Real business strategies for GDPR implementation

A business strategy for GDPR

A business strategy for GDPR

Now that the GDPR has finally arrived, organisations must take the appropriate steps to ensure that they know where their sensitive data resides. The duty of care now rests fully on the business to meet the requirements of compliance. In this video, John Cassidy, Ground Lab’s Global sales leader gives a comprehensive presentation on the best strategies to help organisations deal with the GDPR.

Organisations that store personal data of any kind must report data breaches to the affected parties within 72 hours, fulfil Subject Access Requests within 30 days and in addition, execute requests for the deletion of stored personal information (The Right to be Forgotten). The activities highlighted above are now essential for organisations to fulfil in order to achieve GDPR compliance. However, achieving and maintaining compliance are two different tasks.

The GDPR has evolved from outdated data protection laws and now adds updated and unified data security features. The symbiosis of many data protection ideals has grown into one another to create a welcome step forward for data transparency in the European Union. With personal data becoming an attractive target for hackers looking to sell it on the dark web to the highest bidder, the new updated data protection laws have been widely welcomed by industry. With high profile scandals such as the Facebook and Cambridge Analytica incident becoming more and more frequent, the new EU law provides some solace for citizens who are concerned about the fate of their personal data.

Data Transparency

Data Transparency

John Cassidy suggests that the best way for organisations to achieve GDPR compliance is for all departments to act in unison. There is a common view that the IT department should be responsible for GDPR protocols but this simply cannot be the case because compliance, once achieved, must become common practice. The IT department, for example, cannot be expected to manage the data of Sales, Marketing and Finance. Inter-departmental cooperation is necessary to avoid data stagnation and to make certain that GDPR compliance activities become a regular part of day-to-day business practises. With all departments working together to manage the flow of information, the organisation as a whole will find itself functioning comfortably within GDPR compliant parameters.

There are no quick fixes for GDPR compliance. Continuous monitoring is the only way to stay within the boundaries of the new legislation and not break the law. In cases where companies are processing large volumes of data each day, the duty of care falls on them to make sure that effective systems are in place to monitor and manage the information. If a GDPR regulator performs an audit and finds a myriad of sensitive personal data cast carelessly into a recycling bin and forgotten or old sensitive information left archived on a disused database, they will not hesitate to penalise.

Cost of GDPR

Cost of GDPR

A commonly held thought by individuals within the data processing industry is that a data tsunami is coming. And with the GDPR now in full effect, that time has never been closer. Organisations must take care in case they fall victim to a massive data breach that could prove extremely costly, both in terms of finance and reputation.

Wherever sensitive data is being stored, it is imperative that organisations keep it in an easily accessible and carefully organised way in order to deal with any compliance related queries in a timely manner.

Organisations that follow this best practice guide for regularised compliance activities and adopt the habit of interdepartmental concurrence will find that GDPR compliance will become a part of their daily business. With this, the process of dealing with the GDPR will be smooth and easy, and all consequences of non-compliance will be avoided as a matter of course. Ultimately the GDPR is about promoting data governance in organisations so consequently organisations that make compliance a part of their usual practises can rest easy in the knowledge that they are up to standard.

To watch the full video please click here

The countdown is truly on for GDPR and the time to act is now!

Act now for GDPR

16th PCI London, 25 January 2018, London, UK

Without sounding over dramatic but time is truly running out for businesses who have yet to engage or consider how to become compliant for GDPR. The clock is ticking and with less than 6 months remaining until GDPR is rolled out across the EU, the time to start your complaint process is now. Researching GDPR is easy with the vast volume of information the internet is producing each day, but who do organisation’s turn to for practical help that will aid them in becoming compliant? We believe Ground Labs is part of the solution.

In under 6 months-time, GDPR will be rolled out across the UK and the wider EU putting into law a set of regulations that will impact every business when dealing directly with EU citizens personal information.

