Stephen Cavey is a payment card industry professional with a historical focus on on electronic payments and security compliance.
Stephen currently holds a position of Director at Ground Labs, an innovative software vendor focussing on the development of technologies that discover insecure storage of Card Holder Data for the Payment Card Industry. These technologies are designed to enable merchants and their QSAs an ability to perform PCI Compliance reviews in less time with a higher level of accuracy not previous available when using traditional discovery methods.
When asked why this issue is important, Stephen's response is;
“Many consumers do not understand how organisations came to be storing their credit card information without their knowledge or permission. In my experience the unfortunate truth is most organisations, including those already deemed PCI Complaint still have rogue Card Holder Data storage within their environment – often without even realising it. This is the reason why Ground Labs exists. This is the problem we are determined to solve.”
Major products offered by Ground Labs include:
Card Recon – A simple yet accurate Card Holder Data discovery application. Card Recon can be run from a portable memory device and will scan the contents of a local file system for stored Card Holder Data within documents, logs, emails, databases and various structured and unstructured data formats. Card Recon may be run on Linux, Windows, HPUX, Solaris, AIX and is popular amongst small to medium merchants. Card Recon is also in wide use amongst PCI QSA's globally.
Enterprise Recon – Using Card Recon scanning technology, Enterprise Recon offers organisations a single view of all non-compliant Card Holder Data storage across server and workstation hosts. Enterprise Recon is designed for organisations with 25 through to 10,000+ systems requiring centralised manageability and control.
8/2010 - Present
GIAC Penetration Tester - GPEN
Network and Application Penetration Testing