Saumya Vishnoi is an information security professional with about 6 years of experience, currently working at Freecharge. The document emphasizes the importance of compliance in security, particularly regarding PCI DSS and RBI PSS regulations, and advises organizations to verify the security policies of third-party providers. It warns against blindly trusting compliant services, urging regular audits and assessments for security assurance.

1. By
Saumya Vishnoi

2.  Currently working in FreeCharge Information Security team
 Information Security profession – about 6 years of experience
 Ex- PCI QSA
 Audited multiple environments

3.  All the information, discussion and views
 presented in the talk are
 personal !!!

6.  Increases workload
 Creates extra process
 Costly

7.  Business enabler –
 PCI DSS for processing card details
 RBI PSS for getting and running a digital wallet
 Give confidence to clients and third party
 Force organizations to give security a thought
 Act as baseline for security
Compliance acts as an enabler for security

13.  Ensure the compliance of Cloud provider
 Check and verify the services that are part of their compliance.
 Include them in your third party risk assessment section
Don’t Blindly trust them !!!

14.  Not just compliance, check their Security policies as well
 Regular audits and/or reports
Because they may be compliant but not Secure

17. EMAIL: SAUM98@GMAIL.COM
TWITTER: @SAUM98