Who within the organisation does the responsibility of preparing for GDPR ultimately fall on? Can this important task be left to the head of IT? From our experience, we are finding that the GDPR journey needs to be more of a company-wide approach. The regulation is very clear that businesses must ensure privacy by design when projects are undertaken. Privacy and security must go hand in hand from the beginning to the end of any project and to take a wider organisational approach to compliance will yield better results.

The clock is ticking for GDPR

Taking a companywide decision allows businesses to get ahead of GDPR and put into place the necessary steps. We are also noticing businesses who use the PCI DSS framework for compliance have taken major steps in their preparation process for the ongoing GDPR storm, those who take this path will help them to build a total compliance framework covering all standards.

The compliance frameworks are just one part of the bigger picture of GDPR. There is a real business need in the market for practical ways to address these challenges on a daily basis and to help assist with continuous compliance. We suggest having the ability to forensically scan for all structured and unstructured data across your entire businesses environment.

Enterprise Recon

Having a tool that has over 200 data types preconfigured to allow you to highlight what sensitive data was found and report back on it is one thing but once this data is found there needs to be practical policies in place to remediate it. Enterprise Recon not only gives you the power to scan and remediate sensitive data within your environment but through the custom scanning capability it will help you comply with Article 15 “Right to Accesses” or a Subject Access Request and Article 17 “Right to Erasure”. Once you know where the sensitive data is currently sitting you want the ability to effectively manage it and report back to the data subject.

We understand this is only one part of the process but taking steps now to discover, monitor and remediate sensitive data is key to PCI and GDPR, so act now!


The PCI DSS has set a goal of Business-As-Usual security, while GDPR needs businesses to ensure privacy by design. Under these rules, businesses will have to integrate data privacy and security from the start to end of all projects. Our Enterprise Recon software allows you to simplify the processes needed to make security a Business-As-Usual practice for your organisation. Recurring scans can be set to ensure continuous monitoring. You can also receive concise and detailed reports of your business’ data build-up, directly on your management dashboard. Finally, we believe being at this year’s PCI London event will give us the opportunity to share our experiences in the market and give practical tips to businesses to deal with the four main articles of GDPR.

Meet us at this year’s PCI London event in Park Plaza Victoria, 239 Vauxhall Bridge Road, London, SW1V 1EQ. UK. To register your interest in a Demo please contact

PCI Community Meeting: GDPR front and centre

PCI Barcelona 2017

Meet us PCI Community Meeting in Barcelona

We recently returned from the AISA Conference in Sydney, Australia, after presenting Ground Labs data security proposition to global and local businesses alike. The organisations we spoke with who had a European presence quickly turned the conversation to the new General Data Protection Regulation (GDPR) deadline of May 2018 and how Ground Labs can help to prepare them for the new regulation.

The organisations we spoke to had an overwhelming realisation that GDPR will play a major role in how they handle sensitive data, privacy policies and data security moving forward into 2018. The need to take a company-wide approach is a new concept, as in the past these decisions would have firmly rested with the IT dept. This new approach will allow businesses to tackle the grey areas of the regulation and allow them to become compliant.

In my previous Blog, I set out how GDPR will impact businesses and the steps they will need to take to prepare themselves for compliance. This week’s PCI Community meeting in Barcelona will put GDPR front and centre.

Our global presence gives us a unique insight into how organisations are dealing with GDPR across all the major markets we do business in (EMEA, APAC and North America) This has allowed us to be a major factor in helping them define their data security policy around their structured and unstructured data.

With this clear messaging from businesses, I felt it necessary to outline our role in helping them deal with the role out of a GDPR initiative. Our positioning takes a different turn to the majority of the noise. As a security software vendor, we understand the importance of securing sensitive data while giving companies the option to protect their environment through our forensic data search tool.

The Ground Labs solution offers proven capability based on Ground Labs’ existing market focus on being the #1 discovery product vendor in the PCI compliance space. However, in response to increased data breach notification and privacy requirements from existing customers and the market in general, Ground Labs has continued to evolve its product capabilities to meet these additional requirements with a broad variety of Personally Identifiable Information (PII) that may also be utilized by organisations over the long term.

