Strategic Sponsors

Blackfoot UK is an information risk, security and compliance specialist.  We help our customers to protect their information and data, but ultimately their brands, reputations and financial health.  Whilst our customers come from different industry sectors (retail, insurance, financial services), 80 per cent of our business is from personal referrals.  Why is this?
 We believe it’s because:   
  • We are specialists at what we do 
  • We provide honest, independent advice in plain English
  • We have a no-nonsense approach to consultancy
We are specialists at what we do - We’re experts in our field and we’re committed to keeping it that way.  Whether it’s data security, privacy or the latest on malware, hacking or cybercrime threats, we’ve got the specialists to help guide your business response.
We provide honest, independent advice in plain English - Blackfoot is a private company, which means we’re answerable to our customers and their interests, not external stock or stakeholders.  We’re here to do the best by your business. If you’d like our views on a particular product or solution, we’d be happy to help.  But because we’re independent, we don’t recommend, resell or receive commission on third party solutions. Data security and privacy is not always straight-forward.  Regulations evolve.  Standards overlap.  Cross-border cases are complex.  We’re well-versed with industry changes and can talk techie, but mostly we make things as simple as possible — and no simpler. 
We have a no-nonsense approach to consultancy - With us, what you see is what you get.  Our senior consultants work alongside customers throughout a project.  We help you learn from your mistakes, but as experienced consultants with proven methodologies we also help you learn from other people’s mistakes. 
Time, resource and budget are finite — and we understand this.  Our aim is to help you make the most intelligent use of your limited resources.  We certainly won’t recommend you spend £1,000 to protect £1.  In fact, we typically save our customers 70 per cent on average on their compliance budgets per year. 
This is all part of our no-nonsense approach, how we have earned our customers’ trust and built up long-term relationships over the years.  

For more information, please visit: https://www.bulletproof.co.uk/


Our gateway offers industry leading, global payment processing services and advanced fraud management solutions - for merchants, industry partners and acquiring banks. We recognise that the digital commerce market represents a key area of growth for our customers. As such, it's a key focus for us at Mastercard. We have aggressively invested in payment gateway assets, by both acquisition and development of proprietary technology, to provide a superior gateway offering that can assist our customers meet their business objectives.
As a global partner to some of the world's most recognisable brands, Mastercard Payment Gateway combines smart thinking and an end-to-end solution to help its customers transcend the complexities and expense associated with payment processing.

For further information, please visit www.mastercard.com/gateway/index.html

Education Seminar Sponsors

Take a Shorter Route
Eckoh’s solutions reduce the time and effort required to attain PCI DSS compliance by making your contact centre eligible for a shorter Self-Assessment Questionnaire.   

Remove Your Contact Centre from PCI DSS Scope
CallGuard is simply the most flexible option available for a secure and PCI DSS compliant call centre. It can even remove your entire contact centre environment from audit scope.

Here's why…
  • It works with any call recording and phone system regardless of IT systems or payment processing engine.
  • A 'plug and play' option gets you up and running quickly.
  • A fully hosted option means you can outsource PCI compliance to us.
  • Customers are never put on hold or transferred to an IVR, optimising service quality.
  • It’s truly universal with no integration requirements.
  • A hosted service offers a rich payment processing support functionality rather than just tone suppression.
Stop Card Data from Entering Your Organisation Entirely;
CallGuard is the best way to make sensitive cardholder data safe. By using tokenisation methodology card data is isolated when received through the phone or web, so it puts a shield around your environment. This prevents card data from getting in. With no integration issues it’s financially viable for multi-site contact centres or business process outsourcers, and helps avoid fraud or security breaches.

About Us;
Eckoh is a global provider of secure payment products and customer service solutions, with offices in UK, USA and Australia, and clients worldwide. Our payment solutions remove customer card data from contact centres and IT environments, reducing the risk of fraud and security breaches while enabling Payment Card Industry Data Security Standards (PCI DSS) compliance. We’ve been a PCI DSS Level One accredited Service Provider since 2010 and we currently process more than £1 billion in card payments annually. Contact us on 08000 630 730, tellmemore@eckoh.com, www.eckoh.com

Ground Labs is a global leader in sensitive data discovery through the development of our security and auditing software. 

Our software is used to perform cardholder and sensitive personal data discovery on computer systems worldwide, helping companies prevent security breaches that result in the theft of customers’ personal information, credit and debit card numbers.

