Ground Labs displayed live cardholder data discovery demonstrations to delegates attending the Visa Security Summit event in Dubai.
Our team once again attended the second Visa Security Summit 2011 held this time in Dubai on June 14 – 16 at the Grand Hyatt.
Delegate attendance consisted of financial acquirers, issuers and Visa business partners primarily from the Middle East, Africa and European regions. This also included a large contingency from various law enforcement agencies who work closely with Visa and it’s member financial institutions to track down and convict the criminals responsible for data breaches and financial fraud.
The event outline was similar to the Jakarta summit in that it covered multiple areas related to fraud and data compromise including Payment System Security and PCI Compliance, EMV Migration, Contactless Payments and Fraud Mitigation Best Practices.
The Visa Security Summit Dubai 2011 was held at the Grand Hyatt Hotel. This photo of a Dubai sunrise was taken from the 14th floor in the hotel. Dubai Airport hides in the background behind the haze.
The Dubai summit attracted various senior executives within Visa including Nigel Bath (Head-Fraud Control & Investigations International) and Mike Smith (Head, Risk Management Asia Pacific, Central Europe, Middle East & Africa) who offered presentations explaining current data compromise and fraud statistics and how Visa’s data security and fraud initiatives have been instrumental in mitigating many of the threat vectors that have evolved over the past 10+ years.
Also in attendence at the event was Ground Lab’s Middle East partner, Paladion Networks who already provide QSA and IT security management services to many of the financial institutions in attendance, and Stickman Consulting who recently expanded their global presence by opening a local office in Dubai.
An afternoon sunset in Dubai taken from the Desert Dunes on the 3rd day of the Visa Security Summit 2011.
Ground Labs’ presentation at this summit targeted financial institutions undergoing internal PCI compliance projects whilst also attempting to bring their merchant customer base into compliance. There was some great questions from the audience throughout the presentation leading to some discussion highlighting the fact that cardholder data can be found almost anywhere and only through cardholder data discovery can such instances of PCI non-compliance be accurately identified and resolved in a timely manner.
The vast desert dunes 50km outside of Dubai - taken on the 3rd day of the Visa Security Summit 2011.
Throughout the conference, it was noted on multiple occasions the strong need to be prepared for a cardholder data breach. There have been many high profile cardholder data breaches where the notification time taken to advise acquirers and card schemes was unacceptable by industry standards. Visa publishes guidelines on how to handle being breached including what to do, who to contact and when. These guidelines are available at Visa’s website In Case of Compromise site (or visit theUS link) which contains the What To Do if Compromised guideline document which outlines Visa’s recommendations for handling a cardholder data breach.
Our appreciation and praise goes out to Agnes Ng, Emoke Bitter, Mike Smith, Nigel Bath and the rest of the Visa team from Singapore who executed these 2 highly successful events in Jakarta and Dubai respectively.