Want to learn more? Have further questions about where your data is stored? Register your interest in receiving a free risk assessment click here.

How Cyber-Secure Is Japan, Really? That Question Answered, and More, at PCI Tokyo

A lot of the data breach stories we read about seem to focus on America. Even with cyber attacks and threats against Sony Pictures, which lead to The Interview not making a theatrical release, felt more like an American story than a Japanese one.

Make no mistake, though: Japan faces a great deal of cyber-crime, even if we aren’t always reading about it.

A report by Trend Micro titled ‘The Japanese Underground’ showed that in 2014, the number of potential cyber crime cases went up a staggering 40%.

The financial damage from illegal online bank transfers in the same year totalled US$24 million.

Given that e-commerce market in the APAC region is even more vibrant than in the entire of NA, and that CNP fraud is the fastest rising type of fraud in the APAC region, it’s easy to see that if things don’t change, the future of credit card payment in Japan is grim.

Fortunately, things do look like they are about to change.




At the PCI Tokyo conference held two weeks ago, data security experts met to learn more about the state of data security in the region as a whole, as well as take part in discussions that could lead to solving the current data breach crisis.

One of the key takeaways from the conference is that Japan is actively working on making payments safe both for its residents as well as tourists. One of the reasons they are doing this is to prepare for the 2020 Tokyo Olympic and Paralympic games, where they are expecting to see a gargantuan crowd of people shopping with their credit cards.

Methods they are employing include eliminating malicious merchants, and increasing the number of EMV-enabled terminals used all over Japan.


Is the PCI Standard Working?

Interestingly enough, another common theme at the PCI event seemed to be the effectiveness of the standard, which comes under fire every time a company gets breached despite having attained PCI compliance.

The resounding opinion is that the reason many companies get breached despite meeting compliance standards is that they treat PCI compliance like Christmas; like security is a special thing you only pay attention to once a year during an audit.




Here are some of the key points raised by various speakers regarding the issue:

  • PCI’s focus is preventing CNP data from being compromised, not preventing compromised CHD from being used.
  • Of all the payment data breaches investigated in the last 10 years, not a single organization was found PCI DSS compliant at the time of the breach.
  • Security is seeing the business value in using PCI compliance controls.
  • PCI DSS can be a good pointer for other security goals
  • The question is not what is safe or unsafe, but what is acceptable or unacceptable.
  • It’s impossible to remove every risk, but it is possible to keep that risk at an acceptable level.


Ground Labs @ PCI Tokyo

As with every PCI conference, we at Ground Labs were busily showcasing our next-gen data security solutions, and it was great meeting a lot of QSAs that operate only in Japan.

We heard from them the usual horror stories we get all around the world, like how clients they audit still use the default network passwords.

Overall, we can definitely see Japan moving forward towards a more secure future, and we are excited to see the government create an environment where everyone feels safe paying with their credit cards.

And that’s only partially because the Japanese Yen coins weigh a little too heavy in our pockets for our liking.

What Does Data Security Look Like in MENA?

The PCI Security Standards Council hosts some of the best data security conferences on the entire planet, and best of all t is that each conference is tailored specifically to the region it’s held in.

Interestingly enough, at the recent 2015 Middle East Forum held in the Conrad hotel, Dubai, the focus was not as much on preventing credit card fraud. More rudimentarily, it was about the need to convince nervous consumers in an emerging market that credit card fraud is nothing to be afraid of.

A Big But Hesitant Market

Commerce in general is booming in MENA, and there’s currently a mad scramble to get into the market before it matures, to start earning customer loyalty early.

Plenty of international e-commerce companies are trying to get a slice of the fresh, tasty pie as well, but customers aren’t biting as hard as they are elsewhere in the world.

An estimated 56% of consumers surveyed named credit card fraud as their number one concern regarding online purchasing, and given the absurd number of hacks taking place around the world on a daily basis we don’t really blame them.

