Today we bring you another interview and our guest is Pavel Kaminsky.
Kristýna: Please, introduce yourself and tell us in which field do you work and for how long?
Pavel: I’m Pavel Kaminsky - PCI QSA, CISSP, CISA, CEH, Information Security expert, auditor, penetration tester, a regular lecturer at various IT security conferences, startup mentor, and the founder and CEO of 7Security Ltd. We are a QSA (Qualified Security Assessor) company authorized to provide PCI DSS certification to merchants and payment services providers in Europe and CEMEA. PCI DSS is a security standard developed by Mastercard, Visa, Amex, Discover, and JCB, and is applicable to all companies that process, transmit or store payment card data. We offer disruptive innovation in the certification services that make us the preferred choice of Fintech startups.
To make it shorter - I'm the guy Fintech founders call when they need to implement secure payment environments. I'm an adept of the most modern cloud technologies (GCP and AWS serverless) that optimize the PCI implementation and maintenance, and simply make the projects less expensive.
Kristýna: How did you get into this field?
Pavel: For the last 17 years I have been passionate about information security in its many faces - implementing anti-denial-of-service solutions, penetration testing, information security auditing, and now - payment card industry consulting and auditing. What I like about this area is that cards = money, so the most modern technologies are here, and the most experienced hackers are also here. This means there are always innovations to look out for and new challenges to face.
Kristýna: What technologies mean to you?
Pavel: Everything: it’s my work, my interest, my hobby, and an essential part of my daily routine. Technologies are continuously fascinating and surprising me and offer me a world of endless opportunities to improve my life, and those of the people around me.
Kristýna: What do you think about AI?
Pavel: AI has already led to significant positive changes in our lives, and the most exciting thing is that it’s just getting started. Even though it has applications in every industry I can name, I am naturally most interested in how it shapes and will continue to shape the payment methods. Obviously, security and fraud detection are a big topic to me and I am curious to see how much more AI can take off our shoulders in this respect. When it comes to processing secure and quick payments, and spotting irregular payment behavior, AI has already proven to be an irreplaceable aid. It’s fascinating to imagine how much work AI does between the mere seconds in which we confirm a payment and it gets processed, with the aim to keep our money safe.
Kristýna: Are you a mentor for some startups? How does the collaboration work?
Pavel: Yes, I take personal pleasure and satisfaction from mentoring startups, seeing them grow and succeed, especially when I know I've helped make it happen. Since the start of the pandemic, the collaboration has been entirely online. I support startups with one-to-one calls with practical, no-nonsense advice and solutions. The entire process is organized in a way to be 100% productive even when it is online.
Kristýna: Can you tell us for which startup you have already been a mentor and what benefit it has had?
Pavel: Advising state-of-the-art fintech startups is almost 100% of my daily routine. I am working with startups from different areas - payment gateways, e-wallets, expense management for individuals and corporations, the most modern software POS solutions that work on any Android device and allow merchants to accept payment cards by just downloading an app from Google Play, without going to the bank and purchasing any special devices. There are only a few pilot solutions in the world at the moment and I'm happy to be a part of it and get extensive knowledge of the new CPoC standard.
As part of my mentoring, I always provide guidance counseling to help startups understand the complexity and all aspects involved in a PCI DSS compliance effort and an initial scope estimate to advise them on ways to narrow the scope of their compliance. PCI DSS and devise the most feasible and cost-effective scenario for their project.
Working with startups means that we have to find solutions that work for small, energetic, and very flexible teams. When we do any documentation - we have to keep it as short as possible in order to make it really work for the company. When we suggest solutions - we have to probably do everything in the cloud minimizing the required PCI DSS compliance efforts.
I am brainiac at building secure and easily-managed payment environments on PCI DSS compliant AWS serverless and GCP serverless components.
Linkedin profil https://www.linkedin.com/in/pkmnsky/