Ground Labs software is being used by more than 2,500 organisations across 80 countries to find unsecured sensitive data on their systems; securing their data with our products helps them comply with important global information security standards such as the Payment Card Industry Data Security Standard (PCI DSS) and the General Data Protection Regulation (GDPR).

At Ground Labs, we are committed to continually maintaining high levels of customer satisfaction, we provide solution oriented technical support across multiple time zones.

For a free trial visit www.groundlabs.com

Our software products include:

Enterprise Recon
Enterprise Recon is the complete solution for the identification, remediation and monitoring of sensitive personal data across your entire network. We find more data types and support more platforms than anyone else. Using in-built scheduling and real-time alert features, keeping your data secure will become just another one of your company’s Business-As-Usual practices.

Search all the major locations personal data might be stored including, databases, documents, emails, deleted files, memory, disks, shadow files, cloud storage, servers and more.
Find over 200 personal identifiable data types including 110 relevant to The General Data Protection Regulation (GDPR). The software identifies stored bank account numbers, SWIFT Codes, IBAN. Over 50 types of National ID supported across 28 EU countries.
Support 7 different platforms - Windows, Mac, Linux, Solaris, FreeBSD, HPUX, and IBM AIX. In addition to this, we also support EBCDIC mainframe storage formats.
Remediate We help you take action to secure the information found. Our remediation process includes permanently deleting the data so it's unrecoverable, safely relocating the information to a secure location of your choice or modifying the data so that anything sensitive is removed without impacting the surrounding data.

Monitor through powerful reporting, quickly see where the sensitive data is stored and what departments or teams have access to it.

Card Recon

Card Recon is the leading cardholder data discovery tool for PCI compliance. Card Recon will accurately search servers, workstations, file shares, email, databases, cloud storage and many more locations for cardholder data storage using a simple and easy to use interface.

Once a search is complete the solution provides powerful data classification and PCI remediation actions` to eliminate any non-compliant storage found.

Used and recommended by over 300 PCI QSAs globally, Card Recon offers an affordable and fast way to reduce PCI compliance risk whilst avoiding the likelihood of a cardholder data breach.

PCI Pal is a suite of solutions designed to help run your customer contact operations in adherence with the Payment Card Industry Data Security Standard (PCI DSS).  PCI Pal solutions have been developed for the contact centre market by a team of contact centre specialists.  When it comes to PCI compliance, PCI Pal are pioneers in the customer contact space.
We have a long history of agent assisted and fully automated contact centre payment solutions.  From our own experience we know how difficult and costly adhering to PCI compliance can be.  Our aim is to make it as easy as possible for you to become compliant for all of your payment needs.
PCI compliance for any contact centre is a challenge, whether you have 20 staff or 2,000.  We have developed a pragmatic approach to compliance which marries risk reduction with operational efficiency.  As contact centre people, we believe strongly that the operational running of the contact centre must, above all else, be the priority.  PCI compliance should be achieved to benefit operations using a risk reduction and cost model quantifiable to payments, which are ultimately what PCI compliance is there to protect.
We are able to integrate our truly cloud based offerings through a variety of methods making the transition to compliant payments simple and low risk.  We cover a broad range of PCI environments with solutions across agent-assisted payments, automated payments, live agent outsourcing, call recording, and legacy data cleansing and protection.

SureCloud provides Governance, Risk & Compliance (GRC) Applications and Cybersecurity Services that give our customers certainty – of risk management/compliance, of cybersecurity, of having answers today and tomorrow.
From GDPR Compliance  to Cybersecurity Solutions - we exist to help CISOs, CIOs, risk and compliance leaders, legal teams and others answer critical questions:
  • Are we managing risk or is risk managing us?
  • Are we compliant?
  • Is our information technology secure?
  • Are we certain . . . today, tomorrow?
Our goal is that when the board, senior management, regulators and auditors ask these questions, our customers not only have readily available answers but “certainty of knowing.” That’s why our promise to our customers is “Always Be Certain.”  
Our strength emanates from the innovative Cloud-accessible SureCloud Platform, which is easy to install, easy to learn and easy to use, and comes with budget friendly pricing that dramatically reduces total cost of ownership. The SureCloud Platform simplifies complexity by creating a single source of truth. 
Established in 2006, SureCloud has more than 400 customers throughout the UK and US from the Retail, Financial Services, Government and other sectors. Always Be Certain” is our Brand Promise. For more information visit www.surecloud.com

