About us

PCI Consulting Australia is an accredited Qualified Security Assessor (QSA) firm

QSAs are the only third-party entities who can officially sign your PCI DSS certification. We service the entire Asia-Pacific region

Verify our accreditation

Meet the QSA team

PCI Consulting Australia is a Melbourne, Sydney, Brisbane and Adelaide based specialist firm dedicated to assisting businesses adhere to the Payment Card Industry Data Security Standard (PCI DSS) requirements. Our experienced team provide pragmatic, common sense consulting solutions to fit budget, operational and compliance requirements of the Payment Card Industry. We are a highly experienced firm and the leading experts in the Australasian market.

Contact Us

Founder

Brent Loughton

Brent Loughton

Brent founded PCI Consulting Australia in 2014 and is the Managing Director. He has been working in the Payment Card industry across an international context since 2008 and has also been an active QSA since 2011. He has a broad range of experience working with many different industry sectors.

PCI DSS (QSA) team

James Lassetter

James Lassetter

James has more than twenty-five years of experience in security, risk and compliance. He has been a QSA since 2008 and has completed several hundred assessments across a diverse range of industries, including retail, telecommunications, aviation, financial services, not-for-profit and local/state government.

Richard Harris

Richard Harris

Richard has over twenty-five years’ experience in consulting and financial services. His roles include CISO of a global investment banking group. He is a passionate and respected security leader with a proven track record in developing security capabilities and protecting organisations. Richard has been a QSA since March 2011 and is a CA, CISA, CISM and ISO 27001 Lead Auditor.

Daniel Friske

Daniel Friske

Daniel has been working exclusively within the PCI DSS since 2013 and has been a QSA since 2018. Daniel provides pragmatism and strong technical skills with an eye for detail, also acting as our Quality Manager which includes developing and maintaining our internal quality standards. He is also our lead tester of POS systems.

David Cahill

David Cahill

David has been a QSA since 2018 and has been working within the information security space since 2007. He possesses significant experience in diverse environments, particularly top tier financial institutions, state and local government and medium to large companies.

Chris Bates

Chris Bates

Chris has been a QSA since 2018 and worked almost exclusively within the PCI DSS realm since that time. He has completed assessments for entities at all levels and previously worked within Information Technology for 18 years.

Daniel Warfe

Daniel Warfe

Daniel is a QSA, a Certified Information Systems Security Professional (CISSP) and a Certified Information Systems Auditor (CISA). Daniel has 20 years of experience in technology risk, consulting, security operations, ecommerce, payments and banking.

Testing Team

Lukasz Studniarz

Lukasz leads our testing team, and is a certified Penetration Tester himself with extensive experience dating back to 2011. Lukasz has performed testing to-date on more than 50,000 host systems and more than 1200 web applications. Along with being credited with discovering vulnerabilities linked to many CVE notices, he holds five separate well-renowned industry certifications.

Wojciech Chwala

Since 2020, Wojciech has actively engaged in penetration tests and vulnerability assessments on behalf of a diverse set of global commercial clients. His journey has also involved a dedicated focus on honing web application security expertise, guided by seasoned mentors. This journey has equipped him with the proficiency to execute and comprehend intricate attack strategies. Wojciech's areas of specialization encompass both web application and infrastructure penetration testing endeavours.

Karol Mazurek

Karol maintains multiple well-renowned industry certifications which accompanies his hands-on experience and expertise in the realms of cyber security. Karol's primary focus resides within web application security, complemented by a keen interest in areas such as reverse engineering, binary exploitation, and low-level security.

Filip Seba

With professional experience in the field of cybersecurity dating back to 2018, Filip is a seasoned tester specialising in both web and mobile applications. Holding well recognized CEH and OSCP certifications, Filip combines extensive theoretical knowledge with practical expertise to identify and rectify vulnerabilities within digital environments.

Our history

2014

Gained official QSA accreditation and opened Melbourne office
a blue circle with a white background
a blue circle with a white background

2015

Commenced penetration testing services

2016

Opened Sydney office
a blue circle with a white background
a blue circle with a white background

2017

Added formal PCI DSS quarterly reviews to service offering

2018

Expanded skillset to include ISO27001 reviews
a blue circle with a white background
a blue circle with a white background

2019

Gained accreditation to perform assessments in all of Asia-Pacific

2020

Opened its Brisbane office
a blue circle with a white background
a blue circle with a white background

2023

Opened its Adelaide office