About us

PCI Consulting Australia is an accredited Qualified Security Assessor (QSA) firm

QSAs are the only third-party entities who can officially sign your PCI DSS certification. We service the entire Asia-Pacific region

Verify our accreditation

Meet the QSA team

PCI Consulting Australia is a Melbourne, Sydney and Brisbane based specialist firm dedicated to assisting businesses adhere to the Payment Card Industry Data Security Standard (PCI DSS) requirements.

Our experienced team provide pragmatic, common sense consulting solutions to fit budget, operational and compliance requirements of the Payment Card Industry.

Along with our core team, we are also highly scalable with extra resources available on a project by project basis

Brent Loughton potrait

Brent Loughton

Brent has been working in the Payment Card industry across an international context since 2008. He has provided support and guidance to Merchants and Service Providers across all levels and almost all industry sectors. He is the Managing Director of PCI Consulting Australia.

Bruce Taylor potrait

Bruce Taylor

Bruce has a strong background in IT systems development, management in commercial enterprises, and IT consulting. Bruce’s skills include the Payment Card Industry, Technical and IT Security Compliance Management, Strategic Consulting, Program and Project Management and ERP (both SAP and PeopleSoft). His career is one of sustained success both as an IT Consultant (KPMG Partner - National SAP Practice Leader) as well as in the top tier of Australian business management.

Lukas Studniarz potrait

Lukasz Studniarz

Lukasz leads our internationally based testing team, and is a certified Penetration Tester himself with extensive domestic and international experience. From an early age fascinated by computers and their capabilities. Lukasz has performed testing to-date on more than 30,000 host systems and in excess of 1000 web applications. Having broad range of skills ranging from application penetration testing, infrastructure penetration testing, vulnerability assessments, social engineering and wireless scanning as well as in depth technical knowledge of networks and their components.

Richard Harris potrait

Richard Harris

Richard has over twenty-five years’ experience in consulting and financial services. His roles include CISO of a global investment banking group. He is a passionate and respected security leader with a proven track record in developing security capabilities and protecting organisations. Richard has been a QSA since March 2011 and is a CA, CISA, CISM and ISO 27001 Lead Auditor.

Daniel Friske potrait

Daniel Friske

Daniel has been working exclusively within the PCI DSS since 2013. Daniel provides pragmatism and strong technical skills with an eye for detail, also acting as our Quality Manager. He is our lead tester of POS systems.

Tish McMahon potrait

Tish McMahon

Tish has over 25 years of experience in project management and analysis in IT and Business projects in large scale, complex environments. Tish has consulted in IT systems development for government and private sector clients and her experience includes banking, insurance, utilities and telecommunications.

David Cahill

David has 13 years’ information security experience and is both a QSA and ISO27001 Lead Auditor. He possesses significant experience in diverse environments, particularly top tier financial institutions, state and local government and medium to large companies.

Our history


Gained official QSA accreditation and opened Melbourne office


Commenced penetration testing services


Opened Sydney office


Added formal PCI DSS quarterly reviews to service offering


Expanded skillset to include ISO27001 reviews


Gained accreditation to perform assessments in all of Asia-Pacific


Opened its Brisbane office