Compliance Unfiltered is TCT’s tell-it-like-it is podcast, dedicated to making compliance suck less. It’s a fresh, raw, uncut alternative for anyone who needs honest, reliable, compliance expertise with a sprinkling of personality.
Show Notes: PCI Community Meeting Season is Upon Us!
Quick Take
On this episode of Compliance Unfiltered, The CU guys have a special announcement regarding the upcoming PCI-DSS Community Meetings: Tune in to find out!
Remember to follow us on LinkedIn and Twitter!
Read Transcript
So let’s face it, managing compliance sucks. It’s complicated, it’s so hard to keep organized, and it requires a ton of expertise in order to survive the entire process. Welcome to Compliance Unfiltered, a podcast dedicated to making compliance suck less. Now, here’s your host, Todd Coshow, with Adam Goslin.
Well, welcome in another edition of Compliance Unfiltered. I’m Todd Coshow, alongside a man you could consider the hollandaise to your compliance benedict. Mr. Adam Gosselin, how the heck are you, sir? I’m doing great, Todd. How about yourself? Man, I can’t complain at all. Word has it that you’ve got an invite for the listeners on this fine day. Yes, sir. So we are really excited to announce to the listeners that TCT will be heading back to PCI North America community meeting, and this year we’re adding Europe into the mix. So we’ve been going to the North American event for years. Europe is one more, the Europe edition adds one more reason to celebrate the work that TCT does to make compliance management suck less for companies everywhere. So we had a ton of fun last year at the PCI conference. It was really, really cool. I’m looking forward to this year’s events. It was really cool because we were able to… It’s neat when we get to the community meeting, we know and work with so many people in the PCI compliance space, that it’s nice to be able to put, it’s kind of like a gathering spot, right, where people that we normally don’t see all year long, we’re actually able to see face-to-face.
So there’s people we work with, you know, kind of on a daily basis, you know, type of thing, and it’s just nice to put faces to voices, you know, meet people, all that fun stuff, you know, and the reality is that we will end up, you know, we’ll end up being able to meet, you know, not only meet folks that we know, but the cooler part is to, you know, kind of spread the word, if you will. Talk to people, you know, meet new friends, you know, talk to people about their challenges and their problems and, you know, tell them a little bit more about how we do what we do. know, things along those lines.
So, excuse me. Go ahead. No worries. Yeah, no, I was gonna say, you know, the PCI spaces is, is such a unique one. And the folks who work within it have kind of a fraternal bond, for lack of a better term, because they understand what it’s like to go through the river in order to obtain PCI or to assess PCI. And so it’s something where to get together in a place where, you know, other people feel just as readily and as regularly as you do. I don’t know. It’s, it’s something that, you know, having been to, to trade shows for my entire career, I had never experienced the, the type of, of community, for lack of a term that we experienced at the PCI community meeting in Toronto last year. Yeah, you know, you know, what’s neat about the PCI space is that PCI is one of the arenas that was kind of a we’ll call it a far earlier across the board adopter of the notion of the need and the importance to maintain your security and compliance. You know, there’s you know, as an industry, if you will, it lets set aside the notion of, you know, kind of, you know, government entities and things along those lines, because that’s its own, its own sect that, you know, that has always, you know, had an eye toward, you know, toward bad actors, etc. But the PCI space is the one where as an industry, they started taking this stuff far more seriously. And that, to me, that’s one of the biggest differentiators for the PCI conference versus all the other conference. that I go to the it’s. it’s almost like the tone or the tenor of the participants is different and Yeah, because of the fact that Everybody is like we, we need to do this and it’s important, you know, and they get it, you know I almost feel like it’s some of the other some of the other conferences that I’ve been to You almost feel like you’re trying to you know, you’re trying to drag people into the light You know what I mean? You’re, you’re trying to get them to see the light, you know and, and. and, and it’s more it’s, it’s like you’re. you’re trying to educate them in the right direction type of thing where you know when you’re just starting the conversation out off of the bar of Hey, you know, we all we all need to do this and you know, and we’re all in together whatever it’s a bunch of people with a different mindset and so It’s a really big opportunity for TCT to be able to sit and talk with and see, you know, new friends, you know, of all walks of life, but also existing clients, existing partners, existing vendors, you know, and seeing them face to face between the, you know, between the various attendees is, is, you know, one of the reasons that, you know, I really love getting out there each year, you know, and, you know, I’m also, you know, interested, you know, in, you know, in being able to share, you know, what TCT is, is going to be able to kind of bring, bring to the table for, for folks going to the conference this year.
