Payment Security Conference 2019, 18th-19th June 2019, Celtic Manor Resort, Newport

The Payment Security Conference is the premier event for everyone involved in protecting credit and debit card data within higher education institutions.

Security is consistently rated by students and parents as the most important aspect when making a payment to a university, as identified by the 2019 YouGov survey conducted on behalf of WPM Education. A data breach could have far reaching reputational and financial consequences.

This unique two-day event focuses on payment security within the higher education sector, addressing the human and technological aspects of achieving and maintaining compliance, as well as well as the importance of embedding an organisational wide security culture.

WPM PSC 2019 Statistics

Who Should Attend?


Payment Security

PCI DSS applies anywhere within your institution where debit and credit cards are available as a payment method. Therefore, ensuring PCI DSS compliance within a transactional environment is a key component which an institution needs to get right. The event looks to provide both an introduction and insight into the risks and best practice associated with taking card payments in a compliant way – both online and offline.


PCI DSS applies anywhere within your institution where debit and credit cards are available as a payment method. Ensuring that your institution’s networks and systems are protected is a key component which an institution needs to get right. Without this protection, PCI DSS compliance is unachievable; therefore it’s important that institutions have suitable representatives from these areas.

Responsible for PCI DSS Compliance

If you work for a higher education institution and are responsible for PCI DSS compliance, this is the one event that should be in your calendar. The conference is the premier payment security event for the HE sector, with a particular focus on attaining and maintaining PCI DSS compliance.

Whether you are completely new to PCI DSS or already compliant, the content covered will be extremely relevant to the start, or indeed continuation, of your compliance journey. If you are not yet a member of the PCI DSS SIG you will still greatly benefit from the depth and breadth of detail which is shared by SIG members and external speakers. Get in touch with Sarah Christopher if you would like to discuss the benefits of joining the SIG and working together to address the specific challenges the sector faces around achieving and maintaining compliance.

PCI DSS SIG Members & Internal Security Assessors (ISAs)

The conference is the premier event for the HE sector for payment security, with a particular focus on attaining and maintain PCI DSS compliance. The Payment Security Conference is the culmination of the SIG’s year, and the content is driven by member’s needs and requirements identified over the year. This is your annual opportunity to network with, and learn from, your peers within the SIG.

Network/Application Security

Your role may be at the periphery of payment processes, but is essential in ensuring that your institution’s networks and systems are protected. Without this protection PCI DSS compliance is unachievable. Therefore it’s important that institutions have suitable representatives from these more specialised areas, so you can gain a high level appreciation of the intent of PCI DSS, ensuring all parties involved share an understanding of the end goals.

Benefits of Attendance

Gain Industry Insight

Get best practices and insights from industry leaders and convert them into powerful, actionable strategies.


Meet key players in the industry - to support you on your compliance journey.

Connect & Collaborate

Network and share ideas with your industry peers.

Personal Development

Choose from over 25 inspiring breakout sessions and hear case studies and expert panel discussions to build your knowledge.

CPD Certified

CPD Contribution

As well as providing excellent insight the conference also contributes to your CPD compliance requirements.


Time Payment Security Conference Day 1
08:00-09:00 Registration and Networking Refreshments
09:00-09:30 Welcome Remarks Holger Bollmann, Director, WPM Education
09:30-10:15 Maintaining Payment Security in Ever Changing Times Jeremy King, International Director - Europe, PCI Security Standards Council
10:15-10:45 Keynote Session David Teague, Regional Manager Wales, ICO
10:45-11:15 Morning Break
11:15-11:45 Living in the Criminal World Del Pillar, Consultant, Mastercard
11:45-12:45 Security in the 21st Century: Weaponizing Information, Influence, and Money Jason Thomas, Director, Thomson Reuters Special Services
12:45-13:45 Networking Lunch
13:45-14:30 The Zen Of PCI: How to Maintain PCI DSS Compliance Without Losing Your Mind Peggy Nolan, PCI ISA, PCIP, CISA, Principal IT Compliance Analyst, Liberty Mutual Group
14:30-15:00 Embedding a Security Culture Into Your Organisation Bruce Rodger, Head of Infrastructure, University of Strathclyde
15:00-15:30 Afternoon Break
15:30-16:30 Panel Discussion
16:30-17:30 Closing Keynote: Real Cases of Social Engineering: Hackers, Insiders and Competitors Lisa Forte, Partner, Red Goat Cyber Security
18:45-19:30 Pre-Dinner Drinks
19:30-23:00 Dinner and Entertainment
Time Payment Security Conference Day 2
08:00-09:00 Registration and Networking. Exhibition Opens.
Payment Security - People Payment Security - Technology Experts Exchange
09:00-9:40 The Personal Side to Security Stacy Hughes, SVP IT Governance, Risk & Compliance, Global Payments IT for Non-IT Professionals Robbie Walker, Security Architect, University of Portsmouth The American Express Experience  
09:45-10:25 Utilising Your Project Manager To Get The Most Out Of Your PCI Project Damon Strange, IT Project Manager, University of Oxford VoIP and PCI David Jenkins, Managing Director, Foregenix Slicing the Orange; 9 Factors of Control Effectiveness and Sustainability Ronald Tosto, Global PCI Lead, Verizon
10:30-11:15 Case Study: Dream to Reality - Achieving PCI DSS Compliance at Lancaster University Helen Edge, Team Leader, Banking Systems and International Teaching Partnership Income, Lancaster University PCI? Aye Captain! When Payments Take a Cruise... Hacking Maritime, IoT and PCI DSS Nigel Hearne, Senior Consultant, Pen Test Partners Student Data Security & PCI Compliance Headaches? We can help you with it all Ian Butler, Head of EU Security and Customer Servicing Products, Elavon
11:15-11:45 Morning Break
Payment Security - People Payment Security - Technology Experts Exchange
11:45-12:25 Transition to BAU, Life Beyond PCI Megan Baldwin, IT Security Analyst GDPR Workshop ICO How a Program of Vulnerability Scanning and Penetration Testing Supports PCI DSS Compliance David Batho, Senior Security Specialist, JISC
12:30-13:15 Counter Fraud Update David Clarke, Chairman, Fraud Advisory Panel P2PE An Acquirers Perspective Daniel Marsh, Payment Industry Consultant, Global Payments Barclaycard (Title TBC)
13:15-14:15 Networking Lunch
Payment Security - People Payment Security - Technology Experts Exchange
14:15-14:55 Hackers first day at work...and all the door are open? Neil Favager, Information Governance Manager, University of Leeds Follow the Money: Scoping, Cardholder Data Discovery and CDE Matt Ball, Chairman PCI DSS SIG QSA Round Table  
15:00-15:40 Crisis Management - Testing an IR Plan Mike Vale, University of Manchester Descoping and Simplifying the Environment Dave Neild, IT Security Analyst, University of Leeds
15:45-16:30 Shopping on The Dark Web... Simon Mander, Principal Consultant, WPM Education    
16:30 CLOSE

2019 Exhibitors

PCI Security Standards Council
Global Payments
American Express
Fraud Advisory Panel
IT Governance
Pen Test Partners

Previous Event Highlights

“Imperative if you want your institution to respond to the changing environment of payments. I feel equipped, tooled up and inspired!”

“Informative, educational, thought-provoking and was a great opportunity to share experiences and best practice with colleagues.”

Register Now

The event is free to attend, with residential accommodation being subsidised to maximise the accessibility to all institutions.