Founded in 2003, as a team of industry experts and thought leaders, Nettitude aspires to lead the way in cybersecurity and technical assurance. Whilst many cybersecurity measures are reactive to emerging threats, we believe in proactively working with our clients to put in place preventative measures that reduce your business’s vulnerabilities.
We offer a different approach to cybersecurity by not only providing managed services to defend against and tackle cyber threats, but also by empowering our clients to implement cultural change, which assures the long-term effectiveness of their cybersecurity strategy. Ultimately, we understand that as a business, not only do you need to protect your financial assets and important data, but also your time. That’s why we’re here to focus on your company’s cybersecurity whilst you get down to business.
How can we help?
We are proud to be one of a handful of companies worldwide that are certified by CREST across all of their key disciplines. Our team of consultants have achieved the highest accreditations for Penetration Testing, Red Teaming, Incident Response services and Threat Intelligence. In addition, Nettitude is certified by a range of other bodies for our work within highly regulated industries including the financial and payment card sector’s and are approved as PCI 3DS, PCI ASV, PA QSA and ISO 27001 lead auditors.
What do we offer?
Nettitude provides a range of award-winning cybersecurity services from Penetration Testing to Security Risk and Consulting, Compliance Management, Incident Response, Training, Managed Security Services and Vulnerability Research. With every engagement, we aim to provide tailored and pragmatic consultancy services that are designed to meet our clients’ unique operating environments. For more information on the services we offer, please visit our website.
OneTrust is the #1 most widely used privacy, security and third-party risk technology platform trusted by more than 4,000 companies to comply with the CCPA, GDPR, ISO27001 and hundreds of the world’s privacy and security laws. OneTrust’s primary offerings include OneTrust Privacy Management Software, OneTrust PreferenceChoice™ consent and preference management software, OneTrust Vendorpedia™ third-party risk management software and vendor risk exchange and OneTrust GRC integrated risk management software.
OneTrust products can be used standalone – or seamlessly integrate together – to give you the right-sized technology for your privacy, security and third-party risk programs. Powered by an intelligence database of hundreds of laws, OneTrust adapts to the jurisdictions and frameworks that matter most to you, generating the right dashboards, visuals and record keeping reports you need.
According to The Forrester New Wave™: GDPR and Privacy Management Software, Q4 2018, OneTrust "leads the pack for vision and execution." OneTrust is also one of Fast Company's 2019 World’s Most Innovative Companies, the #1 fastest-growing company in Atlanta and is led by our CEO Kabir Barday, a 2019 EY Entrepreneur of the Year in the Southeast.
OneTrust is co-headquartered in Atlanta and in London, and has additional offices in Bangalore, San Francisco, Melbourne, New York, Munich, Hong Kong and Bangkok. Our fast-growing team of privacy, security and third-party risk technology experts surpasses 1,000 employees worldwide.
Backed and co-chaired by the founders of Manhattan Associates (NASDAQ: MANH) and AirWatch ($1.54B acq. by VMware), and supported by a $200 million Series A funding from Insight Partners, the OneTrust leadership team has significant experience building scalable, enterprise software platforms. OneTrust is also guided by an external advisory board of renowned privacy experts and an in-house global privacy and legal research team.
Tanium offers a proven platform for endpoint visibility and control that transforms how organizations manage and secure their computing devices with unparalleled speed and agility. Many of the world’s largest and most sophisticated organizations, including more than half of the Fortune 100, top retailers and financial institutions, and four branches of the US Armed Forces rely on Tanium to make confident decisions, operate efficiently and effectively, and remain resilient against disruption. Tanium ranks 7th on the Forbes list of “Top 100 Private Companies in Cloud Computing” for 2019 and 10th on FORTUNE’s list of the “100 Best Medium Workplaces.” Visit us at www.tanium.com and follow us on LinkedIn and Twitter.
Education Seminar Sponsors
De-scope your contact centres from PCI DSS whilst improving customer experience
Syntec's patented CardEasy system is a one-stop compliance solution for your contact centres. The DTMF masking technology de-scopes this environment from PCI DSS controls, whilst ensuring customers’ card payments and your call recordings are compliant.