Well, that’s a great segue, Adam, what can participants expect at the North American PCI conference this year? Well, if you’re going to the, to the North American PCI conference, which, by the way, I don’t think we’ve mentioned it yet, but the North American conference will be in Portland, Oregon. And so, you know, certainly, if folks are going to the, to the North American conference, then come on, stop by the booth, we’ll have a booth there. Come by and say hi. You know, I’ll be there, you know, at the, at the booth, as well as you, you know, being there, your, your TCT has had a business development, as well as Jon Dotson, our Head of Product, product will be there as well. So, you know, it’s, it’s going to be, it’s going to be a really cool capability, you know, for folks to be able to come in and basically talk to people at, you know, kind of all factions levels of the, you know, of the organization, you know, and whatnot, we can come by, ask us questions about PCI, we can, you know, tell you neat, neat stuff about the TCT portal. We’re going to have product demos at the booth. We’ll have some cool giveaway items. I know I still have some leftovers from last year. But last year, we had the mantra, we usually have like a mantra for the conference, and then some associative giveaway. So last year was get your shit together for PCI DSS40, and we had a dog. poop bags, branded TCT dog poop bag holders with poop bags inside to give away to people. So that was kind of fun. People seem to, people seem to enjoy our quirky sense of humor. You know, it ends up working out well, you want to know the best part was about the about it for me last year. I legit I wasn’t I wasn’t sure as we walked into last year, I’m like, I’m always been pretty edgy.
And I wasn’t sure if get your shit together was going to fly. And the, the freakin best part, the best part about last year, was we had members of the PCI council that were coming by. by our booth, taking selfies in front of the backdrop of our booth, and just laughing away and tell us how much they loved it and you know, and all that fun stuff. And that was just when I when I see that happening, I’m like, yes, yes, we do this is good. You know, because I mean, I’ve always been always been pretty blunt, pretty direct and not, not exactly a beat around the bush type of guy. So, so yeah, it’s kind of fun to, to allow a little bit of my edginess to, to eke out. Yeah, the more fun. Excuse me, the more fun part for the listeners is that I’ve literally been trying like hell, for years to you know, get the you know, the internal crew at TCT to start releasing the reins and letting me kind of, you know, get a little edgier with things and whatnot. And, and we’ve slowly been meandering in that direction. And last year was the was the first year that they really kind of let me have at it. And I was overjoyed to see the kind of the reception that we you know, that we ended up getting last year.
I’m going to I’m going to take a moment let you let you grab the reins. I got to grab a little bit of water here. No worries. No, I the reception was, was very cool. What’s interesting again, about the about the PCI spaces, is a lot of the times, you know, the. the, the QSAs and the ISAs, you know, those guys, you know, they go in ladies, they go head down, hard into paint for the majority of the year doing thankless work. And the communication that they get from a lot of folks in the space, you know, they’re usually talking to them about things that they need to do better. And so it’s not always the best type, the best, you know, type of relationship. And so to be able to kind of see some of those folks open up at the community meeting is really, really cool, because it I don’t know, man, it’s something that is truly unique in the space. Yeah. So I go I was just going to say that, you know, it’s fun for me because I cut my teeth on PCI in the PCI world and it’s been close to my heart ever since, you know, and it’s, it’s always a good time we get out there we get to look kind of, we live and breathe PCI. And so getting out there with a whole bunch of other people that live and breathe it too. You know, it’s, you know, it’s really energizing and rewarding to have conversations with them. You know, it’s, it’s nice to have, you know, have that opportunity to share our love of making compliance management suck less for sure.