De-scope your contact centres from PCI DSS whilst enhancing the customer/agent experience & GDPR compliance
CardEasy is Syntec's patented, award-winning DTMF solution for customer 'keypad payment by phone' and de-scopes your contact centre environment from PCI DSS controls, whilst ensuring your MOTO card payments and call recordings are PCI DSS compliant.
CardEasy is trusted by consumers, as it removes the need for them to read out their card numbers over the phone.  By asking them to enter their card numbers using the keypad of their own phone instead (Mid-call in conversation with the agent or via self-service IVR Autopay), PCI monitoring and audit requirements for the contact centre are reduced to the bare minimum.  The sensitive card numbers no longer enter your call centre environment or call recordings at all, cutting out compliance costs and hassle whilst improving customer service and trust. The agent/customer experience is not interrupted as the agent remains on the call throughout – no handoff to an awkward IVR system – and the system reduces average call times and reduces the mis-keying of card data too.

CardEasy was the winner of the PCI Excellence Award for the second time in January 2018 and won the Genesys 'Best Security Solution' award at Call & Contact Centre Expo in London in March 2018.   

Flexible CardEasy deployment 
CardEasy is supported by (and integrated with) the leading industry payment gateways and is designed to be universally quick and easy to implement.
Working either as a fully hosted managed service; partially premise-based (CPE); or entirely cloud-based for larger enterprises and international use, it is designed to be CRM and telephony agnostic – you can rely on our in-house advice and expertise, but CardEasy works with your existing telephony and back-office systems, there’s no requirement to use ours.  
Syntec – Integrated Contact Centre systems
Established as Syntec Telecom in 1998, Syntec is a PCI DSS level 1 Visa and Mastercard-listed service provider and a participating organization of the global PCI Security Standards council.
Syntec Limited. www.syntec.co.uk   t. 020 7741 2000   e. info@syntec.co.uk  
CardEasy video/demo:  http://www.syntec.co.uk/pci-dss-solutions/cardeasy/

TokenEx is a company founded on the principle of safeguarding our clients and their partners against the inherent risk of storing and sharing sensitive information. Focused on flexibility and custom solutions, the TokenEx Data Security Platform enables our clients to tokenise any data set across a range of environments and applications. Utilizing over twenty different token schemes, TokenEx secures the PCI and personal data of our clients to reduce their risk and meet their PCI DSS and General Data Protection Regulation (GDPR) compliance obligations, while still enabling their business processes.

Multi-channel Acceptance
Almost every organisation that sells products and services accepts payments through multiple acceptance channels—e-commerce sites, point-of-sale terminals, contact centers, and mobile apps. TokenEx has solutions to tokenise payment data for each of these acceptance channels, dramatically lowering your scope for PCI compliance and risk of sensitive data loss. 

Processor Agnostic
Utilizing TokenEx’s Transparent Gateway solution, you are free to maintain relationships with as many payment processors and gateways as you wish, while maintaining a single unified vault of payment card tokens. TokenEx enables you to exchange data with any third-party API without putting your internal systems in scope for PCI compliance.

Any Data Set
TokenEx can tokenise and secure any data set including PCI, ACH, and personal data. Most tokenisation solutions from payment processors or other tokenisation service providers only address payment information leaving you exposed to the risk associated with other data sets. TokenEx can secure all sensitive data, enabling you to address all of your compliance obligations and data security risk utilising a single platform.

Utilizing Tokenisation for Pseudonymisation
The GDPR is now in effect, with strong requirements to protect personal data  “by design and by default.“ Though the GDPR doesn’t contain detailed technical requirements for data security, it does call out the use of pseudonymisation as an appropriate mechanism for data protection. Pseudonymisation, replacing identifying or sensitive data with a pseudonym, is synonymous with tokenisation, replacing sensitive data with a token, a technology utilized by the Payment Card Industry for years to protect PCI.  

Learn more about how TokenEx can help your organisation reduce PCI scope and meet your data security obligations under the GDPR at https://tokenex.com. Follow us on Twitter and LinkedIn. Ph. +1.877.316.4544

Networking Sponsors

For more information, please visit: www.netwrix.com