The PCI Council’s International Director Jeremy King delivering an opening speech at this year’s PCI Middle East Forum

The temporary situation comes in the form of prepaid cards, which are being used quite widely. Consumers can charge these cards beforehand, and use these cards in their online payments to ensure that their credit card numbers never enter a merchant’s database (if you’d like to learn more about prepaid cards, check out this blog article.)

In reality, prepaid cards do not really help negate the risk – they do little more than provide a placebo sense of security.

The real solution is creating an online payment environment that users will feel safe using their cards in.

That dream is one that the PCI DSS council works towards fulfilling, along with merchants and data security experts from around the world.

MENA At A Glance

Is the region worth tapping into? With 175 million MENA internet users, an $18 billion growth in credit card usage, and a projection that 80 million MENA consumers will be using mobile banking by 2017, we have to respond to that rhetorical question with a sarcastic yet very respectful “duh”.

How safe, though, is MENA in comparison to the rest of the world in terms of data security? One key indicator is the fact that 86.3% of terminals are chip-enabled, compared America who have only just started using the technology in the last year. Riding on the commerce boom, new technologies like ApplePay and biometric payment methods are also projected to be less than 2 years away, assuming they prove worth implementing.

The malls in Dubai get a lot of organic traffic, so retailers do not feel the need to go the extra mile to pull in customers.

None of this is to say that the PCI compliance is not a priority in MENA- on the contrary, quite a few well-known Emerati companies were in attendance at the event.

Word on the floor, though, is that in the banking industry, PCI compliance is compulsory for banks in Saudi Arabia, but not yet the UAE.

Only the top 4 acquiring banks in UAE are held to the council’s standards for credit card security, while the other 50 or so banks are not strictly regulated.

No Need To Try Harder, Because No One Else Is Trying Either

In Dubai, not many websites are currently offering e-commerce solutions at the moment. One Dubai resident that I spoke to lamented that not many commercial websites offer anything more than the bare bones [homepage/about us/products/contact us] page combo. Because tourism is so rich in Dubai that store walkin-in traffic is already organically high, there really isn’t a need to try harder to get customers.

But given that commerce is growing faster than they can build a Disneyland AND a Universal Studios in Dubai, it’s only a matter of time before consumers make online payment a staple, and hackers start taking notice.

But just as merchants are concerned with slowly nurturing their businesses in the region, so should PCI compliance grow into a mandatory business need. Because if online payment takes off while PCI compliance doesn’t, it’s going to spell very bad news for everyone, except the hackers.

(Image source)

Ground Labs at the PCI Security Council Asia-Pacific Community Meeting

The Ground Labs Team has travelled to over 7 payment card industry related conferences this year, and it’s not just because we love racking up frequent flyer miles- for us, mingling with other members of the data security community and showcasing our products is one of our top priorities, and one that we relish.

And it’s not been without purpose, either- at this year’s PCI Asia-Pacific Community Meeting held in Sydney, Australia, it seemed we have become something of a household name for many QSAs in the region. It was amazing talking to people who use our products on a frequent basis, and hearing their inputs on how we can further improve upon our data discovery tools.

Of course, the main highlight of these events is the talks by distinguished members of the PCI Council, as well as data security experts from around the world.

As with all PCI Community Meetings, the key focus was the future of the payment card industry. Jeremy King, the International Director of the PCI Security Standards Council (PCI SSC), opened with a very stern, hard-hitting fact- that cybercriminals are much more focused and efficient than we are. While security is not a top priority for many of us, it is for criminals, which is why the good guys often find themselves on the losing end.

King also warned of the dangers of the world getting more connected, that the more of our gadgets and gizmos come equipped with chips and internet connectivity, the more at risk we are. Shara Evans, a Technology Futurist (how cool is that), backed up this fact, by delivering a flashy presentation showing off new emerging technologies and how they could pose a threat to security. Some examples include pacemakers that can potentially be dealt a 830v shock from 50m away, and drone technology that can be used to spy on the public, even reading credit card details from the sky.