Indeed. Now, sound the listeners more about our tech demo. Well, I’m honestly I’m really honored to announce that TCT has been selected again to be a tech demo speaker. We’ve been actually selected for both the US and for the Europe conference. We’ll talk a little bit more about Europe in a minute. But for those that don’t know, as part of so they’ve got at the at the PCI conference, they’ve got, you know, kind of talk tracks for topics that are related to the folks in PCI. They usually are running two different rooms of these talk tracks with various speaking points, etc. And then they also have what they call tech demos, where, you know, effectively the intent is for organizations that are selected to share information about technology in the, you know, kind of in the PCI space. And so the tech demos are 20 minutes of that include some Q and a software demos and thought leadership on, you know, kind of trending issues related to PCI. So, you know, we have this year. we’re going to do a live walk-through of the TCT portal, including some features and functions that will help make PCI 4.0 easier to manage. We’ll be doing that. We’ll also be covering some of the latest features. We’ve got a new functional release that’s going to be coming out near the end of August. PCI has released some new functionality. We’ll talk about that in a future episode. But they’ve got some features and functions coming that were literally just released weeks ago that we have moved quickly to get integrated into our release. TCT typically moves very quickly and efficiently with… putting in functionality that we know the users are going to be clamoring for, this latest functionality in one of them. So this year’s tech demo topic, we’re going to cover in the tech demo an approach or methodology for streamlining complex compliance engagements. So showcasing some of the new capabilities for four, as well as the ability to manage effectively PCI certification, along with other certifications. You know, as a friendly reminder for those that may not already know, you know, TCT, yep, we’ve got every flavor of PCI, but we also have, I think we’ve got to be north of about 150 other, you know, 150 total different certifications. So SOCs and the HIPAAS, ISOs, and NISTS and so that’s why we named the company total compliance tracking. So for a lot of organizations, PCI is one of many certifications that they need to be compliant with.
And so for any organization doing business today, it’s almost a certainty that they’re going to need to layer in a second certification at some point in the game. So, and in many cases, it’s two, three, four, five. I mean, I’ve got clients that are simultaneously doing north of six. So it just depends on what you’re doing, what your and your client’s needs are, what industry you’re in, etc. But, you know, we’ve got a ton of different, different flexibility options and capability options that we can bring to the table. So, you know, with, when you’ve got that many certifications, there’s a lot of crossover and redundancy, which basically just drags down your efficiency. And, but that’s really where TCT shines is that you can allow the system to do the work for you. you know, and we’ll be showing the participants how easy it can be to go ahead and run an engagement with multiple certifications. But, you know, I’ve said it a couple of times today. I say it a fair amount in general, and I’ll keep saying it. You know, make no mistake, you know, managing compliance sucks. You know, I actually had an entertaining conversation as we were going through our demo materials for last year. Some of the folks were, as they were doing the reviews in advance of us doing the demos, we’re concerned about our positioning of managing compliance sucks. I’m like, look, make no mistake. I freaking love compliance. Love it. But managing it, that sucks. I don’t know what to tell you. There’s no way around it. for anybody that’s ever done it. I know the listeners, they were like, they get it. They’ve been in the way of, they swam these waters. They’ve lived this hell. They’re all chuckling because they know it’s the spot on fricking truth, but it does. It sucks. So the driving purpose for TCT is, has will be helping people. I love helping people. So I want to help them not have to deal with the complexity of managing all these compliance engagements and through the use of automation and organization, a company can see levels of efficiency that they’d never dream of attaining. And to be able to experience that by coming and seeing the tech demo and kind of seeing what we’re about, most certainly lots of opportunity to share our love of compliance and love of BCI for sure. Indeed, so speaking about opportunity, let’s chat about the PCI conference in Europe, more specifically Dublin Ireland this year.
