PCI Expert Summit in San Diego

October 8, 2020

Network with and learn from the foremost experts in the Payment Card Industry (PCI) at RSI Security's PCI Expert Summit this October, while also obtaining Continuing Professional Education (CPE) Credits.

    Date: Thursday, October 8, 2020

      Time: 12 PM - 6 PM

        Location: Marina Village Conference Center - Seaside Room

        1936 Quivira Way, San Diego, CA, 92109 | Parking is provided


          • 12 PM - 1 PM - Lunch

          • 1 PM - 1:30 PM - Speaker 1:
            Tim Hamon, FBI Cybersecurity Expert
            "The Wins and Losses of an Insider Threat"

          • 1:30 PM - 2 PM - Speaker 2:
            Jessica Sica, Information Security Director at Petco
            “How to survive a PCI DSS Assessment”

          • 2 PM - 2:30 PM - Speaker 3:
            Edward Asante, PCI ISA and Staff Technical Compliance Program Manager at Intuit
            “PCI Compliance in the Cloud”

          • 2:30 PM - 3 PM - Break to check out exhibitor booths

          • 3 PM - 3:30 PM - Speaker 4:
            John Shin, PCI QSA and Managing Director at RSI Security
            "PCI Standards and Programs Update"

          • 3:30 PM - 4 PM - Panel Q&A with Industry Experts
            • Kim Lamoureux, CISA -- Sr. Security Analyst at Sony PlayStation
            • Victor Gamra, CISM, CISSP, and PCIP -- Chief Technology Officer at FortifyData
            • Steve Levinson, CISSP -- Vice President & Chief Security Officer at Online Business System
            • Andrew Serwin -- Partner at DLA Piper Law Firm & Co-Chair at Global Cybersecurity Practice
            • Kyle Ngo -- PCIP, CISA, CRISC, CRMA, IT GRC Professional
            • Dan Clarke -- President at IntraEdge

          • 4 PM - 6 PM - Networking Mixer

          View printable itinerary

          Register Now

          More About the Event:

          Ready to network with some of the top cybersecurity experts in San Diego and Southern California?

          Join RSI Security as we host the first annual PCI Expert Summit, on Wednesday, Oct 2nd in sunny San Diego. The afternoon will include lunch, followed by speaker sessions from some of the foremost experts in the Payment Card Industry (PCI).

          The event will conclude with a happy hour mixer, where you’ll get to mingle with speakers, attendees, and other cybersecurity/compliance experts.

          It’s a unique opportunity to help us build a strong PCI community in San Diego, as well as network with other C-Level technology, cybersecurity, and compliance executives.

          Purchase tickets now.

          Ticket Purchase Includes:

          • Fully catered lunch
          • Admission to speaker sessions
          • Admission to networking mixer
          • Continuing Professional Education (CPE) Credits - written certification provided

          We look forward to seeing you there!

          About the Speakers:

          Tim Hamon - FBI Cybersecurity Expert

          More about the Speaker Cyber Crest

          Since 2001, Tim Hamon has conducted hundreds of computer examinations, testified dozens of times, designed, researched and tested tools used by the FBI’s computer forensics program, and created the FBI’s digital forensic fundamentals training curriculum. Since 2008, Mr. Hamon has been assigned to San Diego’s criminal cyber squad where he conducts cyber-specific forensic examinations and provides technical expertise and analysis for criminal cyber cases. Mr. Hamon has a master’s degree in software engineering and teaches digital forensics at the FBI academy.

          More about the Speaker Session

          The Insider threat is widely misunderstood. Even if your organization has the technical maturity to mitigate that threat, do your people have the emotional maturity?

          Learning Objectives

          1. Explain the conditions that lead to a disgruntled employee
          2. Describe how an organization can mitigate the threat of a disgruntled employee
          3. Define criteria of a workplace environment that can mitigate insider threats
          Jessica Sica - Information Security Director
          Information Security Director at Petco with 11 years in senior positions with 19 total years of experience in networking, information security, auditing, and infrastructure.