Speaking of the sky, Sydney has some excellent rooftop views.

There was also a lot of talk revolving around the PCI Data Security Standard (PCI DSS). PCI SSC council members Troy Leach, Emma Sutcliffe and Gareth Bowker gave a shared presentation on the PCI Technology Update.

One interesting statistic shared is that only 1 in 9 companies could meet PCI standards the year after they had been declared PCI compliant, which shows that more emphasis needs to be placed on maintaining compliance. Currently, many vendors are placing too much reliance on annual assessments, failing to adapt to new changes, and putting compliance aside to meet other business needs.

Chris Novak, the Managing Principal of Global Investigative Response from Verizon, further elaborated on the Verizon Data Breach Incident Report 2014, and included some most-welcomed additional statistics not included in the report. One of the things he said he hears often is that a lot of people who suffer breaches ask why they were targeted, when their competitors seem to be more lucrative targets. Novak’s answer is simple: you were simply more vulnerable. 73-75% of breaches are opportunistic in nature, and hackers are not above going for low-hanging fruit.

One of the show highlights, though, had to have been the appearance of the new GM for the PCI Council, Stephen Orfei. Taking the stage to the tune of Eminem’s ‘Lose Yourself’, Stephen was quick to dismiss the notion of EMV chip cards as the silver bullet America is waiting for, and that card-not-present transactions are just as at risk as ever.

Orfei also addressed the demand for a PCI DSS for the mobile territory- while it’s incredibly difficult to create a standard for the platform, it’s one of their key focuses, and while a standard may be some time away, guidelines might be something closer in the horizon.

All in all, it was a great conference- we got to touch base with existing contacts, and make many new ones as well. We’re looking forward to next year’s PCI Asia Pacific Community Meeting in Tokyo so much, we’re picking up Japanese. こんにちは!

Who Controls Our Data? A Common Theme at the MasterCard Academy of Risk Management

With online credit card fraud only continuing to rise, the latest MasterCard Academy of Risk Management event reminded us that the only way to fight this threat is together as an industry.

Kicking off the Asia Pacific segment of the event series in Kuala Lumpur, Malaysia, the General Counsel and Chief Franchise for MasterCard, Tim Murphy, reminded us that EMV and Tokenisation are important tools in the fight against hacking. This advice is particularly relevant for retail given the number of major US retail chains suffering a credit card data breach recently.

Balance was a key theme that was stressed throughout the conference; Tim and the other event speakers reiterated that that businesses need to earn the trust of their consumers through a sense of security, but at the same time this should not get in the way of them providing a quality customer service experience.

The Senior Regional Counsel for Privacy Data at MasterCard, Derek Ho, also emphasized the need for balance when dealing with sensitive data, asking hard-hitting questions like where the line should be drawn when deciding who gets to control data, and to what degree.

The lucky winner of our iPad Mini giveaway, Poon Hoe Meng

Derek spoke at length about the laws and penalties countries are adopting to force companies to take data protection more seriously. He strongly believes that more data breach laws are on the horizon, and that Japan is a country worth keeping an eye on, as they try to find a balance between using data in a big data world and respecting the individuals right to control the use of data.

Representatives from law enforcement also presented and revealed the current cyber crime trends, even giving insights into the minds of internet criminals. The Detective Chief Inspector attached to the Counterfeit & Forgery Section of the Hong Kong Police, Ian Cowieson, shared the alarming statistic that Card Not Present online fraud has an abysmal 4% detection rate. Rebecca Ledingham from Interpol shared profiles of malware developers they have caught, and the fact that they all share very similar backgrounds and psychological patterns. So the good news is the bad guys are being actively chased by international law enforcement. The bad news is that new criminals are surfacing all the time given the high ROI a successful data breach can generate.

Ground Labs supported the Mastercard event as a sponsor and contributed to the knowledge exchanging throughout the event. As the broader industry knows well, the Asia region is lagging far behind its European and North American counterparts for security compliance initiatives due to a lack of compliance enforcement. However, given the level of interest shown towards PCI compliance and data privacy by attendees, it’s a positive sign that sensitive data security & protection will be given the attention it deserves by businesses in the region, once more compromises are announced in the public domain through mandatory data breach disclosure.