CardEasy removes the need for your customers to read out their card numbers over the phone, eliminating payment card data from your contact centres. Asking them to enter the numbers using the keypad of their own phone instead, either mid-call with the agent or via customer self-service IVR, reduces PCI monitoring and audits to the bare minimum. The sensitive data is no longer available to your agents, your systems or call recordings, so compliance costs and hassle are reduced whilst customer service and trust are improved.
The agent remains on the call throughout – no handoff to an awkward IVR system – and average call times are also reduced.
CardEasy SecureLinks also provide a PCI DSS-compliant payment solution for web chat, email, SMS and chatbots
CardEasy is a managed service, integrated with the leading industry payment gateways and telephony systems and thus easy to implement. You can rely on our in-house telecoms expertise and consultancy advice, without any need to change your existing infrastructure.
CardEasy won the PCI Excellence Award for the fourth time in January 2020 and also the Genesys 'Best Security Solution' award at Call & Contact Centre Expo in London.
Originally established as Syntec Telecom in 1998, Syntec is a PCI DSS level 1 Visa merchant service provider and a participating organization of the global PCI Security Standards council.
Syntec Limited. www.syntec.co.uk t. 020 7741 2000 e. email@example.com
CardEasy videos and case studies: http://www.syntec.co.uk/pci-dss-solutions/cardeasy/
Data Security People (DSP) are a UK-based information assurance, cyber security and PCI QSA consultancy, with clients ranging from large football clubs and FTSE100 companies, through to organisations that operate critical infrastructure. We have completed security engagements throughout Europe and have vast experience within large enterprise compliance programmes.
By building on our experience and listening to the day-to-day challenges of our clients, we aim to deliver world- class security services that enable organisations to build a compliance programme that protects market value and provides an edge on their competition.
Our QSA Practice is engaged by retail brands, payment service providers, and multinational organisations (including commercial and domestic energy), to provide experienced Quality Security Assessors that understand complex technical environments. Our QSA team has a thorough technical grounding, and vast operational experience with modern technologies, including complicated virtualised environments.
In addition to their vast and varied experience, our security team hold qualifications such as NCSC Certified Information Assurance Auditor, PCI Qualified Security Assessor, ISACA Certified Information Systems Auditor and Certified Information Security Manager, Certified Information Systems Security Professional, and ISO 27001 Lead Auditor and Implementer.
DSP offer the following security services:-
- PCI DSS Compliance – scope identification, gap analysis, remediation, and formal QSA services
- ISO 27001 Services – gap analysis, implementation support, and audit services
- NIS Regulations Compliance – expert advice on the NIS Cyber Assessment Framework
- Threat Assessment – cyber and physical threat modelling, provided by CESG Certified Professionals
- Incident Response – on-site security incident and regulator audit support
- Penetration Testing – internal and external penetration testing, from CREST
Eckoh is a global provider of PCI DSS compliant Secure Payment and Customer Engagement solutions via its Eckoh Experience Portal. We also offer Third Party contact centre support and Unified Agent Desktop solutions. We’ve an international client base UK and US offices.
Secure Payment Solutions
Our solutions, which can be hosted in the cloud or deployed on the client’s site, removes sensitive personal and payment data from contact centres and IT environments. This offers merchants a simple and effective way to reduce the risk of fraud, secure sensitive data and become compliant with the Payment Card Industry Data Security Standards (“PCI DSS”) and can help towards GDPR.
- CallGuard – Agent-Assisted payments
- EckohPAY – Self-Service automated payments
- Apple Pay, Google Pay, Paypal, Pay by Bank
- ChatGuard – web chat payment.
We're experts in our field, transforming contact centre operations by delivering a better customer experience across every channel, boosting agent productivity, reducing operations costs and maximising payment security. With over 20 years’ of award-winning experience in contact centre solutions, our team has seen every leap in technology — and always managed to stay ahead of the curve. Our approach focuses on our clients’ business goals so once we deploy a solution we work with you as a partner, not just a supplier.
