惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

D
DataBreaches.Net
Apple Machine Learning Research
Apple Machine Learning Research
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
S
SegmentFault 最新的问题
博客园 - 聂微东
罗磊的独立博客
W
WeLiveSecurity
博客园_首页
Scott Helme
Scott Helme
V
Visual Studio Blog
T
The Exploit Database - CXSecurity.com
G
Google Developers Blog
大猫的无限游戏
大猫的无限游戏
Latest news
Latest news
L
Lohrmann on Cybersecurity
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
A
About on SuperTechFans
F
Full Disclosure
Y
Y Combinator Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
博客园 - 司徒正美
博客园 - Franky
C
CXSECURITY Database RSS Feed - CXSecurity.com
F
Fortinet All Blogs
Blog — PlanetScale
Blog — PlanetScale
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
阮一峰的网络日志
阮一峰的网络日志
S
Schneier on Security
雷峰网
雷峰网
博客园 - 【当耐特】
P
Privacy International News Feed
C
Cyber Attacks, Cyber Crime and Cyber Security
Engineering at Meta
Engineering at Meta
aimingoo的专栏
aimingoo的专栏
MongoDB | Blog
MongoDB | Blog
J
Java Code Geeks
T
Tor Project blog
V
V2EX
爱范儿
爱范儿
C
Check Point Blog
T
Threatpost
Project Zero
Project Zero
量子位
V
Vulnerabilities – Threatpost
Know Your Adversary
Know Your Adversary
I
Intezer
G
GRAHAM CLULEY
P
Privacy & Cybersecurity Law Blog
GbyAI
GbyAI
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com

PCI Perspectives

Meet the Council’s New Head of Business Operations and Risk Management The AI Exchange: Innovators in Payment Security Featuring PCA Cyber Security Enhance Your Community Meeting Experience with Interactive Workshops The AI Exchange: Innovators in Payment Security Featuring PROSA Bring PCI SSC Training to Your Organization with the New Training Venue Host Program The AI Exchange: Innovators in Payment Security Featuring Utimaco Coffee with the Council Podcast: Meet This Year’s North America Community Meeting Keynote Speaker, Sharon Gai Welcome Our Newest Associate Participating Organizations The AI Exchange: Innovators in Payment Security Featuring SecurityMetrics PCI SSC Publishes New Guidance on Compensating Controls and the Customized Approach Spotlight On: Dreamplug Technologies Private Limited (CRED), a New Principal Participating Organization Request for Comments: PCI Data Security Standard (PCI DSS) v4.0.1 The AI Exchange: Innovators in Payment Security Featuring In-Solutions Global Ltd Coffee with the Council Podcast: Nominate Now for the Global Executive Assessor Roundtable (GEAR) PCI SSC Publishes PCI PTS HSM v5.0 Request for Comments: PCI Secure Software Lifecycle Standard v2.0 Spotlight On: Worldline, a New Principal Participating Organization Coffee with the Council Podcast: Stronger Together – The Value of Participating with PCI SSC The AI Exchange: Innovators in Payment Security Featuring Dreamplug Technologies Private Limited (CRED) Level Up Your Payment Security Expertise with PCI SSC Knowledge Training PCI SSC Launches Enhanced Language Microsites for Global Audience Exhibit at or Sponsor the 2026 Community Meetings Spotlight On: Stripe, a New Principal Participating Organization The AI Exchange: Innovators in Payment Security Featuring Toast, Inc. Coffee with the Council Podcast: A Panel Discussion on Cryptography The AI Exchange: Innovators in Payment Security Featuring Flywire Spotlight On: Amazon, a New Principal Participating Organization Welcome Our Newest Associate Participating Organizations The AI Exchange: Innovators in Payment Security Featuring Checkout.com The AI Exchange: Innovators in Payment Security Featuring Bank of America Request for Comments: PCI Card Production and Provisioning Physical and Logical Security Standards v3.0.1 Spotlight On: Futurex, a New Principal Participating Organization The AI Exchange: Innovators in Payment Security Featuring Soft Space PCI Security Standards Council Publishes First-Ever Annual Report Coffee with the Council Podcast: PCI SSC Releases Version 2.0 of the PCI Secure Software Standard PCI SSC 2025 Community Meetings Now Available on Global Content Library PCI SSC Releases Version 2.0 of the PCI Secure Software Standard 2026 PCI SSC Training Schedule Announced Spotlight On: Reflectiz, a New Principal Participating Organization The AI Exchange: Innovators in Payment Security Featuring Jscrambler Meet the Council’s New Client Engagement Operations Director The AI Exchange: Innovators in Payment Security Featuring SISA Meet the Council’s New Director, Training Programs Request for Comments: PCI Key Management Operations (KMO) v1.0 Standard PCI SSC Publishes Mobile Payments on COTS (MPoC) Guidance Document The AI Exchange: Innovators in Payment Security Featuring Block, Inc. Request for Comments: PCI PTS HSM v5.0 Coffee with the Council Podcast: Nominate Your Company for the Council’s Next Brazil Regional Engagement Board 2025 Asia-Pacific Community Meeting Agenda Highlights The AI Exchange: Innovators in Payment Security Featuring Elavon Inc. Coffee with the Council Podcast: Meet the New Regional Director of Japan and South Korea, Junichi Tsuboi Internal Security Assessor (ISA) Training Case Study: WestJet Sneak Peek: 2025 Europe Community Meeting Speakers AI Principles: Securing the Use of AI in Payment Environments The AI Exchange: Innovators in Payment Security Featuring Cloud Security Alliance Beware of PCI DSS Compliance Certificates Meet the Council’s New Regional Director, Europe PCI SSC Releases New Guidance on Authentication and Cryptography Welcome Our Newest Associate Participating Organizations Sneak Peek: 2025 North America Community Meeting Speakers Coffee with the Council Podcast: Meet This Year’s Asia-Pacific Community Meeting Keynote Speaker, Sharon Gai The AI Exchange: Innovators in Payment Security Featuring Salesforce
Coffee with the Council Podcast: PCI SSC Publishes First-Ever Annual Report
Alicia Malone · 2026-02-19 · via PCI Perspectives