On the heels of last week’s solid event, MasterCard is getting ready for the next leg of the MasterCard Academy of Risk Management series, which will be held in Dublin, Ireland, from September 29 to October 2, 2014. The event is set to cover a wide range of important topics such as European fraud trends and data security threats impacting the region.

Ground Labs will once again be attending and sponsoring the event, and we are looking forward to more great learning and sharing opportunities with other industry professionals.

PCI London January 2014

With the recent announcements from some major US retailers suffering a data breach over the December – January holiday period, this year’s PCI London event came at just the right time.

As expected, a great deal of discussion revolved around these recent US data breaches and it was also the first PCI London to occur since the PCI DSS 3.0 draft standard was released

PCI London Plenary Session

last year. All these factors combined resulted in the largest number of attendees since the event started 5 years ago, drawing over 400 end-user delegates and a maxed-out vendor showcase floor.

Presentations throughout the day covered a variety of topics starting with Jeremy King from the PCI Security Standards Council discussing the applicability of PCI Compliance in a world that is continually changing.

Ron Khalifa from Worldpay gave an aquirers perspective on PCI compliance, discussing

PCI London Vendor Showcase

the challenges of assisting a large customer base become PCI compliant and later in the day, Chris Mark from AT&T gave the keynote address reflecting on his 10+ years in PCI compliance. We all know of Chris from his days running the famous PCI Answers portal which eventually became the Aegenis Group with Mike Dahn and team.

Ground Labs Education Session – Cardholder Data

Ground Labs presented on the latest Cardholder Data Discovery strategies with particular focus on the ability for Card Recon and Enterprise Recon to search system memory as a combat against memory scraping malware used in the recent US data breaches. There was considerable interest in Card Recon 2.0’s latest features which included Cloud Storage scanning and Remediation using Cardholder Data Masking.

On the main floor Ground Labs along with many of our

Cardholder data discovery demos at PCI London

partners and friends including Nettitude, Veritape and YesPay were networking with the attendees, answering questions about PCI compliance and Cardholder Data Discovery whilst giving live demonstrations of Card Recon and Enterprise Recon.

The day finished off on a high note with John Elliott from Visa Europe giving an

John Elliott from Visa Europe on PCI DSS 3.0

entertaining Q&A session on PCI DSS 3.0 answering questions like Is Visa PCI DSS 3.0 Compliant? (Of course not… The standard has barely had time to breathe) through to What is the biggest impact PCI DSS 3.0 has on merchants.

John answered every question in his unique and fun manner with plenty of laugh’s being heard throughout the audience. It was clearly the most engaging presentation we have ever seen in the final time slot of PCI London and hopefully will encourage more attendees to hold back until the very end next year if we can encourage John to speak again in this format.

On a historical note, John used to be a QSA and was one of Card Recon’s greatest supporters, and provided fantastic product feedback which has helped Card Recon become the tool it is today.

The next PCI London event will be held on July 1, 2014. Please visit the PCI series event website for more information.

PCI SSC European Community Meeting Dublin – October 2012

The PCI SSC European Community Meeting was held in Dublin Ireland at RDS.

The PCI SSC European Community Meeting was held in Dublin Ireland at RDS.

Following on from the North America Community Meeting held in Orlando last month, the Ground Labs team traveled onto Dublin where the PCI council held it’s European Community Meeting at the Royal Dublin Society (RDS).

Whilst this was a smaller event compared to it’s North American counter-part, there were still over 500 attendees including a large number of QSA’s present from all parts of Europe and a small delegation from the Asia Pacific region.

Jeremy King on stage at the European Community Meeting

Jeremy King on stage at the European Community Meeting

As always the PCI council’s European Director Jeremy King lead this event and highlighted the rapid advancement of PCI Compliance across Europe including the high level of involvement from European stakeholders involved with the council.

