Strategic Sponsors

Blackfoot UK is an information risk, security and compliance specialist.  We help our customers to protect their information and data, but ultimately their brands, reputations and financial health.  Whilst our customers come from different industry sectors (retail, insurance, financial services), 80 per cent of our business is from personal referrals.  Why is this?
 We believe it’s because:   
  • We are specialists at what we do 
  • We provide honest, independent advice in plain English
  • We have a no-nonsense approach to consultancy
We are specialists at what we do - We’re experts in our field and we’re committed to keeping it that way.  Whether it’s data security, privacy or the latest on malware, hacking or cybercrime threats, we’ve got the specialists to help guide your business response.
We provide honest, independent advice in plain English - Blackfoot is a private company, which means we’re answerable to our customers and their interests, not external stock or stakeholders.  We’re here to do the best by your business. If you’d like our views on a particular product or solution, we’d be happy to help.  But because we’re independent, we don’t recommend, resell or receive commission on third party solutions. Data security and privacy is not always straight-forward.  Regulations evolve.  Standards overlap.  Cross-border cases are complex.  We’re well-versed with industry changes and can talk techie, but mostly we make things as simple as possible — and no simpler. 
We have a no-nonsense approach to consultancy - With us, what you see is what you get.  Our senior consultants work alongside customers throughout a project.  We help you learn from your mistakes, but as experienced consultants with proven methodologies we also help you learn from other people’s mistakes. 
Time, resource and budget are finite — and we understand this.  Our aim is to help you make the most intelligent use of your limited resources.  We certainly won’t recommend you spend £1,000 to protect £1.  In fact, we typically save our customers 70 per cent on average on their compliance budgets per year. 
This is all part of our no-nonsense approach, how we have earned our customers’ trust and built up long-term relationships over the years.  


Bulletproof’s innovative cyber security services are the best way to stay ahead of the hackers, take control of your infrastructure and protect your critical business data.

Bulletproof’s core belief is driving innovation through our range of cyber security products to deliver true value to the UK market and beyond. For example, we’ve extensively developed our own SIEM platform with integrated threat intelligence and machine learning. And then there’s our certified ASV scanning engines and handy compliance portals.

One of the major factors of our success is our 24/7 UK Security Operations Centre (SOC). This in-house facility is the heart of our cyber operations, being home to both the technical delivery teams as well as a base for our compliance and training operations.

Whatever industry you’re in, we have the cyber security service you need to stay secure, including:

  • PCI DSS compliant hosting
  • PCI DSS consultancy
  • Penetration testing (infrastructure/network, mobile & web app)
  • Social engineering and red team
  • Managed threat protection (SIEM)
  • VA and PCI ASV scans
  • GDPR and DPO services
  • Incident response and digital forensics
  • Virtual Security Manager/vCISO
  • And more

For more information, get in touch with us at contact@bulletproof.co.uk or visit https://www.bulletproof.co.uk

Our gateway offers industry leading, global payment processing services and advanced fraud management solutions - for merchants, industry partners and acquiring banks. We recognise that the digital commerce market represents a key area of growth for our customers. As such, it's a key focus for us at Mastercard. We have aggressively invested in payment gateway assets, by both acquisition and development of proprietary technology, to provide a superior gateway offering that can assist our customers meet their business objectives.
As a global partner to some of the world's most recognisable brands, Mastercard Payment Gateway combines smart thinking and an end-to-end solution to help its customers transcend the complexities and expense associated with payment processing.

For further information, please visit www.mastercard.com/gateway/index.html


Your PCI compliance partners of choice

The Bunker and Arcturus provide an end to end suite of secure services to assist you with your PCI DSS compliance.

Our secure solutions are provided to you from the UK’s most secure data centres and include:

  • PCI complaint cloud and dedicated hosting services
  • Secure colocation complying to points 9 and 12 of the PCI Standard
  • PCI DSS Penetration testing and vulnerability scanning
  • SOC and SIEM services
  • PCI Consultancy
  • Compliance Management

Our secure services come with compliance guaranteed, offering peace of mind and creating a smooth testing and auditing process. We ensure compliance is always front-of-mind, and our bespoke solutions are designed around the industry standards that affect your business. On top of this technical offering, our expert consultants can also provide advice and support to navigate you through any regulatory requirements.