- 2019, 2018 & 2017 Winner PCI Excellence Awards
- World’s first secure payment solution via web chat
- World’s first secure payment solution for Apple Pay over the telephone
- Payment Innovation awards for Web Chat Pay and Apple Pay via Phone
- Level One PCI DSS Service Provider since 2010
- Patents for CallGuard in the UK and USA
- We process over £2 billion in card payments annually
Illumio enables organizations to realize a future without high-profile breaches by providing visibility, segmentation, and control of all network communications across any data center or cloud. Founded in 2013, the world’s largest enterprises, including Morgan Stanley, BNP Paribas, Salesforce, and Oracle NetSuite trust Illumio to reduce cyber risk. For more information, visit www.illumio.com/what-we-do and:
- Engage with us on Twitter
- Follow us on LinkedIn
- Like us on Facebook
- Read our blog
- Subscribe to our YouTube Channel
PCI Pal’s mission is to safeguard reputations and build trust.
We do this by providing our channel partners with secure payment solutions for contact centres and businesses taking Cardholder Not Present (CNP) payments. Our globally accessible cloud platform empowers organisations to take payments securely without bringing their environments into scope of PCI DSS and other relevant security rules and regulations.
With the entire product portfolio served from the cloud, integrations with existing telephony, payment, and desktop environments are flexible and proven, ensuring no degradation of service while achieving security and compliance.
With extensive operations and technical experience of the contact centre sector, we’re uniquely qualified to deliver operationally efficient cloud-based security solutions to organisations operating on a global scale.
PCI Pal has offices in London, Ipswich (UK) and Charlotte N.C (USA).
A global leader in enterprise data protection, PKWARE provides solutions for more than 35,000 customers around the world.
Having introduced the ZIP file (the world’s most widely used data compression standard) thirty years ago, PKWARE continues to innovate, helping organizations meet ever-evolving challenges in data protection and file management. PKWARE provides complete data-centric security solutions on more operating systems than any other company.
Learn more at http://www.pkware.com
SecureTrust™, a division of Trustwave, is focused on helping businesses achieve, exceed and maintain regulatory obligations as threats to data and privacy continue to evolve. We deliver world-class consulting, compliance and risk assessment services and solutions for the enterprise market as well as tailored merchant risk management programmes. Since 1995, Trustwave has pioneered innovation and built a reputation as a leader in the payment card industry. This innovation has extended to several regulatory initiatives necessary for conducting business in today’s global environment and is the cornerstone of the SecureTrust™ business.
SecureTrust™ services include:
- Global Compliance and Risk Services: Industry-leading software combined with the largest and most experienced consulting team to help address your PCI and GCRS needs
- Security and Compliance for Small Merchants: Scaleable and multi-tenanted solution helps you offer the latest security and compliance products to your merchants regardless of acceptance channel. Our portfolio offers compliance technologies including penetration testing, endpoint protection, File Integrity Monitoring (FIM) and Data-loss Prevention (DLP).
- Merchant Risk Monitoring Solutions: Proprietary merchant monitoring solutions that can help you reduce risk by scanning for bad business practices and security flaws in web sites.
SecureTrust™ has a one of the world’s largest networks of experienced QSAs based in 16 countries and compliance offerings that include both self-managed portal-based options or fully managed solutions. Our mission being to take the complexities out of attaining and maintaining compliance.
Semafone provides pure cloud, hybrid cloud and on-premises solutions to contact centres and all businesses accepting payments; enabling them to collect personal data securely across all customer engagement channels – including the telephone, webchat, social media, email, SMS, QR codes and more. Semafone's patented data capture method collects sensitive information such as payment card or bank details and social security numbers directly from the customer for processing. This prevents personal data from entering the business and IT infrastructure, which protects against the risk of fraud and the associated reputational damage. By ensuring that sensitive payment card data does not touch the contact centre’s network infrastructure, Semafone’s Cardprotect solutions dramatically reduce the scope for PCI DSS, reducing the cost, burden and complexity of compliance.
