The PCI Security Standards Council (PCI SSC) recently announced the nomination period for the next PCI SSC Board of Advisors. The Board of Advisors represents PCI SSC Participating Organizations worldwide to ensure global industry involvement in the development of PCI Security Standards. As strategic partners, they bring industry, geographical and technical insight to PCI Council plans and projects. In this post, we talk with 2015-2017 PCI SSC Board of Advisor Member Tracey Long, Senior Payment Data Security Manager at Worldpay, about the role of the PCI SSC Board of Advisors in shaping payment security globally.
What do you see as the greatest challenge in payment security in 2017?
Tracey Long: The emerging regulations that are heading Europe’s way, combined with SSL/TLS changes that people will inevitably delay implementing, and breaches continuing to increase.
How does the PCI SSC Board of Advisors impact payment security?
Tracey Long: It sets the foundations for robust and achievable security protocols, which inevitably makes the payments ecosystem a safer industry. Without the PCI Security Standards Council setting the standards, and providing the frameworks via the standards, where would we be?
How has serving on the PCI SSC Board of Advisors benefited your company and your customers?
Tracey Long: Having a close working relationship with the PCI SSC and being on the Board of Advisors has meant that I have a better and more thorough understanding of why things are as they are. As a result of this, I have been able to bring that knowledge back to my company and customers and make suggestions as to how they may think differently about security, and to make sure everyone is aligned and all on the same page. It has given me a much better understanding as to why decisions are made within the PCI SSC, and why things take time, and I am able to feed that back to my organization and my customers.
Why did you run for the PCI SSC Board of Advisors?
Tracey Long: I ran for the PCI SSC Board of Advisors because I wanted to be involved in playing a part in making payment security a more practical industry. By sharing my experience of working with merchants, I am able to provide the PCI SSC and the Board of Advisors with firsthand experience of how the standards are impacting the merchants. As an acquirer my role is to engage with merchants all the time; therefore, I understand their challenges. By working collaboratively with the PCI SSC, we should all be able to get a much better understanding of what is best for all, and work together to defeat the bad guys and to promote better payment security.