Martin McKeay and Mike Dahn conducted one of the most entertaining sessions at the recent Hacker Halted conference in Miami, discussing the challenge of PCI compliance in the cloud.
Martin is the author of the Network Security Blog and host of the Network Security Podcast. He has been working in the PCI field for over five years, first as the Security Manager for a service provider and then as a Qualified Security Assessor for the last three years.
He has worked with clients ranging from small colleges to some of the largest health care providers and service providers in the United States.
Mike founded the Society of Payment Security Professionals and Secure Payments Magazine devoted to risk management in securing payments. He has assisted forensic experts and law enforcement understand the underground economy and data breach risks associated with payment card fraud.
He has traveled the world training PCI qualified security assessors (QSA), merchants, banks, and payment application vendors on the risks associated with payment card data theft. Mike is also on the National Board of Directors for the InfraGard Members Alliance and has a Masters in Information Assurance.
“PCI Compliance In The Cloud : Why Or Why Not? Your management fears the auditors more than the hackers. So why is it they’re looking at moving cardholder data so quickly? Because ‘cloud computing’ is the new marketing buzzword that promises to do everything you ever wanted. So why shouldn’t you be moving your credit card processing to the Cloud? Because being PCI compliant in the Cloud requires significant thought and planning! And making a mistake could cost you a pretty penny.”
Infosec Island was proud to be a media sponsor for the Hacker Halted Miami event.
Bio information via the Hacker Halted webpage.