Semafone’s suite of solutions create a seamless, omnichannel experience that increases sales conversion rates and boosts customer loyalty, while at the same time simplifying compliance.
Semafone is trusted by leading brands to safeguard their customers, including; Admiral, AO, The British Heart Foundation, Next, RNIB, Santander, Sky, TalkTalk and parts of the Virgin Group.
- Semafone retains the leading security and payment certifications - ISO 27001:2013, PA DSS for Cardprotect when deployed on-premises and PCI DSS Level 1 Service Provider
- Highest number of customer deployments, clients, countries, agents and years in the contact centre business
- Securing over 200,000 contact centre seats worldwide
- Delivers both carrier class cloud and on-premise solutions
- Open and flexible architecture makes it easy to deploy
- Industry leading partners; including BT, Gamma, Genesys and Oracle
- PCI Winner for Excellence 2017, 2018 and 2019, Best in Business International 2018 and 2019, Computing Security Excellence 2018, Nice inContact DEVone – Outstanding Partner Innovation Award.
Tel: 0845 543 0822
Silver Lining is a professional IT and telecoms provider offering the very best in business IT, telecommunications, data and mobile solutions. Whether it’s business broadband, telephone systems, IT infrastructure, mobiles, or just a memorable phone number – we’re here to help.
Through trusted long-term relationships with our clients, the team at Silver Lining realised that shopping around for suppliers is an unwelcome challenge. UK businesses would rather source their IT and telecommunication solutions through a single vendor who are able to present the bespoke solutions with a consultative approach – helping you maximise your full return of investment.
Our team are communications experts, skilled and experienced from handsets to hosting and everything in between. We provide tailored solutions through our team of Splicecom, Avaya, Cisco, Microsoft, HP, VMware, Citrix, and mobile app specialists. Our combined knowledge, innovation and expertise have led to contracts with a variety of household names.
The launch of our fourth-generation cloud platform ‘RevolutionCloud’ enables us to offer a unique solution to operate and manage your entire infrastructure – differentiating our offering from those ‘off-the-shelf’ solutions available.
Our award-winning PCI compliance solution is based entirely within our private ‘RevolutionCloud’ infrastructure. This DTMF masking solution was designed to de-scope the contact centre and bring complete security to telephone card payment services - achieving the PCI award for ‘Innovation of the Year’.
At Silver Lining, we understand every business is different, our customers range from small, single site start-ups to complex multi-site enterprises and government organisations.
Applying a consultative approach, we work closely with you to identify your exact requirements. Our unified communications services can offer improved efficiency, reduced running costs and the flexibility to easily upgrade as your business grows. We pride ourselves on thinking ‘outside of the box’ – to find a solution that truly meets your needs.
For more information visit: www.silver-lining.com
Speik (formerly Aeriandi) have reimagined voice applications at scale. We process £billions in phone payments every year for the UK’s largest telcos, utilities and retailers. We understand the challenges and complexities of seriously large deployments in the real world.
From call recording, call recording archiving and PCI compliant telephone payments, to fraud detection and speech analytics, we’ve got you covered. Our 100% Software-as-a-Service solution delivers industry leading functionality and security, without the need to install anything on site. Our VISA Europe-approved secure phone payments solutions are 100% hosted by us. We integrate with your Telco provider to prevent card data from ever entering your contact centre environment. With Speik™ you can achieve quick, cost-effective PCI DSS compliance on time and on budget.
Speik’s solutions prevent the transmission, storage and processing of card data throughout your entire enterprise. This means that most of the 12 PCI DSS requirements are no longer applicable, therefore reducing risk and time to compliance. With no payment card data in the infrastructure, PCI DSS compliance requires minimal maintenance, effort and costs.
Our Call Archive solution (Recording Storage and Retrieval service) removes all sensitive cardholder data from your call recording legacy infrastructure, so that you can more readily comply with PCI DSS. As a QSA validated level 1 service provider we encrypt recordings and store them in our cloud where we have implemented all the controls to meet PCI DSS. Appropriate access and audit controls are built into our user-friendly web-based portal ensuring that you’re provided with easy, safe access whenever you need it.
