The PCI Security Standards Council (PCI SSC) recently announced the nomination period for the next PCI SSC Board of Advisors. The Board of Advisors represents PCI SSC Participating Organizations worldwide to ensure global industry involvement in the development of PCI Security Standards. As strategic partners, they bring industry, geographical and technical insight to PCI Council plans and projects. In this post, we talk with 2015-2017 PCI SSC Board of Advisor Member Michael Christodoulides, VP, Security and Fraud Product Team, Barclaycard, about the role of the PCI SSC Board of Advisors in shaping payment security globally.
What do you see as the greatest challenge in payment security in 2017?
Michael Christodoulides: The internet and associated technologies has created an open, always on, connected world where business can be conducted both locally as well as globally. This has facilitated growth in payment methods, industry stakeholders and solutions. In addition this has engendered different threats - for example, the criminal no longer needs to be in the physical jurisdiction where the crime is committed, is often organized and technically capable. The greatest challenge for payment security in 2017 is to reduce the complexity of payment security compliance without reducing the payment security threshold.
How does the PCI SSC Board of Advisors impact payment security?
Michael Christodoulides: The PCI SSC Board of Advisors provides valuable, specific industry-sector knowledge in order to contribute towards wide ranging discussions that ultimately influence the direction and focus of payment security and the outputs of the PCI SSC. The implementation and maintenance of payment security has a cost, and it is important for organizations to spend wisely on security in order to mitigate current and future threats. Board of Advisor members are there to provide insight, leadership and challenge to current thinking in order to promote the establishment and ongoing maintenance of a secure payments ecosystem that is economical to deliver, efficient in operation, and effective in outcomes.
Why did you run for the PCI SSC Board of Advisors?
Michael Christodoulides: Barclaycard is a leading global payment business that helps consumers, retailers and businesses to make and take payments flexibly. Barclaycard has significant experience of actively participating in and positively influencing the development of payment security standards and the promotion of approaches to enhance data security. Our customers look to us for leadership and knowledge in the areas of payment security. Participating as a member of the PCI SSC Board of Advisors is an effective way of contributing our unique knowledge and expertise in order that payment card industry security standards remain effective in addressing current and future security risks.
What accomplishments of the 2015-2017 Board of Advisors are you most proud of?
Michael Christodoulides: The majority of businesses are small merchants that do not have access to the technical security expertise, which often seems necessary to securely manage consumer payments. The PCI SSC Board of Advisors recognized this and instigated a taskforce that delivered simplified payment security guidance. This guidance is continuing to be developed and the concept of simplification of payment security without reducing the security threshold underpins much of the work product of the PCI SSC.
As co-chair of the PCI SSC Small Merchant Task Force we are particularly proud of the way in which industry stakeholders have come together to produce effective guidance for small merchants. Participation as a Board of Advisor representative provides the opportunity to contribute towards shaping the future of payment security.