We are accredited to the highest levels and are familiar with even the strictest compliance frameworks. Whether you’re preparing for GDPR or struggle with PCI DSS audits, we make achieving compliance simple.

Our credentials:

  • We are 1 of 4 Managed Service Hosting Providers on the VISA Merchant List
  • Our services cover all 12 requirements of the PCI DSS framework
  • CREST Accredited Penetration Testing Services
  • ISO27001 Accredited data centres
  • Dedicated TOMs needed to meet compliance
  • 10 years + technical experience in PCI DSS compliance
  • GDPR Ready  

Depending upon what you are wanting to achieve, we can simply build and test an environment aligned to PCI DSS or we can handle the full end-to-end process to ensure that you gain your PCI DSS certification.

We’re your security experts, your data centre and your first line of defence.

For further information please contact or visit us on:

The Bunker: www.thebunker.net info@thebunker.net

Arcturus: www.arcturussecurity.com info@arcturussecurity.com

Education Seminar Sponsors

For more information, please visit: www.dataprotectionpeople.com

Eckoh is a global provider of PCI DSS compliant Secure Payment and Customer Engagement solutions via its Eckoh Experience Portal. We also offer Third Party contact centre support and Unified Agent Desktop solutions. We’ve an international client base UK and US offices.

Secure Payment Solutions

Our solutions, which can be hosted in the cloud or deployed on the client’s site, removes sensitive personal and payment data from contact centres and IT environments. This offers merchants a simple and effective way to reduce the risk of fraud, secure sensitive data and become compliant with the Payment Card Industry Data Security Standards (“PCI DSS”) and can help towards GDPR.

Solutions include

  • CallGuard – Agent-Assisted payments
  • EckohPAY – Self-Service automated payments
  • Apple Pay, Google Pay, Paypal, Pay by Bank
  • ChatGuard – web chat payment.

Why Eckoh?

We're experts in our field, transforming contact centre operations by delivering a better customer experience across every channel, boosting agent productivity, reducing operations costs and maximising payment security. With over 20 years’ of award-winning experience in contact centre solutions, our team has seen every leap in technology — and always managed to stay ahead of the curve. Our approach focuses on our clients’ business goals so once we deploy a solution we work with you as a partner, not just a supplier.

Eckoh facts:

  • 2018 & 2017 Winner PCI Excellence Awards
  • World’s first secure payment solution via web chat
  • World’s first secure payment solution for Apple Pay over the telephone
  • Payment Innovation awards for Web Chat Pay and Apple Pay via Phone
  • Level One PCI DSS Service Provider since 2010
  • Patents for CallGuard in the UK and USA
  • We process over £1.5 billion in card payments annually

Ground Labs is a global leader in sensitive data discovery through the development of our security and auditing software. 

Our software is used to perform cardholder and sensitive personal data discovery on computer systems worldwide, helping companies prevent security breaches that result in the theft of customers’ personal information, credit and debit card numbers.

Ground Labs software is being used by more than 2,500 organisations across 80 countries to find unsecured sensitive data on their systems; securing their data with our products helps them comply with important global information security standards such as the Payment Card Industry Data Security Standard (PCI DSS) and the General Data Protection Regulation (GDPR).

At Ground Labs, we are committed to continually maintaining high levels of customer satisfaction, we provide solution oriented technical support across multiple time zones.

For a free trial visit www.groundlabs.com

Our software products include:

Enterprise Recon
Enterprise Recon is the complete solution for the identification, remediation and monitoring of sensitive personal data across your entire network. We find more data types and support more platforms than anyone else. Using in-built scheduling and real-time alert features, keeping your data secure will become just another one of your company’s Business-As-Usual practices.

