for efficiency, or adopting Zero Trust Architecture. These insights highlight the necessity for organizations to stay ahead of the curve by integrating new technologies, reassessing their responsibilities, and enhancing security frameworks.
The Jscrambler team is looking forward to participating in the PCI 2024 North America Community Meeting and tuning into all these sessions and more. Meet our team at Booth #19 as we also discuss strategies to achieve compliance efficiently. Please sign up here to network with Jscrambler and other PCI SSC NA Community Meeting attendees at the Sólás Irish Pub at the Lenox Hotel.
Jscrambler
The leader in client-side Web security. With Jscrambler, JavaScript applications become self-defensive and capable of detecting and blocking client-side attacks like Magecart.
View All ArticlesMust read next
Jscrambler Launches QSA Alliance Program to Share Insights and Expertise that Help Organizations Achieve Zero Friction Compliance with PCI DSS v4 Requirements
Jscrambler launches the QSA Alliance Program to share insights and expertise that help organizations achieve zero friction compliance with PCI DSS v4 requirements. New program empowers PCI QSA...
July 24, 2024 | By Jscrambler | 6 min read
Jscrambler Introduces the PCI DSS Quick Start Program
Jscrambler developed a PCI DSS Quick Program aimed at removing obstacles to PCI DSS compliance for Merchants and removing the stress of finding an appropriate solution that is reliable and...
August 6, 2024 | By Jscrambler | 9 min read
