The PCI Security Standards Council (PCI SSC) recently announced the nomination period for the next PCI SSC Board of Advisors. The Board of Advisors represents PCI SSC Participating Organizations worldwide to ensure global industry involvement in the development of PCI Security Standards. As strategic partners, they bring industry, geographical and technical insight to PCI Council plans and projects. In this post, we talk with 2015-2017 PCI SSC Board of Advisor Member Eric Brier, Chief Security Officer at Ingenico Group, about the role of the PCI SSC Board of Advisors in shaping payment security globally.
What do you see as the greatest challenge in payment security in 2017?
Eric Brier: Software security from a global point of view will become in the forthcoming years one major part of payment security. Preparing the industry and the standards is a key challenge for PCI SSC and the Board of Advisors in 2017.
How does the PCI SSC Board of Advisors impact payment security?
Eric Brier: The Board of Advisors provides the Council with a worldwide view about the implementations of the standards in the field, and in particular the challenges to be faced on the way to compliance. This enables us to take into account those challenges to ease compliance programs while keeping an adequate level of security.
Why did you run for the PCI SSC Board of Advisors?
Eric Brier: Ingenico Group delivers payment terminal and payments processing solutions in more than one hundred of countries. We thus have a global view on the payment methods variations according to geographies and wish to share this understanding with PCI SSC to ensure an efficient global deployment of security standards on the field.
How has serving on the PCI SSC board benefited your company and your customers?
Eric Brier: Being part of the PCI SSC Board of Advisors is a great opportunity to exchange on compliance and security with subject matter experts. The resulting deep understanding of the standard and the ability to influence their evolutions is key to deliver the most suitable security features to our customers.
What accomplishments of the 2015-2017 Board of Advisors are you most proud of?
Eric Brier: Despite some remaining room for improvements, the release of PCI Point-to-Point Encryption (P2PE) Standard version 2.0, which encompasses BoA feedback, is a shared accomplishment that will enable us to broaden the global footprint of PCI-validated encryption solutions. Such PCI-validated solutions have two major positive impacts for merchants by reducing the exposure to cardholder data breaches and simplifying their PCI DSS compliance program.