PCI SSC Works on Security for New Payment OptionsCTO Troy Leach Provides an Update on Standards Development
As new payment options continue to emerge via mobile phones and internet of things devices, the PCI Security Standards Council is broadening its security efforts, starting with a new standard for contactless payments coming early next year, says Troy Leach, PCI SSC's chief technology officer.
"We have the challenge of an ever increasing attack surface - the potential devices themselves that could be attacked; but at the same time, we have so many new security controls that are at our disposal," Leach says in an interview with Information Security Media Group. "For example, we now have real-time analytics authentication that can happen for every transaction because everything is connected."
In this interview (see audio link below photo), Leach discusses:
- The main areas of focus for PCI SSC in 2019 and beyond;
- How the council is helping small to midsize businesses counter payment security threats;
- How PCI SSC is addressing IoT payment security issues.
As CTO of the PCI Security Standards Council, Leach partners with council representatives, participating organizations and industry leaders to develop comprehensive standards and strategies to secure payment card data and the supporting infrastructure. He is a congressional subject matter expert on payment security and chairman of the Council's Standards Committee. Previously, he held various positions in IT management, software development, systems administration, network engineering, security assessment, forensic analytics and incident response for data compromise.