Search all the major locations personal data might be stored including, databases, documents, emails, deleted files, memory, disks, shadow files, cloud storage, servers and more.
Find over 200 personal identifiable data types including 110 relevant to The General Data Protection Regulation (GDPR). The software identifies stored bank account numbers, SWIFT Codes, IBAN. Over 50 types of National ID supported across 28 EU countries.
Support 7 different platforms - Windows, Mac, Linux, Solaris, FreeBSD, HPUX, and IBM AIX. In addition to this, we also support EBCDIC mainframe storage formats.
Remediate We help you take action to secure the information found. Our remediation process includes permanently deleting the data so it's unrecoverable, safely relocating the information to a secure location of your choice or modifying the data so that anything sensitive is removed without impacting the surrounding data.

Monitor through powerful reporting, quickly see where the sensitive data is stored and what departments or teams have access to it.

Card Recon

Card Recon is the leading cardholder data discovery tool for PCI compliance. Card Recon will accurately search servers, workstations, file shares, email, databases, cloud storage and many more locations for cardholder data storage using a simple and easy to use interface.

Once a search is complete the solution provides powerful data classification and PCI remediation actions` to eliminate any non-compliant storage found.

Used and recommended by over 300 PCI QSAs globally, Card Recon offers an affordable and fast way to reduce PCI compliance risk whilst avoiding the likelihood of a cardholder data breach.

PCI Pal is a suite of solutions designed to help run your customer contact operations in adherence with the Payment Card Industry Data Security Standard (PCI DSS).  PCI Pal solutions have been developed for the contact centre market by a team of contact centre specialists.  When it comes to PCI compliance, PCI Pal are pioneers in the customer contact space.
We have a long history of agent assisted and fully automated contact centre payment solutions.  From our own experience we know how difficult and costly adhering to PCI compliance can be.  Our aim is to make it as easy as possible for you to become compliant for all of your payment needs.
PCI compliance for any contact centre is a challenge, whether you have 20 staff or 2,000.  We have developed a pragmatic approach to compliance which marries risk reduction with operational efficiency.  As contact centre people, we believe strongly that the operational running of the contact centre must, above all else, be the priority.  PCI compliance should be achieved to benefit operations using a risk reduction and cost model quantifiable to payments, which are ultimately what PCI compliance is there to protect.
We are able to integrate our truly cloud based offerings through a variety of methods making the transition to compliant payments simple and low risk.  We cover a broad range of PCI environments with solutions across agent-assisted payments, automated payments, live agent outsourcing, call recording, and legacy data cleansing and protection.


Website: www.pcipal.com Call: +44 207 030 3770 (UK) +1 866 645 2903 (US)

App: https://www.pcipal.com/en/solutions/agent-assist/

SureCloud is a provider of cloud-based, integrated Risk Management products and Cybersecurity services, which reinvent the way you manage risk. 

SureCloud connects the dots with integrated Risk Management solutions enabling you to make better decisions and achieve your desired business outcomes. SureCloud is underpinned by a highly configurable technology platform, which is simple, intuitive and flexible. Unlike other GRC Platform providers, SureCloud is adaptable enough to fit your current business processes without forcing you to make concessions during implementation; meaning you get immediate and sustained value from the outset.   

SureCloud also offers a wide range of Cybersecurity testing and assurance services, where we stay with you throughout the entire test life-cycle from scoping through to vulnerability discovery and remediation. Certified by the National Cyber Security Centre (NCSC) & CREST and delivered using the innovative Pentest-as-a-Service (underpinned by a highly configurable technology platform), SureCloud acts as an extension of your in-house security team and ensures you have everything you need to improve your risk posture. 


De-scope your contact centres from PCI DSS whilst enhancing customer/agent experience & GDPR compliance
CardEasy is Syntec's patented, award-winning DTMF masking solution for customer 'keypad payment by phone' and de-scoping your contact centre environment from PCI DSS controls, whilst ensuring your MOTO card payments and call recordings are PCI DSS compliant.
CardEasy is trusted by consumers, as it removes the need for them to read out their card numbers over the phone.  By asking them to enter their card numbers using the keypad of their own phone instead (Mid-call in conversation with the agent or via self-service IVR Autopay), PCI monitoring and audit requirements for the contact centre are reduced to the bare minimum.  The sensitive card numbers no longer enter your call centre environment or call recordings at all, cutting out compliance costs and hassle whilst improving customer service and trust. The agent/customer experience is not interrupted as the agent remains on the call throughout – no handoff to an awkward IVR system – and the system reduces average call times and reduces the mis-keying of card data too.