The special guest speaker for Europe this year was Mark Gallagher of Status Grand Prix. Mark provided an interesting presentation highlighting many lessons he has learned throughout his F1 career.

Mark Gallagher of Status Grand Prix presents on how managing an F1 team is similar to a security team upholding PCI compliance.

Mark Gallagher of Status Grand Prix presents on how managing an F1 team is similar to a security team upholding PCI compliance.

Mark was able articulate how many of the challenges his team’s have faced are similar to problems we as a Payment Card Industry are challenged by on a constant basis. It was very clear by the end of the presentation that no matter whether you are responsible for securing payment cardholder data, leading an F1 team to victory or running any other type of business, the importance of sound risk management, team building, or ensuring a focus on your client’s needs are important elements to achieving success.

The agenda was similar to North America with topics covered on the Council’s current initiatives including Point-to-Point Encryption, Qualified Integrators and Resellers (QIR), and the new Payment Card Industry Professional Program (PCIP).

Also presenting on stage was Nick Percoco of Spiderlabs who provided insights into current mobile security threats. Nick provided a series of live demonstrations showing exploits in

Whilst visiting our team enjoyed seeing the city sights of Dublin

Whilst visiting our team enjoyed seeing the city sights of Dublin

Vigitrust hosted the welcome party at Cafe En Seine in Dublin

Vigitrust hosted the welcome party at Cafe En Seine in Dublin

both Apple and Android mobile operating systems. In one particular demo Nick demonstrated an Android exploit whereby the login page of popular apps such as mobile internet banking or Facebook could be overlaid with a fake login page designed to capture and transmit login information to a remote host. Ironically after contacting Google to alert them about this potential exploit, Google’s response was that it is a feature and will not be fixed! The mobile world clearly plenty of attack vectors that will continue to be exploited, particularly as the growth of smart phones and tablets is predicted to hit 2 billion devices by 2015 (that’s a little over 2 years away..)

As with many of the PCI SSC’s events there were some great party’s held at the end of each day. On day #1 (22/10), Vigitrust held a welcome after-party at Cafe En Seine in the heart of Dublin. This french-themed cafe/bar venue offered all delegates the opportunity to meet in relaxed setting over local beers and wine. On the final evening Vendorcom held a final party at the world renowned Guinness Store-House.

The Vendercom after party held at the Guinness Store-House

The Vendercom after party held at the Guinness Store-House

The Guinness Beer Making Process

The Guinness Beer making process on display at the Guinness Store-House

The night included a brief tour on the way up to the event room showing when the Guinness Brewery started and how Guinness Beer is made. And of course almost everyone was drinking the dark stuff all night and enjoying it too (as the photos will show!).

Back at the event, Ground Labs along with a strong showcase of over 30 PCI compliance vendors were present for attendees to visit over the 2 main days of the event. Other vendors present included Airtight Networks, Xypro, Alert Logic, Vormetric, Aperia Solutions, Voltage Security, Cisco, Vigitrust, Comforte, Verizon, Control Case, Veritape, Dell Secureworks, Verifone, Firehost, Trustwave, Fishnet Security, Sysnet Global Solutions, Foregenix, SSH Communications Security, IOActive, Semafone, iScanOnline, Security Metrics, Liaison Technologies, SAINT, Mako Networks, Protegrity, Pixalert, and NNT Security.

PCI SSC Europe Community Meeting - iPhone5 Winner

The happy iPhone5 Winner – Kunal Taneja from AFS

And finally, a special congratulations must go to Kunal Taneja from AFS who was the the lucky winner of our iPhone 5 prize draw. Congratulations Kunal and watch out for that new Apple maps app!

To view all the event photos please logon to Facebook page and give us the Thumbs Up on anything you liked. Direct Facebook links are shown below:

Main event photos | Vigitrust party photos | Vendorcom party photos

Alternatively the photos are also available on flickr:
Main event photos | Vigitrust party photos | Vendorcom party photos