Not Just a necessary evil, it’s good for business: implementing PCI DSS controls for Hadoop ecosystem at UK’s largest card issuer

Not Just a necessary evil, it’s good for business: implementing PCI DSS controls for Hadoop ecosystem at UK’s largest card issuer

Wednesday, April 18
4:50 PM - 5:30 PM
Convention Hall I - C

For firms in the financial industry, especially within regulated organizations such as credit card processors and banks, PCI DSS compliance has become a business and operational necessity. Although the blueprint of a PCI-compliant architecture varies from organization to organization, the mixture of modern Hadoop-based data lakes and legacy systems are a common theme.

In this talk, we will discuss recent updates to PCI DSS and how significant portions of PCI DSS compliance controls can be achieved using open source Hadoop security stack and technologies for the Hadoop ecosystem. We will provide a broad overview of implementing key aspects of PCI DSS standards at WorldPay such as encryption management, data protection with anonymization, separation of duties, and deployment considerations regarding securing the Hadoop clusters at the network layer from a practitioner’s perspective. The talk will provide patterns and practices map current Hadoop security capabilities to security controls that a PCI-compliant environment requires.

Presentation Video


David Walker
Enterprise Data Platform Programme Director
David has over 20 years’ technical leadership expertise and has led the development and management of complex BI solutions, supporting technical architectures for a wide range of organisations spanning SME start-ups to large enterprise. In his role at Worldpay, David specialises in developing and delivering the Enterprise Data Platform, a multi-tenant highly secure Hadoop platform for decision engines, analytics and reporting using his experience and knowledge in technical architecture, data modelling, ETL design, data quality, and metadata management. A key aspect of David’s role also involves acting as the lynchpin between Worldpay’s commercial and technical business leaders by regularly engaging at the executive level. David also manages cross-cultural teams in the analysis of technical infrastructures and the delivery of innovative and successful change programmes.
Srikanth Venkat
Senior Director, Product Management
Srikanth Venkat is currently responsible for Security & Governance portfolio of products at Hortonworks which include Apache Knox, Apache Ranger, Apache Atlas, Platform wide security and Hortonworks DataPlane Service. Prior to Hortonworks, Srikanth has held multiple roles in areas of cloud services, marketplaces, security, and business applications. His experience includes leadership across Product Management, Strategy and Operations, and Technical Architecture with broad experience in startups to global organizations including Telefonica,, Cisco-Webex, Proofpoint, Dataguise, Trilogy Software, and Hewlett-Packard. Srikanth holds a PhD in Engineering with a focus on Artificial Intelligence from University of Pittsburgh, and an MBA in General Management from Indiana University and a Masters in Global Management from Thunderbird School of Global Management. Srikanth is a Data Sciences & Machine Learning hobbyist and enjoys tinkering with Big Data technologies.