CardEasy was the winner of the PCI Excellence Award for the second time in January 2018 and won the Genesys 'Best Security Solution' award at Call & Contact Centre Expo in London in March 2018.   

Flexible CardEasy deployment 
CardEasy is supported by (and integrated with) the leading industry payment gateways and is designed to be universally quick and easy to implement.
Working either as a fully hosted managed service; partially premise-based (CPE); or entirely cloud-based for larger enterprises and international use, it is designed to be CRM and telephony agnostic – you can rely on our in-house advice and expertise, but CardEasy works with your existing telephony and back-office systems, there’s no requirement to use ours.  
Syntec – Integrated Contact Centre systems
Established as Syntec Telecom in 1998, Syntec is a PCI DSS level 1 Visa and Mastercard-listed service provider and a participating organization of the global PCI Security Standards council.
Syntec Limited. www.syntec.co.uk   t. 020 7741 2000   e. info@syntec.co.uk  
CardEasy videos and case studies:  http://www.syntec.co.uk/pci-dss-solutions/cardeasy/

TokenEx is a company founded on the principle of safeguarding our clients and their partners against the inherent risk of storing and sharing sensitive information. Focused on flexibility and custom solutions, the TokenEx Data Security Platform enables our clients to tokenise any data set across a range of environments and applications. Utilizing over twenty different token schemes, TokenEx secures the PCI and personal data of our clients to reduce their risk and meet their PCI DSS and General Data Protection Regulation (GDPR) compliance obligations, while still enabling their business processes.

Multi-channel Acceptance
Almost every organisation that sells products and services accepts payments through multiple acceptance channels—e-commerce sites, point-of-sale terminals, contact centers, and mobile apps. TokenEx has solutions to tokenise payment data for each of these acceptance channels, dramatically lowering your scope for PCI compliance and risk of sensitive data loss. 

Processor Agnostic
Utilizing TokenEx’s Transparent Gateway solution, you are free to maintain relationships with as many payment processors and gateways as you wish, while maintaining a single unified vault of payment card tokens. TokenEx enables you to exchange data with any third-party API without putting your internal systems in scope for PCI compliance.

Any Data Set
TokenEx can tokenise and secure any data set including PCI, ACH, and personal data. Most tokenisation solutions from payment processors or other tokenisation service providers only address payment information leaving you exposed to the risk associated with other data sets. TokenEx can secure all sensitive data, enabling you to address all of your compliance obligations and data security risk utilising a single platform.

Utilizing Tokenisation for Pseudonymisation
The GDPR is now in effect, with strong requirements to protect personal data  “by design and by default.“ Though the GDPR doesn’t contain detailed technical requirements for data security, it does call out the use of pseudonymisation as an appropriate mechanism for data protection. Pseudonymisation, replacing identifying or sensitive data with a pseudonym, is synonymous with tokenisation, replacing sensitive data with a token, a technology utilized by the Payment Card Industry for years to protect PCI.  

Learn more about how TokenEx can help your organisation reduce PCI scope and meet your data security obligations under the GDPR at https://tokenex.com. Follow us on Twitter and LinkedIn. Ph. +1.877.316.4544

Networking Sponsors

At HelpSystems we develop intuitive, easy-to-use software solutions for cybersecurity, IT management and monitoring business intelligence, and document management. Our software simplifies everyday operations to help you save time and cut costs. Our consultants offer professional services to guide you to successful project outcomes.

Our cybersecurity solutions protect business-critical data with automated security solutions that help you stay ahead of today’s ever-changing threats. Key areas include:
  • Secure Managed File Transfer
  • Encryption
  • Virus Protection
  • Security & Integrity Monitoring
  • Security Policy Management
  • Vulnerability Assessment 

Visit us at the HelpSystems stand to find out how our cybersecurity solutions can solve your business problems and make your life easier. 

