Tell
us
about
your
company.
Simon
Turner:
BT
Group
is
a
multinational
telecommunications
company
that
provides
a
range
of
communication
services
including
broadband,
mobile,
and
telephone
services
to
customers
in
the
UK
and
worldwide.
The
company
operates
under
several
brands,
including
BT,
EE,
Openreach,
and
Plusnet.
BT
Group
also
offers
IT
services
such
as
cloud
computing,
cybersecurity,
and
managed
network
solutions
for
businesses.
In
addition
to
its
core
telecommunications
services,
the
company
has
a
presence
in
the
media
and
entertainment
sector,
offering
TV
and
sports
content,
as
well
as
virtual
events
and
production
services.
With
a
commitment
to
innovation
and
investment
in
cutting-edge
technologies,
BT
Group
aims
to
connect
people
and
organizations,
transforming
the
way
they
communicate
and
collaborate.
Why
did
your
company
decide
to
become
a
Principal
Participating
Organization?
Simon
Turner:
As
a
merchant
that
handles
payment
card
transactions
from
its
customers,
BT
decided
to
become
a
Principal
Participating
Organization
at
PCI
Security
Standards
Council
(PCI
SSC)
in
order
to
be
part
of
the
conversation
surrounding
the
security
of
payment
processing
systems
and
protection
of
customers’
sensitive
payment
card
data.
Additionally,
BT
also
acts
as
a
payment
solution
processor
for
a
number
of
its
customers
where
it
can
enhance
the
customer’s
service.
As
a
PPO,
BT
Group
will
be
able
to
share
its
expertise
with
other
organizations
that
are
seeking
to
comply
with
PCI
SSC
standards.
Additionally,
being
a
PPO
provides
BT
with
access
to
a
network
of
experts
and
stakeholders
in
the
payment
card
industry.
This
will
allow
BT
to
stay
up
to
date
on
the
latest
security
threats
and
best
practices,
and
to
collaborate
with
other
organizations
on
security
initiatives.
Overall,
BT’s
decision
to
become
a
PPO
was
driven
by
a
desire
to
ensure
the
security
of
its
payment
processing
systems
and
protect
its
customers’
sensitive
payment
card
data,
while
also
playing
an
active
role
in
the
development
and
evolution
of
security
standards
in
the
payment
card
industry.
By
doing
so,
BT
will
be
able
to
provide
its
customers
with
a
more
secure
payment
processing
experience
and
help
to
prevent
payment
card
fraud
and
data
breaches.
Which
benefits
are
you
most
looking
forward
to
as
a
Principal
Participating
Organization?
Simon
Turner:
BT
are
looking
forward
to
being
able
to
participate
in
the
development
and
evolution
of
PCI
DSS,
providing
feedback
on
the
effectiveness
of
existing
requirements
and
suggesting
new
requirements
to
help
strengthen
payment
card
data
security.
We’re
also
excited
about
the
possibility
of
inclusion
in
other
payment
ecosystems
in
the
future.
Being
a
PPO
will
grant
BT
greater
understanding
of
the
rationale
for,
and
allow
BT
to
play
its’
part
in,
the
evolution
of
current
and
future
standards.
We’re
also
looking
forward
to
being
able
to
collaborate
with
other
payment
card
industry
stakeholders,
including
other
merchants,
payment
processors,
and
card
issuers,
to
share
best
practices
and
work
together
to
improve
payment
card
security.
This
collaboration
can
help
BT
to
identify
potential
vulnerabilities
in
its
payment
processing
systems
and
to
develop
effective
security
measures
to
address
them.
BT
are
looking
to
demonstrate
to
our
customers
that
payment
security
is
important
to
us
and
is
embedded
into
everything
we
do.
We’re
confident
that
joining
as
a
Principle
Participating
Organization
will
demonstrate
our
commitment
to
protecting
our
customers’
sensitive
payment
card
data.
This
should
also
lead
to
increased
customer
loyalty
and
retention.
Why
is
it
important
for
companies
to
get
more
involved
with
the
PCI
Security
Standards
Council,
especially
at
the
Principal
Participating
Organization
level?
Simon
Turner:
By
becoming
a
PPO,
companies
can
have
direct
input
into
the
development
and
evolution
of
PCI
DSS
and
related
security
standards,
contributing
feedback
on
existing
requirements
and
suggesting
new
ones
to
ensure
that
the
standards
remain
effective
in
protecting
payment
card
data
against
the
latest
threats.
Moreover,
being
a
PPO
provides
companies
with
access
to
valuable
resources
and
information
related
to
payment
card
security,
such
as
research,
best
practices,
and
updates
on
the
latest
threats,
which
can
help
organizations
stay
up
to
date
on
the
latest
developments
in
payment
card
security
and
implement
effective
security
measures
to
protect
against
potential
threats.
Additionally,
PPOs
have
the
opportunity
to
collaborate
with
other
industry
stakeholders,
including
merchants,
payment
processors,
and
card
issuers,
to
share
best
practices
and
work
together
to
improve
payment
card
security.
Ultimately,
involvement
with
the
PCI
SSC
at
the
PPO
level
can
help
companies
better
protect
their
payment
processing
systems
and
sensitive
payment
card
data,
increase
customer
trust,
and
ultimately
benefit
the
entire
payment
card
ecosystem.
What
are
some
payment
security
topics
that
you’re
interested
in
collaborating
on?
Simon
Turner:
Three
of
the
topics
I’m
interested
in
collaborating
on
are:
-
Emerging
payment
technologies
–
With
the
rise
of
payment
technologies
like
mobile
payments,
digital
wallets,
and
contactless
payments,
it
is
important
to
stay
up
to
date
on
the
latest
security
threats
and
best
practices
for
securing
these
payment
methods. -
Tokenization
and
encryption
and
data
anonymization
are
three
critical
security
measures
for
protecting
payment
card
data,
and
collaboration
with
other
stakeholders
can
help
identify
the
best
practices
for
implementing
these
measures
effectively. -
Compliance
with
PCI
DSS
–
Compliance
with
the
PCI
DSS
v4.0
is
essential
for
protecting
payment
card
data,
and
collaboration
with
other
stakeholders
can
help
identify
the
most
effective
strategies
for
achieving
and
maintaining
compliance,
and
looking
at
the
challenges
others
are
experiencing.