Welcome to our podcast series, Coffee with the Council. I'm Alicia Malone, Director of Communications and Public Relations for the PCI Security Standards Council. Well, it is hard to believe that we are already in February, but as we kick off 2026, we want to take a moment to also acknowledge all that the Council accomplished in 2025, including the recent release of the Council’s first-ever Annual Report. Joining me today to talk about this report and what we can expect in the year ahead is PCI SSC's Executive Director, Gina Gobeyn. Welcome, Gina!

Listen to the full episode on Spotify or on your favorite podcast player. 

Gina Gobeyn: Thank you, Alicia. I'm happy to be here with you today.

Alicia Malone: So, let's just dive right in, Gina. Tell us a little about the Council’s recently released Annual Report. What is it exactly and why did the Council decide to publish one?

Gina Gobeyn: Absolutely. So, this is the Council’s first ever Annual Report, and we were very intentional about what we wanted it to be.

At its core, the report is a reflection of our mission, our priorities, and the partnerships that make our work possible at the Council. We wanted to tell the story of why we exist, what we're focused on, and how we are working with the global payments ecosystem to advance payment security. Now, the work that the Council does is fundamentally collaborative, and the impact that we drive is for the payments industry with the payments industry.

So, this report is really about transparency of purpose and direction. It's a way for us to step back and reflect on the year, but also to clearly articulate how our mission shows up in the real world and where we're headed together with our community.

Alicia Malone: I love that. Well, the Annual Report is full of great information. Can you walk us through the single most important story or message that it tells about the Council’s year? So, how do you sum up 2025?

Gina Gobeyn: Well, I would say that the defining message of 2025 for the PCI Security Standards Council is this: we moved from intention to execution.

Throughout the year, we were very focused on turning our vision into reality. And that vision is to evolve how we work so that we can better support the advancement of payment security in a fast-moving, highly innovative payment industry, while also strengthening how we're engaging with our global community of stakeholders. So, by evolving the way we work through a more structured product delivery operating model, and by engaging our stakeholders earlier and more often, we're working at the Council to remove waste from our processes, to better understand the impact of change, scale our delivery, and quite frankly, we're working to get it right faster.

And I think that this shift is more visible now in how we are prioritizing our work - we're organizing into product families - and in how we're partnering with our members, as well as you’ll see that the outcomes that we delivered in 2025 make this all very visible in how we are delivering on our mission. In fact, as highlighted in the report, 2025 really was a record year for stakeholder engagement and also one of the most productive years in Council history.