Netwrix Corporation focuses exclusively on providing complete visibility for data security and risk mitigation in hybrid IT environments. This sharp focus enables us to offer much more robust functionality than legacy change auditing tools. Over 10,000 customers worldwide have already chosen Netwrix Auditor over change auditing software.

Eliminate costly PCI programs with Cardprotect from Semafone, a proven secure voice solution which enables contact centres to take payments over the phone without agents ever having to hear or see credit card details.
The award winning software allows a call - and the call recording - to continue as normal whilst the customer enters their credit card information into their telephone keypad. For complete security, Semafone's patented technology masks the Dual Tone Multi-Frequency (DTMF) tones from the cardholder's telephone and replaces them with a flat tone so they can't be recognised by the call centre agent or recorded on the call recording system. By shielding callers' payment card information and keeping sensitive data out of the call centre's infrastructure, Cardprotect helps to minimize the risks associated with potentially brand-damaging data breaches and fraud.
Semafone has achieved the four leading security and payment accreditations: ISO 27001:2013, PA DSS certification for its Cardprotect software, PCI DSS Level 1 Service Provider and is a Visa Level 1 Merchant Agent.
Follow us on Twitter @Semafone, google+, LinkedIn or www.semafone.com

Silver Lining is a professional IT and telecoms provider offering the very best in business IT, telecommunications, data and mobile solutions. Whether it’s business broadband, telephone systems, IT infrastructure, mobiles, or just a memorable phone number – we’re here to help.
After years of listening to customers’ communication challenges and having worked for a variety of tier-one industry partners, the founding team here at Silver Lining realised that shopping around for suppliers is a hassle. UK businesses would rather source their IT and telecommunication solutions through a single vendor that tracks down the best deals so they don’t have to. Fortunately, that’s exactly what we do. We call it “convergence”!
We’ve assembled a team of experts from across the entire communications spectrum, from handsets to hosting and everything in between. We provide show-stopping solutions through our team of Splicecom, Avaya, Cisco, Microsoft, HP, VMware, Citrix, and mobile app specialists. Our combined knowledge, innovation and expertise have led to contracts with household names.
Recently, we have been recognised for our achievement in the PCI compliance field with a prestigious Innovation of the Year award. We have worked to build a DTMF masking solution to de-scope the contact centre and bring complete security to telephone card payment services. The launch of our fourth-generation cloud platform RevolutionCloud has granted us the opportunity to build a PCI compliance solution based entirely within the cloud.
We understand every business is different ­ one size definitely doesn’t fit all. That’s why we’ll work with you to understand exactly what you need, then build and implement the solution that’s right for your business. Our unified communications services can offer you improved efficiency, reduced running costs and the flexibility to easily upgrade as your business grows. There’s no off-the-shelf solutions here ­ we think outside the box!

As the first cloud contact centre services provider in Europe, and a supplier of PCI DSS level 1 certified cloud and scope reducing on-site PCI solutions, Ultracomms has been providing inbound, outbound and blended services for over a decade.  Our unique approach to development and support based on collaboration ensures the solutions we provide are tailored to fit individual client needs and are able to flex and adapt as requirements and technology demands change.

With customer-led feature development and proactive campaign monitoring and support we are able to help clients achieve maximum productivity while delivering best-in-class service to their end customers - enabling them to remain at the forefront of the rapidly evolving contact centre market.

Our open standards development philosophy ensures our cloud and on premise solutions are simple to integrate with any telephony infrastructure, software or CRM system, and our leading technology partners enable us to deliver advanced Omni-channel features to provide a complete contact centre solution.

  • Contact centre technology to improve performance
  • PCI DSS level 1 certified cloud and on-site solutions
  • Resilient, flexible and scalable to suit your ongoing needs
  • Simple integration with your existing infrastructure and any software or CRM system
  • Advanced speech analytics to enhance your customer experience
  • Data management and reporting made simple
  • Proactive campaign monitoring and support
  • In-house R&D delivering customer-led features and solutions