about Meet the Council’s New Regional VP, Asia-Pacific will cowl the newest and most present steering within the area of the world. means in slowly subsequently you comprehend skillfully and accurately. will enlargement your information expertly and reliably
Welcome to our podcast collection, Espresso with the Council. I am Alicia Malone, Senior Public Relations Supervisor for the PCI Safety Requirements Council. Right now we’ll meet one of many Council’s latest workers, our Asia-Pacific Regional Vice President, Yew Kuann Cheng. Yew Kuann is predicated in Singapore and spent 15 years as Senior Director of Asia-Pacific Danger, Technique and Operations for Visa. Thanks for becoming a member of us right now, Yew Kuann, and welcome to the workforce, too.
Yew Kuan Cheng: Thanks very a lot for the introduction, Alicia. So excited to speak to you right now. Once I met you in individual in Toronto, I discussed that I am a very long time fan of your podcast and really shortly went via all of the episodes, aside from the podcast which was in Portuguese. , which I do not perceive, I’ve listened to every certainly one of your podcasts.
Alice Malone: Effectively, thanks very a lot, Yew Kuann. That is a fairly good praise and I am so glad you are a fan.
Yew Kuan Cheng: Very cool.
Alice Malone: Subsequently, his new place as regional vp for Asia-Pacific can also be a brand new place on the PCI Safety Requirements Council. Inform us a bit about what this new position is and what you had been employed to do.
Yew Kuan Cheng: Cool. Effectively, I feel I’ve the perfect job. And actually that is as a result of I receives a commission to have interaction with stakeholders throughout the funds ecosystem to speak about my favourite matters: information safety, funds, and danger administration. So, to reply your query, my position on the Council is to enhance fee account information safety by elevating consciousness of what we do on the Council, in addition to the entire varied PCI safety requirements that we develop. And likewise, all of the help providers that we have now accessible to everybody.
And as you understand, Alicia, it is a actually thrilling time within the funds ecosystem with information safety within the information nearly day by day. And I feel, you understand, what’s actually thrilling for me about this new position is that I get to share the newest developments from one viewpoint, and in addition the perfect practices that I’ve realized from all of the stakeholders, so everybody can play their position and shield our funds ecosystem.
Alice Malone: His expertise is in funds with a protracted keep in Visa. Are you able to describe his profession path on this business and the way it led him to PCI SSC?
Yew Kuan Cheng: Proper. Effectively, you are proper. I’ve been working for a very long time. On a regular basis I’ve labored, 22 years I counted, for varied organizations in Singapore, primarily specializing in funds, danger administration and cybersecurity. And as you talked about, an enormous a part of this, 15 lengthy years, was spent on Visa’s Asia-Pacific danger administration workforce, primarily based in Singapore.
And fortuitously, with very understanding bosses, these 15 years weren’t spent doing the identical factor, had been they? I’ve had the chance to be uncovered to a large space of danger administration actions, most lately taking over a job as a Danger Account Government for a number of the largest and most dynamic acquirers in Asia-Pacific.
So, along with guiding these acquirers and their retailers via varied risk-related points, a few of which included PCI DSS compliance points, I used to move the IT safety workforce at one of many Fintechs. So, I went via the PCI DSS compliance aspect, and I additionally went via being an entity that was assessed for PCI DSS.
Alice Malone: What sort of developments are you seeing within the funds business within the Asia-Pacific area? What are the alternatives and what are the threats to the safety of funds there?
Yew Kuan Cheng: Yeah, so, I assume anybody who’s truly following any outlet, whether or not it is social or mainstream, will already discover the common protection of knowledge compromises, ransomware, that is occurring all around the world. And any good fraud or danger administration skilled would let you know that there actually isn’t any such factor as a silver bullet. He cannot simply implement an answer and hope the issue will go away.
However in the long run, I actually consider that with any good multi-layered technique, probably the most vital layer is securing the crown jewels, proper? And that is what PCI SSC intends to do, proper? To safe fee information. And that is accomplished via varied requirements; are well-known by PCI DSS and the assorted necessities assist shield fee information.
And one factor I’ve realized since becoming a member of the Council is how concerned the group was in creating these requirements. And so they’re not likely developed by only a group of individuals on the Council in isolation, are they? So one factor that I actually hope to attain is to get extra stakeholders from Asia-Pacific concerned in order that they will take part and in addition information the event and upkeep of safety requirements.
I feel on the finish of the day, it is actually as much as organizations to embed safety practices into their operations. As I advised one of many largest retailers in Asia-Pacific, you may’t actually begin budgeting to guard his information after his firm hits the headlines for the mistaken cause, okay?
And this jogged my memory of one of many panel discussions that I attended remotely for the European Neighborhood Assembly the place Tracey Lengthy, she’s the Vice President of Council Applications, and one of many statistics that she cited actually known as me the eye, proper? And within the pie chart that she confirmed, she highlighted that fifty% of knowledge breaches had been attributed to flaws, particularly PCI DSS requirement six. And in case you have not memorized all your twelve necessities, Alice, it’s: “Develop and preserve safe techniques and purposes.” And in the identical dialogue that Tracey led, one of many PFIs, PCI’s forensic investigators, I famous his title was Chris Hague and he is from Foregenix, the technical providers division head, and he mentioned one of many causes, once you investigated a few of these information breaches had been because of techniques not being patched, proper?