Now, to just give a few examples - I don't want to steal too much thunder from the report itself: last year, we completed five requests for comments. We've released two security standards. We published 98 FAQs, including technical FAQs which, in our world, help to enable agility and drive clarity of some of the security requirements in our standards. As well as a number of those FAQs addressed aligning our information from previous PCI DSS FAQs to align to the most current version, which is PCI DSS v4.0.1. Additionally, last year we issued eight new guidance documents. Eight! And two of those guidance documents focused on artificial intelligence.  

Now, AI has rapidly emerged as a critical topic for the payments industry. And we heard that loud and clear from our stakeholders. And the way we responded was by prioritizing practical guidance. And that practical guidance has been well received from our stakeholders. We also launched our new blog, which is AI Exchange: Innovators in Payment Security, which is a blog series that's highlighting the innovative work that's being done by our stakeholders, and how they're using AI across the ecosystem.

Now all of that's important, but I think the real takeaway is not just the volume of activity. The data in the report also reflects increased engagement, deeper participation, and stronger alignment across the ecosystem. And more importantly, it reflects that we are working differently and more effectively together. So, when you look at the report, what you're really seeing is a year where the Council and our community leaned in together. We made deliberate choices, and we delivered impact that goes well beyond just internal PCI milestones. I think it's a story of momentum and one that we're continuing to build on as we look ahead. And, Alicia, to answer your second question, if I had to sum up 2025 in a single phrase, it would be: meaningful progress through collaboration.

Alicia Malone: Well, 2025 was certainly a busy year and I know the information included in the 2025 Annual Report represents meaningful work to you and to the entire PCI SSC team. What would you say you are most proud of?

Gina Gobeyn: When I think about the top takeaways from the report and what I'm most proud of, it all comes back to how we showed up as a mission-driven, community-centric organization at the Council. First, I'm proud of how clearly our mission comes through. And so, this report demonstrates that our work is grounded in purpose. Everything that we focused on in 2025, our priorities, our engagement, our delivery, was aligned to advancing payment security in a way that is practical, scalable, and globally relevant.

And second, the depth and quality of collaboration really stands out for me. One of the most meaningful takeaways is how actively the community participated in not just providing input, but by truly helping to shape our outcomes. The report reflects stronger partnerships, broader global engagement, and also a shared sense of responsibility for advancing security across the ecosystem.

And finally, I'm proud of the momentum we've built. In 2025, it was a year of meaningful progress. And not just in activity, but progress that sets us up well for what's next. I think you can see that in how we're operating, how we're prioritizing, and how we're working to align with the needs of the industry. If I had to sum it up, what I'm most proud of is that this report doesn't just document a year; it captures a turning point. It shows an organization and a community working together with clarity, intention, and impact.

Alicia Malone: Well, Gina, thank you for setting up that great segue because now we're going to shift and talk a little bit about what's next. Specifically, what would you say are the biggest challenges to payment security? And where do you think the biggest opportunities lie for the Council in helping to mitigate those challenges?

Gina Gobeyn: Well, I would offer that the challenge is complexity, but the opportunity is collaboration. And that's where the Council plays a critical role. I think that the 2025 report reinforces that the payment security industry is at a pivotal moment, one where challenges and opportunities are tightly connected.

At the heart of the challenge is the pace and the scale of change. Payments continue to evolve rapidly - new technologies, new players, new use cases - and all of that is happening alongside real time, always-on payments. And together, those dynamics can create an increasingly complex ecosystem. And that complexity can also introduce real risk. We see that there's potential for fragmentation, different approaches, uneven adoption, and of course, the potential for growing gaps between innovation and security.

At the same time, threats become more sophisticated. Technologies like AI are powerful enablers for innovation, but they can also be leveraged with malicious intent. And because payments and threats are global, coordination can be more difficult, but also more essential. And that's also where the opportunity lies, particularly for us at the Council.

One of the biggest opportunities for the Council is to continue serving as a globally trusted resource and the stabilizing force for the industry through our globally recognized industry-driven standards, our programs, and our training. It's the work that we're doing to bring the community together to advance payment security. I like to think of our role as supporting secure innovation. We're helping the payment ecosystem move forward securely and confidently, regardless of geography or technology involved.

