Welcome to our podcast series, Coffee with the Council. I'm Alicia Malone, Senior Manager of Public Relations for the PCI Security Standards Council. Today we'll meet one of the Council's newest team members, our Head of Engagement, Diana Greenhaw. Diana comes to the PCI SSC after a successful 20-year career in payments that included stops at WorldPay, Visa, and Block. Thank you for joining us today, Diana, and welcome to the team.
Diana Greenhaw: Thank you so much, Alicia.
Alicia Malone: So, your new role as Head of Engagement is also a new position at PCI Security Standards Council. Tell us a little about what this new role is and what you've been hired to do.
Diana Greenhaw: Sure. So, in this role, I have responsibility for leading and overseeing all aspects of engagement and collaboration with PCI SSC's key stakeholders. That includes payment networks, financial institutions, merchants, service providers, and vendors who make up PCI Participating Organizations. Additionally, it also includes the regulatory bodies that shape security-focused legislation around the world.
As PCI SSC has matured into a significantly broader organization with increasingly engaged constituents, it's more important than ever to elevate our engagement structure and establish a path for renewed stakeholder collaboration and direct contribution to payment security standards evolution.
Alicia Malone: You've had more than 20 years of experience working in payment security. Can you describe your career path in this industry and how it led you to PCI SSC?
Diana Greenhaw: Of course. So, I think I would describe my path to PCI SSC as being the result of following need-based opportunities. Early in my career, I found myself in roles managing relationships between various different players in the payment ecosystem. This eventually led to me working with large financial institutions on compliance programs that covered card issuing and merchant acquiring programs.
This allowed me to learn a great deal about the responsibilities that all parties have to comply with network rules, global regulations, et cetera. And more specifically, it helped me understand the role that everyone plays in the protection of the payment system. During that same time period, something started occurring all too frequently, and it was the compromise of payment data and then the resulting payment card fraud. This ultimately led to the formation of PCI SSC. And that's a completely separate and unique 18-year history lesson in itself, but that's for another time.
All of this to say that during my career, I've had the opportunity to work on various aspects of compliance programs associated with almost every standard and certification program that PCI SSC manages. So, when the opportunity came to join PCI SSC's leadership team under new Executive Director, Gina Gobeyn, I said yes.
Alicia Malone: This newly formed position will focus on better engaging with our expanded stakeholder groups. You bring a wealth of industry relationships and knowledge to the Council. You've also been actively involved by serving on both the PCI SSC Executive Committee and the Board of Advisors. What does that mean for you in terms of helping PCI SSC succeed in its mission to secure payment data?
Diana Greenhaw: I think, if anything, the most important thing I bring to PCI SSC in this role is perspective. I have experience working for a payment brand, a leading merchant acquirer, card issuer, a processor, and a point-of-sale solution developer. And in each of those roles, I've seen the value, and sometimes even the challenges, that compliance with PCI standards can bring to organizations. Additionally, in those roles, as you've mentioned, I've had a chance to serve on both the PCI SSC Executive Committee and the Board of Advisors. So, it is my hope that this experience provides me with the ability to balance the needs of all the different stakeholders to help move the Council through transition and into the future more effectively and efficiently than ever before.
Alicia Malone: So, if the mission of the Council is all about securing payment data as a standards-setting body, why is stakeholder engagement so important?
Diana Greenhaw: So, the simple answer is because our payment security standards are not created in a silo. The Council's success is tied to the collaboration with the many important players in the payments industry. The standards that are created at the Council are done so with involvement and participation from a wide variety of individuals and organizations. As technology continues to evolve at lightning speed and more threats to payment security are identified, it’s more important than ever to have as many voices represented at the table as possible.
In 2006, when the Council was created, many of the ways that we complete payments every day now didn't even exist. The industry has expanded extraordinarily in the past 18 years, and the Council and its stakeholders have adapted to those changes. The COVID -19 pandemic exponentially increased some changes in the payment system, like contactless.
Technology has changed more rapidly in the last 18 months, and we as an industry have seen a transformation in payments faster than ever before. Additionally, the next 18 months are really going to be evolutionary for the Council and transformative for the industry, and I am really excited to be a part of that change.
Alicia Malone: It most certainly will. I know that there's a lot of change coming, and we have been through an extraordinary amount of change in the industry recently. Diana, what are you most looking forward to in this new role?
Diana Greenhaw: I have to say that one of the things that I most look forward to is the ability to continue working with colleagues that I've known throughout my career, but in a new capacity. Taking this role at PCI SSC allows me to contribute to the payments industry in a different way and serve as an advocate for all of the organizations who work with and depend on PCI standards and certification programs as part of their overall security posture. I want to continue to increase the value of the relationship of all stakeholders with PCI SSC.
Alicia Malone: So, Diana, outside of your day job, tell us a little bit about yourself. What kinds of things are you passionate about? What would you like others to know about you?
Diana Greenhaw: When I'm not working, I try to find as much time as possible to spend with friends. And with those friends, I ride horses, I plan foodie dinners, snow skiing, and travel to places that I have not been before.
Alicia Malone: That sounds like so much fun. I want to be part of your foodie dinners. That sounds amazing. And of course, I would be remiss if I didn't ask you how you take your coffee since you're on Coffee with the Council. Or if you're not a coffee drinker, what do you prefer instead?
Diana Greenhaw: So, I'm definitely not a coffee drinker. I never have been, but I still need some caffeine to get started each day. And I do that with Diet Coke. Now, if we're talking happy hour, I love a well-made gimlet.
Alicia Malone: Absolutely, me too. Well, thank you so much for joining us on Coffee with the Council, Diana. It's been a pleasure getting to know you and I look forward to working with you at the Council.
Diana Greenhaw: Thank you, Alicia. I really look forward to working with you and the rest of the PCI SSC team. I'm really excited about the future. And I'd like to take a moment, as we wrap up here today, to remind listeners that we are quickly moving into the PCI SSC Community Meeting season. Registration is now open for all three regional events. North America is being held September 10 - 12 in Boston, Massachusetts. The Europe Community Meeting is scheduled October 8 – 10 in Barcelona, Spain, and the Asia Pacific Community Meeting is scheduled for November 20 and 21 in Hanoi, Vietnam. I plan to attend each of these events, and I hope to see you there.
Like what you’ve heard? Subscribe to PCI SSC’s “Coffee with the Council” podcast by visiting any of the following platforms: Apple Podcasts, Spotify, Amazon Music, Anchor, Castbox, Google Podcasts, iHeartRadio, Pocket Casts, RadioPublic, Stitcher, Audible, Overcast, or Pandora.