Oh yeah, this is gonna be a good time. So last year, last year when we were doing the North American conference, we were in the midst of getting a bunch of organizations that were pressing us to have an instance that was in Europe, specifically to facilitate GDPR requirements for storage of data in Europe, etc. And so actually in after the North American conference in Q4 of 22, we stood up an instance in Europe. And it was at about the same time as we were rounding out last year’s North American conference in Toronto that I said, you know what, let’s go ahead and move on the European instance and let’s go ahead and let’s go ahead and attend the EU conference in Dublin this upcoming year. So that’s going to be freaking awesome. So I can’t even tell you how excited I am for that. Number one, I’ve never been to Ireland, always wanted to go. So that’s gonna be cool in and of itself. But more importantly, you know, we’re gonna be able to, you know, take our first opportunity to go and see fresh faces and new people that we’ve never had the opportunity to talk to that. The opportunity is far greater over in Europe, just because we’ve never been there. And be a part of what I’m excited about. And I articulated this to you when, you know, when you and I started doing our thing together, that when my wife and I went to our first PCI conference where we had a booth, it was freaking great because nobody knew who the heck we were. They never even heard of us. And like our booth, no joke, Todd, we got mobbed, straight mobbed at the booth. My wife’s been doing managing events for probably north of two decades for a company that she worked for. She said she’d never seen anything like it as to how much traffic we ended up getting at that very first North American, you know, North American meeting. And so that’s gonna be part of the reason why I’m excited to, you know, go out and get that first opportunity to meet with, you know, I know we’ve got clients, actually we’ve got clients and, you know, across six continents at this point in the game, we need somebody. Hey, if anybody out there knows of a company that needs compliance help and they’re in Antarctica, please, yes, please tell them to come and hit me. I’d love to be able to put on the website, we’ve got seven continents, but Antarctica is gonna be a, that’s gonna be a tough one. We actually spent a minute going and looking at which company’s finger air quotes were in Antarctica to see if we can trail one down. But yeah, if you guys got an in, by all means, give us an intro because I’d love to round that one out and make it seven. But no, the, it’s gonna be fun because we really… meet new people, meet new partners, meet new clients, you know, and most importantly to me is just getting out there and sharing our love for efficient compliance management with a whole brand new group of people.
You know, we’ll have a booth in Europe. I said earlier, we’ll be doing the tech demo over there as well, you know, and all that fun stuff. So, you know, for sure, it’s gonna be a ton of fun with giveaways and events that we’ll have going on while we’re at the conference.
It’s gonna be cool. And the other kind of reminder for the listeners keep an eye on the TCT blog in the coming weeks, we will be going through a bunch of general security topics as well as some PCI specific topics as we’re kind of marching toward the community meetings.
So good idea to keep an eyeball on the blog. And of course, if you’re a regular listener, then we’ll have some fun stuff here on Compliance Unfiltered as well.
Absolutely. Parting shots and thoughts for the folks this week. Well, again, if you have the capability to come out to the PCI conference, either North America or in Europe, please, please, please, please come by and see us at the booth, see us at the tech demo, see us at one of the evening events, or I’m gonna call it a wild hunch. You’ll probably be able to locate us in some bar definitively in Dublin. I have a feeling I’ll be at more than one. So yeah, come out and see us there. But no, it’s just, it’s a great time. I can’t even, if the listeners can’t tell, I’m super excited about being able to get back to these conferences. They’re always just an absolute ton of fun. So we’re really looking forward to being able to see people. And honestly, one of the things I was thinking about, Todd, is I was kind of wrapping this out. One of the other fun things from last year is that we had several people that came up to the booth. And it was kind of weird because we do this podcast. I forget what absolute episode we’re on at this point in the game. It’s not a small handful, but I think we’re north of 90 episodes. Yeah, we’re right in that range. I think this one officially coming out is. episode 88 so we’re right in there but yeah it’s we’re fastly approaching 100 yeah so yeah I think but bottom line is that we have people coming by the booth and they were saying they were saying that they’re like oh it is you just say something just, just say something you know I’m like okay hi I listen to your Compliance Unfiltered this is so cool to be able to put the face of the voice and, and it’s just it’s just awesome it’s awesome it’s nice being able to get out there you know talk to cool people and have a great time indeed and that right there that’s the good stuff Well,
that’s all the time we have for this episode of Compliance Unfiltered. I’m Todd Coshow. And I’m Adam Goslin. Hope we help to get you fired up to make your compliance suck less.