The 2025 report highlights the unique position that the Council holds, working closely with industry thought leaders to anticipate change rather than to react to it. So, we're going to continue to deepen this model of engagement. We're going to work with our stakeholders to understand real world security threats, as well as best practice mitigation strategies through our timely information sharing. And that's how we're working to turn complexity into resilience. And so, when I look ahead, I do see real challenges, but I also see tremendous opportunity. If we stay focused on collaboration, transparency, and mission-driven outcomes, we're well positioned to help the industry navigate what's next, and we'll do that together.

Alicia Malone: And speaking of what's next, so 2026 is a big year for the Council as we celebrate its 20th anniversary of securing payments worldwide. Talk to us a little bit more about this milestone.

Gina Gobeyn: Yes, 20 years! So, reaching our 20th anniversary is such a significant milestone for the PCI Security Standards Council. And it's one that we're approaching with a lot of appreciation. Over the past two decades, the payment ecosystem has changed dramatically. We've gone from a much more centralized card-centric environment to a global digital always-on payments landscape. And throughout that evolution, the Council’s mission has remained the same. It's to enhance global payment account data security by developing standards and supporting services that drive education, awareness, and effective implementation by stakeholders. That's quite a mouthful, but in short, it's working to support securing the payment industry with the payment industry.

And what's meaningful about this anniversary isn't just longevity, it's relevance. The fact that the Council continues to play a critical role today is a testament to the strength of our community and the partnerships that have shaped our work over the years. And now we rely more heavily on those partnerships than ever before. We are working to ensure that we are bringing forward standards, programs, training, and the Council’s resources that are the right products for our stakeholders at the right time. Today, our Board of Advisors is made up of the largest cross section of payment players that we've ever worked with. We're working with 64 companies as members of our Board of Advisor group. We have multiple membership levels that are allowing organizations to participate in meaningful ways with the Council in ways that best fit their needs. And from a global representation perspective, we have increased the opportunities to incorporate regional representation into the development of our security standards globally.

So, it's nice to reflect on how far we've all come, but 2026 isn't just about looking back. It's also about recommitting to our mission and asking, what's next? What's on the horizon? What does the next chapter of payment security require? So, as we all mark 20 years, we are certainly celebrating the progress we've made. We're thanking the community that has made it all possible, but we're also looking ahead with purpose. The work isn't done, and in many ways, it's more important than ever.

Alicia Malone: That is so exciting and we will be celebrating the 20th anniversary all year long. So, stay tuned for more announcements. But now that we're in the new year, it's moving so quickly already. Please share what some of your goals are heading into 2026.

Gina Gobeyn: So as much as anything, we want to continue with the momentum gained in 2025 while preparing for what's on the horizon. So, a top priority for us is ensuring that our standards, programs, guidance, and training continue to evolve in the ways that are practical, scalable, and responsive to real-world payments. So that means that we're continuing to work closely with our community, facilitating healthy discussion and sometimes debate. We understand emerging technologies and can anticipate some of their risks. And we're helping to support secure payment innovation without creating unnecessary friction.

As we mark our 20th anniversary, we are very focused on the future. 2026 is an opportunity for us to reinforce the Council’s role as a trusted global payment security resource and to work with our community to set direction for the next chapter of payment security, one that's grounded in transparency, collaboration and long-term impact. So, the year ahead is about continuity and evolution. We're going to stay true to our mission while continuing to adapt how we deliver on it in a rapidly changing environment.

Alicia Malone: That's so wonderful. I can't wait to see what the year holds for the Council. Thank you so much for joining us on Coffee with the Council, Gina, and for sharing your insights into the Annual Report and what's next for the Council in 2026.

Gina Gobeyn: Well, thank you, Alicia. As we wrap up here, I would like to extend a sincere thank you to our community and to our partners around the world. Your engagement and collaboration makes this work possible. We are proud of what we accomplished together and even more excited about what lies ahead. So, thank you for being part of our journey and helping us to continue to advance secure payments worldwide.

Alicia Malone: The Council’s first-ever Annual Report is now available on the PCI SSC website. You can find a link to download it in the blog transcription of this episode.

View the PCI SSC Annual Report

Like what you’ve heard? Subscribe to PCI SSC’s “Coffee with the Council” podcast by visiting any of the following platforms: Apple Podcasts, Spotify, Amazon Music, Anchor, Castbox, Google Podcasts, iHeartRadio, Pocket Casts, RadioPublic, Stitcher, Audible, Overcast, or Pandora.