• Skip to primary navigation
  • Skip to main content
  • Skip to footer
ControlCase No Tag LOGO md

ControlCase

IT Certifications, Continuous Compliance and Cybersecurity Services Provider

  • Company
    • About Us
    • Careers
    • Locations
    • Team
  • Industries
    • Business Process Outsourcing
    • Cloud Service Providers
    • Retail
    • Telecom | Entertainment
    • Managed Service Providers
  • Certifications
    • PCI DSS Certification
    • CSA STAR Certification
    • GDPR Assessment
    • HIPAA Assessment
    • HITRUST Certification
    • ISO 27001 Certification
    • FedRAMP 3PAO Services and NIST 800-53
    • CMMC Certification
    • MARS-E Assessment
    • PCI SSF
    • P2PE Certification
    • SOC2 Report
  • Solutions
    • Continuous Compliance Solution
    • One Audit
    • Card Data Discovery Software
    • Data Security Rating
  • Testing
    • Application Reviews
    • Application Security Training
    • Code Reviews
    • Card Data Discovery
    • External Vulnerability Scans
    • Firewall Security Reviews
    • Internal Vulnerability Scans
    • Log Monitoring
    • Penetration Testing
  • Resources
    • Events
    • News
    • Webinars
    • Courses
    • Blog
    • Tools
    • Become a Partner
  • Contact Us
  • English

ControlCase collaborates with Industry Experts to Educate Organizations on Achieving Compliance through Security

You are here: Home / News / ControlCase collaborates with Industry Experts to Educate Organizations on Achieving Compliance through Security

CC_Conference_US_2015-300x225

A key highlight was an open discussion with PCI SSC and MasterCard on how organizations can gain more value by focusing on overall security rather than on just achieving compliance.

ControlCase, a leading global provider of Compliance as a Service (CaaS), Certifications, and IT Governance, Risk and Compliance (GRC) software recently held its Annual User Group Conference at the Hard Rock Hotel Universal in Orlando, Florida, USA. This year’s event focused on knowledge sharing and included a series of panel discussions covering the different components required to achieve compliance and maintain security.

The event attracted professionals working in the areas of IT Governance, Risk and Compliance from banks, merchants and service providers around the world. Session panelists included senior executives from ControlCase, the PCI Council, MasterCard and WorldPay.

A key highlight of the conference was an open discussion facilitated by Kishor Vaswani, CEO – ControlCase; Adam Sommer, Vice President for MasterCard Enterprise Security Solutions and Jeff Wilder, Standards Trainer – PCI Security Standards Council (PCI SSC). This discussion focused on how organizations can gain more value by focusing on overall security rather than on just achieving compliance. The session referenced many of the requirements in regulations, including PCI, ISO 270001/2, HIPAA and SOC 1/2/3.

“Organizations must focus on being secure as an overall corporate strategy and look to compliance as a means to accomplishing that goal. If a company is secure, it is also likely to be compliant with any compliance framework, but being compliant does not necessarily mean a company is secure” said Jeff Wilder, PCI SSC. Wilder went on to reference notable industry breaches and reiterated that the breached organizations were likely compliant with some regulation but obviously not secure.

ControlCase has assembled an exciting series of speakers from a variety of organizations, including the PCI Security Standards Council. The conference programs will feature sessions on the following topics:

Sommer provided insight on emerging payments security and highlighted the key challenges and benefits of EMV, tokenization and point-to-point encryption or P2PE. Key benefits include:

EMV – EMV has the ability to generate a dynamic card authentication value which, if stolen, cannot be used to create counterfeit cards.
TOKENIZATION – Tokens replace valuable information (such as PAN) with surrogate values that, if compromised, reduce the impact of subsequent fraud.
POINT TO POINT ENCRYPTION (P2PE) – P2PE protects sensitive PAN data “in transit” but renders it unusable across all channels if stolen.

“ControlCase events, such as the Annual User Group Conference, provide a platform for organizations to share best practices for making security a key part of overall business planning and a main focus in the education and training of staff,” said Kishor Vaswani, CEO of ControlCase. “Exchanging valuable knowledge on security and compliance is a real passion for us at ControlCase. We look forward to expanding these interactive events and helping security professionals increase value to their organizations.”

The Key Takeaways from the Annual User Group Conference in Orlando included:

  • Confirm your organization has processes in place to ensure that implemented controls are effective.
  • The drivers of your security program must be able to evaluate risk the efficiency of the controls to ensure that any residual risk is within an acceptable limit.
  • Your assessors should not be the ones to tell you that issues exist. A vulnerability scan should be used to confirm that your vulnerability identification and remediation program is effectively working.

About ControlCase

ControlCase is a global provider of Compliance as a Service (CaaS), Enterprise Software and Services. Our offerings enable clients to effectively manage their IT Governance, Risk Management and Compliance Management (IT GRCM or GRC) efforts.
Headquartered in the United States, with locations in North America, Europe, Asia Pacific and the Middle East, ControlCase focuses on providing and developing services, software products, hardware appliances and managed solutions that focus on compliance regulations and standards; including PCI DSS, SOC1, SOC2, SSAE16, PIPEDA, ISO 27001/2, FERC/NERC, Sarbanes Oxley (SOX), GLBA, HIPAA/HITRUST, CoBIT, and BITS FISAP SIG/AUP.

For more information, please visit the company website at www.controlcase.com

 


  • Facebook
  • LinkedIn
  • Twitter
  • YouTube

Footer

Connect

Corporate Headquarters
3975 FAIR RIDGE DR STE T25S-D
FAIRFAX, VA 22033

Send us a message

Call Us

Search

About Us

ControlCase is a United States based company, headquartered in Fairfax, Virginia with locations in North America, Europe, Latin America, Asia/Pacific, Australia and the Middle East to serve our clients globally.

Quick Links

  • Company
  • Careers
  • Locations
  • Covid-19 Notice

Certifications, Assessments and Reports

  • PCI DSS Certification
  • CSA STAR Certification
  • GDPR Assessment
  • HIPAA Assessment
  • HITRUST Certification
  • ISO 27001 Certification
  • FedRAMP and 3PAO Services
  • MARS-E Assessment
  • PCI SSF
  • P2PE Certification
  • SOC2 Report

© ControlCase LLC 2025 | Privacy Policy | Impartiality Statement | Legal Notices

  • English
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}