So usually when techniques are rolled out, identical to we have now to patch and replace our iPhones often, our iPads often, and our tablets often, software program techniques must be up to date often as nicely, proper? So this was one of many causes that he attributed for inflicting this huge proportion of knowledge breaches, simply due to this requirement.
Alice Malone: These are all superb factors, and I am very glad you raised all these points. I feel these are legitimate factors around the globe. Why is it vital for PCI SSC to have devoted illustration, in a job like yours, within the Asia-Pacific area?
Yew Kuan Cheng: Proper. Effectively, in my earlier position at Visa I had the chance to help danger groups in varied markets — the monetary establishments in these markets. And one thing that I’ve all the time been reminded of is that every market is totally different, some greater than others in their very own complexities. So to have somebody who appreciates these variations and complexities, I feel it actually permits me to grasp the challenges which can be confronted by varied stakeholders inside Asia-Pacific.
And naturally having somebody within the time zone would enable for a faster response. However having mentioned that, you understand, if somebody plans to ask actually technical questions on their HSMs, or how they will encrypt their cryptographic key, they might must ask our subject material consultants within the different markets for assist.
Alice Malone: What are you most wanting ahead to on this new position?
Yew Kuan Cheng: Effectively, I feel that since I joined one thing that I actually get pleasure from is getting collectively once more with colleagues and buddies, a few of whom I’ve recognized for a lot of, a few years, and once more, to speak in regards to the favourite matters that I discussed earlier: information safety, funds and danger administration.
But in addition, I feel this new position has launched me to numerous new buddies within the business and I actually love assembly new individuals and having the chance to discover alternatives to assist them shield fee information of their setting, and the way the Council may help. from the viewpoint of a safety commonplace.
Alice Malone: So, the PCI SSC Asia-Pacific Discussion board is in simply a few days. This shall be a web-based occasion on November 16. Are you able to inform us in regards to the significance of the Discussion board and what you hope attendees take away from it?
Yew Kuan Cheng: Proper. Effectively, PCI SSC is a group, and the AP Discussion board is certainly one of many occasions that the Council organizes to have interaction the assorted stakeholders in order that we shield the ecosystem collectively. Will probably be on-line, as talked about, given the totally different phases of the COVID restoration on this a part of the world, though lots of the key markets in Japan have since opened. And for all of the listeners of this podcast, please take into account registering for the occasion, as I consider there shall be numerous helpful data shared, together with the highest questions raised for PCI DSS v4.0; There was numerous curiosity in cellular funds and we have now one other acronym we will pronounce: MPoC (Cell Funds on COTS); and the assorted methods to collaborate with the Council.
There may also be deep dives into two key markets in Asia-Pacific: specifically India and Japan. And, should you’re , you may join simply by going to the PCI SSC web site and the menu on the prime, simply go to Occasions and join. It is extremely easy. And most significantly for individuals in Asia-Pacific, should you get pleasure from this work, the occasion is free this 12 months.
Alice Malone: And that’s nice information. So Yew Kuann, outdoors of your day job, inform us a bit about your self. What sorts of issues are you keen about? What would you want others to learn about you?
Yew Kuan Cheng: Proper. Effectively, I’m a really hands-on father, I’m very proud to say, of two very full of life youngsters, who all the time preserve me very busy. And since I used to be raised by a single mother, I am nonetheless figuring issues out as I’m going alongside, however I assume once they had been youthful, I might change their diapers at nighttime. In any case, I used to be educated by the Singapore Military to go on night time fight missions.
However apart from my kids, I’m additionally the guardian of two canines that had been rescued. And this additionally forces me to take very common walks day by day and that is the place I hearken to your podcast, Alicia.
Alice Malone: That’s wonderful! And I really like your remark about your night time fight missions. That is nice.
Yew Kuan Cheng: It looks like that.
Alice Malone: it actually does
Alice Malone: And naturally, I might be remiss if I did not ask you the way you drink your espresso! Or, should you’re not a espresso drinker, what would you favor as an alternative?
Yew Kuan Cheng: Proper. Effectively, once you go to Singapore, I’ve to introduce you to our regionally brewed espresso. It’s toasted with totally different beans. The beans are known as Robusta beans, that are stronger and extra bitter. That is totally different than what Starbucks makes use of, that are arabica espresso beans.
I feel what could be attention-grabbing for you once you lastly persuade him to return to Singapore, is to make use of the key phrases to order your espresso. So, for instance, in any of the espresso outlets you enter in Singapore, you may order a cup of espresso with out milk and with out sugar, just by giving the code title, Kopi O kosong, which is a dialect to say that you really want black espresso. and also you need it empty, which implies it is sugar-free.
Alice Malone: I really like this. And I undoubtedly need to go to you in Singapore. This sounds wonderful.
Yew Kuan Cheng: Very cool.
Alice Malone: Effectively, thanks very a lot for becoming a member of us on Espresso with the Council. It has been a pleasure assembly you and I stay up for working with you on the Council.
Yew Kuan Cheng: Thanks very a lot Alice. It’s totally good speaking to you.
Do you want what you’ve heard? Subscribe to the PCI SSC “Espresso with Council” podcast by visiting any of the next platforms: Spotify, Anchor, Pocket Casts, or Google Podcasts. The podcast may also be accessible quickly on Apple Podcasts and RadioPublic.
I hope the article kind of Meet the Council’s New Regional VP, Asia-Pacific provides notion to you and is beneficial for toting as much as your information
Meet the Council’s New Regional VP, Asia-Pacific