Lessons from an InfoSec Icon: A Fireside Chat with PCI Guru Jeff Hall episode artwork

EPISODE · Nov 8, 2023 · 50 MIN

Lessons from an InfoSec Icon: A Fireside Chat with PCI Guru Jeff Hall

from Razorwire Cyber Security & InfoSec Insights

Hello and welcome to Razorwire, the podcast where we delve into the world of cybersecurity with top experts and industry leaders. I'm your host, James Rees, and I can't wait to share this episode with you. As a PCI DSS QSA, I’m delighted to have PCI expert Jeff Hall as my guest today.This episode will give you a unique perspective on how security has evolved from early mainframe days to today's interconnected, risk-focused practises. Jeff tells us about his hard-won lessons and wisdom gathered over decades steering information security programmes, including the need for compliance to work alongside overall security and not hinder it, and why auditors should be viewed as allies, not adversaries.We give you some unique insights on the upcoming PCI DSS v4, the changes we can expect, and what we should be prepared for. We also talk about the issues that shortened CISO tenures create and how this can hinder long-term security progress. Learn why it’s important to focus on the big picture when it comes to security goals rather than getting distracted by minutiae.We cover a wide range of subjects throughout this episode, with some really useful takeaways. One of the key points, and I really must agree, is the importance of matching security priorities to business risk, not compliance checklists. Jeff gives us his advice on focusing on the appropriate controls for what you aim to protect. For CISOs, security leaders, and practitioners at all levels, you’ll gain insight into building effective programmes that deliver real protection. Tune in to level up your approach with advice from this industry luminary and compliance guru.So, if you're ready to up your cybersecurity game, join us on Razorwire. Stay informed, connected, and inspired. Together, we can build a safer digital world. Let's get started!Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listenIn this episode, we covered the following topics:- The importance of cybersecurity in e-commerce- Identifying the main problems of managing website vulnerabilities- Discussing the need for implementing specific tools to comply with regulations- Exploring concerns about customer data security, effectively monitoring alerts and meeting requirements- How the increasing costs and complexity of audits could lead to organisations rejecting compliance requirements- How to streamline security programmes and focus on essentials- The challenges of security and deployment in cloud environments- How to prioritise the overall security programme and how not to get lost in minor details or problems- The lack of leadership in the information security industry and the short tenure of CISOs- The shortage of qualified infosec professionals and why we should be supporting mentorship and apprenticeshipGUEST BIOSJeff HallJeff Hall is a principal security consultant at Truvantis, Inc.  Jeff has over 30 years of technology and compliance project experience.  Jeff has done a significant amount of work in financial institutions, health care, manufacturing, and distribution industries, including security assessments, strategic technology planning, and application implementation.  Jeff is part of the PCI Dream Team, a co-author of ‘The Definitive Guide to PCI DSS Version 4: Documentation, Compliance, and Management’ and the writer of the PCI Guru blog (http://pciguru.blog).Resources MentionedRazorthorn’s PCI DSS Consulting ServiceThe PCI DSS standardPCI Guru BlogPCI DSS Dream Teamtrustedsec.comGDPRArmor cardsNovell DirectorySarbanes OxleyCICDAnsibleJenkinsJiraOther episodes you'll enjoyTrust & Culture as Cornerstones of Cyber Security with Paul Dwyerhttps://www.razorthorn.com/trust-culture-as-cornerstones-of-cyber-security-with-paul-dwyer/Cybersecurity and Critical Infrastructure: Are We Prepared for the Worst?https://www.razorthorn.com/critical-infrastructure/Connect with your host James ReesHello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.For more information about us or if you have any questions you would like us to discuss email [email protected] you need consultation, visit www.razorthorn.com, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.Linkedin: Razorthorn SecurityYoutube: Razorthorn SecurityTwitter:   @RazorThornLTDWebsite: www.razorthorn.comLoved this episode? Leave us a review and rating hereAll rights reserved. © Razorthorn Security LTD 2025

NOW PLAYING

Lessons from an InfoSec Icon: A Fireside Chat with PCI Guru Jeff Hall

0:00 50:41

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

The Hunt Diaz Task Force A hard-hitting, eye-opening podcast that takes you deep into the relentless fight against human and sex trafficking. Each episode explores the dangerous world of traffickers and predators from every angle—street operations, online investigations, and digital warfare. Hear firsthand from law enforcement, federal agents, and prosecutors as they share real stories of sting operations, investigative tactics, and the challenges of bringing traffickers to justice. Follow live sting operations, online predator investigations, and real-time takedowns of trafficking rings, with insights from cybercrime experts, undercover decoys, and live case discussions. We dive deep into how traffickers operate on the dark web, using cryptocurrency and other digital tools to exploit victims. Learn how law enforcement is using cutting-edge technology to track traffickers and disrupt their operations. The Hunt, pulls back the curtain on the digital and real-world fight against trafficking, exposing the p Explicit The Uncaged Pod Jess MacMillan The Uncaged Pod is the podcast for bold, soul-led women who are ready to break free from the cages of perfectionism, people-pleasing, and limiting beliefs. Hosted by Jess MacMillan, mama, keynote speaker, and women's empowerment advocate, this show delivers raw conversations, powerful insights, and unapologetic truths that will inspire you to reclaim your voice, rewrite your story, and rise with unstoppable confidence.Each week, Jess and her guests dive into topics around leadership, personal growth, entrepreneurship, and motherhood, offering real-life strategies, soulful reflections, and empowering stories to help you lead, live, and love uncaged.Whether you're an entrepreneur, a creative, or a woman who’s remembering who she really is, The Uncaged Pod is your invitation to step into your power and live life on your own terms. Explicit Crime and Conscience Ashley Painter Discover the world of true crime with Ashley on Crime and Conscience. Explore psychological insights and stories that challenge our perceptions of guilt and innocence. Uncover the complexities of crime, trauma, and the human experience in each episode. Explicit Technado (Archived) ACI Learning The Technado crew covers a whirlwind of tech topics each week from interviews with industry experts and up-and-coming companies to commentary on topics like security, vendor certifications, networking, and just about anything IT related. Explicit

Frequently Asked Questions

How long is this episode of Razorwire Cyber Security & InfoSec Insights?

This episode is 50 minutes long.

When was this Razorwire Cyber Security & InfoSec Insights episode published?

This episode was published on November 8, 2023.

What is this episode about?

Hello and welcome to Razorwire, the podcast where we delve into the world of cybersecurity with top experts and industry leaders. I'm your host, James Rees, and I can't wait to share this episode with you. As a PCI DSS QSA, I’m delighted to have PCI...

Can I download this Razorwire Cyber Security & InfoSec Insights episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!