          More about the Speaker

          Jessica Sica

          Jessica has 7 years’ experience leading Level 2 and Level 1 PCI audits for retail and online gaming companies. She recently joined Petco to run their security team after leading Daybreak Games’ security program (where she was also their DPO) for the past 4 years.

          Jessica has had her CISSP since 2009 and has nearly 20 years’ experience in the information security field, including 12 years in leadership positions. She has worked in in various industries including retail, gaming, banking, and semiconductor.

          Edward Asante - Compliance Program Manager
          Edward has over 20 years of IT experience in various roles ranging from software development and application operations to IT risk and compliance management. Edward has been active in the compliance and risk management industry for the last 10 years.

          More about the Speaker Edward Asante

          Edward specializes in leading organizational change through the setup, execution and management of industry and regulatory compliance requirements including PCI-DSS, SOX and NIST 800-53.

          Edward is a certified Internal Security Assessor (ISA) and also holds an IT Information Library (ITIL) certification. Edward’s core focus is managing the operating framework of multiple compliance domains which entails working closely with development teams to implement scalable solutions, engaging with stakeholders, internal and external auditors as well as managing relationships with QSAs in performing PCI assessments. Prior to his current role, Edward held multiple IT positions in software engineering and application development at both Intuit and LogicaCMG – a global IT and consulting services company in England.

          More about the Speaker Session

          PCI Compliance in the Cloud covers how to setup and operate systems in the public cloud that conforms to the PCI-DSS cloud compliance guidelines and recommendations. The session will touch on some of the benefits and challenges in migrating to and performing PCI assessments in the cloud. While most of the traditional on-prem data center processes and procedures still apply to cloud assessments, the session will highlight areas where cloud compliance takes on a new dimension, notably in the area of scalable access to shareable resources, on-demand provisioning, building secure and durable baselines; to name but a few. In summing up, the decision to go to the cloud is for organization’s to make, and when they do, PCI compliance assessment will come along or will be waiting when they get there.

          Learning Objectives:

          1. Describe Intuit’s journey to the cloud and how PCI assessments are being performed
          2. Discuss benefits and challenges in performing PCI assessment in the cloud
          3. Share experiences of performing PCI compliance in the cloud from a Program Management perspective
          John Shin - PCI Qualified Security Assessor (QSA)
          John Shin is a distinguished PCI QSA in San Diego, CA.

          More about the Speaker

          John Shin

          John Shin in the Managing Director at RSI Security and has 18 years of leadership, management and Information Technology experience. He is a Certified Information Systems Security Professional, CISM, and Project Management Professional (PMP).

          He is the principal author on multiple Internet privacy and security technology papers such as the Dominant Cyber Offensive Engagement and Supporting Technology and Reconnaissance & Data Exfiltration for U.S. Air Force Research Laboratory.

          Mr. Shin has 18 years of leadership, management and Information Technology experience. His area of expertise is IT security and technology management. He was responsible for external customer information systems as well as the global infrastructure operations at Abraxas Corporation, a risk mitigation technology company solely focused on the National Security Community.

          Mr. Shin also worked in several management positions for Genoptix Inc. (Nasdaq: GXDX) in IT/Bioinformatic division. During his tenure at SunGard, Mr. Shin operated as an operations engineer responsible for mission-critical Infrastructure and ISO-compliance system processes.

          Industry Expert Panelists
          We have a wide variety of Payment Card Industry experts sitting on our panel. You will get a chance to ask our expert panel any questions you may have.

          Submit your questions now so that our panel can be the most prepared to answer them, email to: marketing@rsisecurity.com

          Take a look at who’s on the panel

          Kim Lamoureux, CISA – Sr. Security Analyst at Sony PlayStation

          Kim Lamoureux Photo

          “Kim Lamoureux has over 7 years experience leading Sony PlayStation’s Level 1 PCI assessment, both as an external consultant and eventually joining Sony full time. Over the past 15 years, Kim has managed multiple engagements across industries including risk management, compliance, and auditing. In her spare time, she actively participates in multiple cybersecurity inclusionary efforts, including cybersecurity and privacy for children. Kim was nominated and lead the ISACA San Diego Chapter as its acting president from 2017 to 2018. Kim has given talks at the Diana Initiative and twice at the ISACA Los Angeles Conference, and is also a volunteer CFP reviewer for the BSidesLV and Usenix Enigma conferences. Though she has a degree in biochemistry, her passion lies in cybersecurity and the intersection of payment system protection and commerce.”

