The Practical Matters of CMMC-Join our Latest Webinar on Considerations and Challenges in Pursuing Certification Register Now

Dark teal and black gradient

Tevora's News and Events

Tevora’s Director of PCI Compliance, Eric Sampson, to Kick Off RMISC with Expert Session on AI and PCI DSS 

By Tevora

Featured image for post Tevora’s Director of PCI Compliance, Eric Sampson, to Kick Off RMISC with Expert Session on AI and PCI DSS 

IRVINE, CA. – May 1, 2026

Tevora, a global leading cybersecurity and compliance consulting firm, is proud to announce that Eric Sampson, Director of Payments Compliance, will be a featured speaker at this year’s Rocky Mountain Information Security Conference (RMISC).  

Taking place June 23-25 at the Colorado Convention Center, RMISC is the only conference of its kind in the Rocky Mountain region. Designed as an affordable, premier knowledge-builder for IT security, audit, and compliance professionals at all levels, the event provides a critical blend of education and networking. Tevora will also be an official sponsor at this year’s event, bringing its industry-leading payment security expertise directly to attendees. 

Sampson will be one of the first speakers to take the stage, kicking off the conference on June 23 at 8:00 a.m. with a one-hour breakout session in the Governance, Risk & Compliance track. His highly anticipated presentation, “AI, Automation, and PCI DSS: What Can Safely Be Automated (and What Shouldn’t),” will explore the rapid adoption of automation and artificial intelligence used to streamline compliance and security operations. 

Tailored specifically for auditors, analysts, and individual compliance contributors, the session will offer a practical, experience-based look at how automation is currently being applied within actual cardholder data environments (CDEs). Sampson will walk attendees through common automation pitfalls. Attendees will learn how to evaluate automation decisions using risk-based criteria, identifying which PCI DSS control processes safely benefit from AI and which still absolutely require human oversight to remain effective and defensible. 

This emphasis on evidence-based decision-making and reliable control integrity stems directly from Sampson’s extensive background in the field. With more than 20 years of assurance and compliance leadership, Sampson oversees Tevora’s payments practice, leading a team of Qualified Security Assessors (QSAs) in supporting clients through complex payment security initiatives. His day-to-day work spans Self-Assessment Questionnaires (SAQs), PCI Point-to-Point Encryption (P2PE), PCI Card Production and Provisioning (CPP), and the PCI Software Security Framework (SSF). 

Having overseen or contributed to more than 500 client engagements across the retail, eCommerce, fintech, healthcare, and technology sectors, Sampson brings a wealth of real-world knowledge to the RMISC stage. Beyond PCI DSS, his deep expertiseextends to SOC 1 and SOC 2 examinations, HIPAA security assessments, WebTrust for certification authority engagements, and Federal PKI audits. He specializes in helping organizations not only mature their PCI compliance programs, but seamlessly align those efforts with broader, critical frameworks such as ISO 27001, SOC 2, and the NIST Cybersecurity Framework. 
 

For more information about Tevora’s payment compliance and AI security services, or to connect with the team at RMISC, visit www.tevora.com. 

Back to News