The Aegenis Group is dedicated to helping companies navigate the choppy waters of data security and privacy mandates. The Aegenis Group believes that the ability to understand not just the regulatory mandates themselves, but their total impact on the business environment can act as a compelling tool for business enablement.

From understanding the ways in which your products and services can protect sensitive data to making the right compliance decisions for your business environment, The Aegenis Group can assist your company in facing the increasingly complex landscape of the business world.

This blog is devoted to demystifying the PCI DSS compliance process and linking you with as many resources as we can. The goal is to decentralize the information and provide a better ROI to your company or your clients.

Want to get involved?

Do you have something knowledgeable to say about PCI? If so, post a comment to show you know your PCI-foo and we will reach out to you. Knowledgeable and well spoken commenters get author accounts on this blog.

Our current experts include:

• Michael Dahn is CTO of The Aegenis Group and well known PCI expert. He has performed hundreds of PCI security assessments for merchants, service providers, acquirers, and payment application vendors. He worked with Visa Inc. and MasterCard Worldwide on the continued development of the PCI DSS and PABP standards. Most recently he developed and trained the PCI qualified security assessors (QSA) and merchants in the US, UK/Europe, Asia-Pacific, and Latin America. He also led the internal rollout of the Discover Information Security Compliance (DISC) program for Discover Network.
• Jeff Hall is a Director in RSM McGladrey’s Technology Risk Management Services group and has been in the technology industry since mainframes ruled the Earth. Jeff started his technology career writing operating systems, telecommunications and system-level software for a number of well known, but some now defunct, technology companies and has migrated into technology management. He has worked with hardware from companies such as AT&T, Burroughs, Cray, DEC, GE, Honeywell and HP; operating systems such as MFT, MVT, MCP and MPE; telecommunication protocols such as Bisync, SNA/SDLC and DECnet; data management systems such as IMS, Image, Ingres and IDMS; and applications from vendors such as Fiserv, JD Edwards, Peoplesoft, SAP and Oracle; in industries such as banking, insurance, retail, publishing, manufacturing, distribution and construction. In regards to PCI, he has worked with the various card brand security and privacy programs since the very beginning. While at one time Jeff held a lot of certifications, he has trimmed things down to the CISSP and CISM certifications. Jeff is a frequent speaker at various seminars and conferences around the country on topics as diverse as security, telecommunications and strategic technology planning. In his spare time, Jeff has served as the President of the InfraGard Minnesota Members Alliance, one of the largest InfraGard chapters in the United States.
• Rob Newby is Director of Product Management for Kinamik Data Integrity S.L., a software company based in Barcelona, Spain. Rob has worked in the IT Security industry for ten years, in the UK and Europe, and has a personal blog which reflects these experiences. Rob has also worked as: a network engineer for an investment bank, a security administrator for a financial services provider and was working as a sales engineer for an IT Security reseller when PCI DSS was released. He subsequently became the UK and EMEA sales engineer for Vormetric plc, which focused heavily on PCI DSS as a sales driver, before a stint as head of pre-sales for an IT Security distributor, addressing PCI DSS requirements for several major retailers in the UK. He remains a dedicated follower of all compliance regulations and is desperately trying to help people understand them. Rob is currently living with his wife, Alix, in the middle of Barcelona, and spends far too much time in airports.
• Chris Hitchcock is a Vulnerability Signature Engineer for a major security company in the Silicon Valley. His areas of interest include vulnerability research, penetration testing, web application security, unix security and PCI. He holds a number of security certifications, but typically finds that sort of thing boring. When not working, Chris enjoys spending time with his family, backpacking, reading and target shooting.
• PCI PIN Security expert. Our resident PIN and encryption security expert knows just about everything related to the PIN security program and the details of fine encryption and key management.
• ‘Data Security’ is the resident PCI curmudgeon who posts information and hopes to clarify the compliance process. This is accomplished through a combination of informational and (hopefully) insightful views.
• (this could be you!)

Popularity: 7% [?]