          Victor Gamra, CISM, CISSP, and PCIP – Chief Technology Officer at FortifyData

          Victor Gamara Photo

          “My aim, since day one, has been to build the most comprehensive cyber risk assessment tool on the market, focusing on the 3 pillars of cyber security; Human Risks, Processes and Technology.”

          Today, in his role as the CTO, Victor continues to focus on building the capabilities of the FortifyData’s platform. The aim is to help companies of all sizes safely grow their business, and in the process become the most widely used cyber security platform in the world.

          “Our ultimate goal is to be proactive in addressing cyber risks. When you don’t have to worry about your data being compromised or stolen, you can focus your attention on what really matters, which is growing your business.”

          Steve Levinson, CISSP – Vice President & Chief Security Officer at Online Business System

          Steve Levinson Photo

          Steve is considered a thought leader in the cybersecurity community, delivering several presentations and webinars, and having published dozens of blog posts. Steve holds a CISSP certification and an MBA, and has over twenty years of IT security experience, and over 25 years of IT experience.

          Steve’s strong technical and client management skills combined with his holistic approach to risk management resonates with clients and employees alike. He has performed or participated in hundreds of risk assessments and compliance assessments and has served as a key strategic advisor for hundreds of clients. In addition to serving as virtual CISO for several clients, Steve has also performed security architecture reviews, network and systems reviews, security policy development, vulnerability assessments, and served as cybersecurity subject matter expert to client and partner stakeholders.

          Andrew Serwin – Partner at DLA Piper Law Firm & Co-Chair at Global Cybersecurity Practice

          Andrew Serwin Photo

          Andrew Serwin is one of the pre-eminent privacy and security practitioners in the world. Clients describe him as a "rock star lawyer," "a walking encyclopedia on anything data protection related" and "a tireless worker, holding onto the ever-shifting puzzle pieces of the law in this area in a way that other privacy lawyers cannot" (Chambers USA).

          Andrew advises a number of Fortune 500 and emerging companies alike regarding privacy, security, crisis management and national security, with a particular emphasis on: international compliance; health privacy; mobile; behavioral advertising; the Electronic Communications Privacy Act and wiretap issues; electronic marketing concerns; social media; and compliance with FTC requirements.

          Kyle Ngo – PCIP, CISA, CRISC, CRMA, IT GRC Professional

          Kyle Ngo Photo

          Kyle has worked as a trusted professional for Fortune 500 companies in the spaces of utility, retail, gaming, manufacturing, hospitality, and professional services. He has over 27 years of proven results in IT, Finance and Internal Audit with various dynamic leadership and controllership roles with the following focus areas:

          • Payment Card Industry Data Security Program Governance
          • Third-Party Risk Management
          • Data Privacy and Cybersecurity Governance
          • Sarbanes-Oxley (US-SOX, J-SOX) Compliance Program Governance
          • Japanese Funds Settlement Law Compliance Governance
          • Compliance, Financial, and Operational Risk Management
          • Accounting and Taxation

          Kyle is a member of InfraGard Houston, and has also coached and mentored cross-functional teams in situational leadership.

          Dan Clarke – President at IntraEdge

          Dan Clarke Photo

          Dan Clarke is the President at IntraEdge. He has 30 years of experience combining technology with media, retail and business leadership, has held executive leadership roles at Intel, and is a 9-time CEO. His focus has been on clearly implementing a growth and exit plan through capital and talent acquisition. Notable professional and personal accomplishments include raising $300 million from top-tier venture and private equity firms and in the public markets, building an extensive network of business relationships, and competing as an Ironman triathlete.


          FortifyData Logo
          Darktrace Logo
          Bird Rock Systems Logo
          Truyo Logo
          Keyfactor Logo

          Interested in becoming an event sponsor? Email marketing@rsisecurity.com for more info.