Aleksandrs Bereznojs

Security Manager, Industry Software
Tieto

Aleksandrs works for 5 years within Tieto corporate environment fulfilling information security and privacy compliance duties. Alongside with his professional responsibilities he fulfills academic activities as Associate professor lecturing on the various branches of IT and data protection.

Topic: Bridging the gaps of GDPR guidance for "data protection by design and by default" with PCI Software Security Framework
Short overview:

Contemporary standards published by Payment Card Industry Security Standards Council (PCI SSC) build-up one of the best low level security frameworks required for secure payment application development. Tailoring of the specific industry standard requirements to the privacy needs enables organizations to follow not only the security-by-design but also privacy-by-design concept demanded by General Data Protection Regulation (GDPR). In such way broad interpretation of incorporating security & privacy from scratch is directed to the certain set of requirements, which provide the assurance of high quality of design principles fulfillment.