SureCloud is a provider of Gartner-recognised GRC software and Cyber & Risk Advisory services. Whether buying products or services, your organisation would benefit from automated workflows and insight from the award-winning SureCloud platform. All of SureCloud’s service offerings are fully compatible with the GRC suite of products enabling a seamless integration of information, taking your risk programmes to the next level.
One Payment Cloud
Contact centre payments – delivered.
One Payment Cloud deliver no CDE technology across ALL your customer communication channels. We support both Voice and Digital (Email, Web Chat and all Social Media) and our solution enables both agent present and customer self service options.
Our service is cloud based and agnostic to your existing contact centre infrastructure. Addressing both voice and digital channels, our consumption based charging model supports the current customer journey and enables Digital Transformation to be delivered at a pace which suits your customers, keeping card data out of your environment at all times and across all channels.
One Payment is a brand of Ciptex one of the UK’s leading experts in the design and deployment of Contact Centre solutions. This expertise in the Contact Centre industry combined with our knowledge of PCI-DSS compliance ensures that we are perfectly placed to provide the right contact centre compliance solution for both you and your customers.
Our unique Compliance as a Service offer has been specifically designed to ensure any contact centre which takes card payments continues to do so in a compliant manner, whilst preserving the best possible customer experience and addressing any changes to the current legislation when it arises.
One Payment does this by a five-step process as outline below;
- We complete a comprehensive audit to fully understand your customer journey
- We develop a compliance strategy, bespoke to your business requirements
- We deploy the selected technology integrated within your contact centre
- We ensure the correct procedures are in place to remain compliant
- We update your compliance strategy, as and when guidelines change
For more information on our services and take advantage of a free audit draw available to all attendees of the event:
Telephone 0808 196 1676
Email : firstname.lastname@example.org
Website : www.onepayment.cloud
Have you deployed ‘Pause and Resume’ for your contact centre or are you just about to tackle phone payments? If so, discover how DataDivider can simply take out your agent desktops, network and back-end systems from PCI scope whilst your agents continue to listen to and enter cardholder data. Reduce you BAU costs or implement a call centre PCI de-scope strategy for the fraction of the cost of complex DTMF tone masking solutions. Sound impossible? Find out how by visiting DataDivider’s booth or attending our education session “Leveraging your PCI DSS investment for GDPR ”. In the past decade PCI forensic audits have only discovered a handful of telephony infrastructure related breaches so focus your risk based approach to where the real exposure lies.
Established in 2000, ECSC Group plc is the UK's longest running, 'full service' information and cyber security service provider.
ECSC offer a complete range of cyber security solutions and services to all sectors. Our ever-expanding client list ranges from e-commerce start-ups to global organisations, and our consultative, business-focused approach has led us to proudly count 10% of the FTSE 100 among our clients.
All of our consultants are highly qualified: our minimum qualification is the well respected Certified Information Systems Security Professional (CISSP). All of our PCI specialists are Payment Card Industry Qualified Security Assessors (PCI QSA), registered with the PCI SCC (Council) since 2007 with over 10 years’ experience individually. Not only this but our QSA’s also have ISO27001 Lead Auditor qualifications.
As one of the UK’s first ever PCI Managed Services Provider, our aim is to support any organisation regardless of size to achieve PCI DSS compliance and effective cybersecurity by providing expert, vendor independent, technical and security advice.
ECSC runs 24/7/365 managed cyber security services through our UK and Australian Security Operations Centres, combined with a range of consulting and cyber security testing services.
We are proud of our almost 20-year history, unrivalled industry reputation, and AIM market listing.
GoAnywhere MFT secures and streamlines the exchange of data between systems, employees, customers, and trading partners. Deployable on-premises, in hybrid environments, and to cloud computing platforms like AWS and Microsoft Azure, this secure file transfer solution provides organisations with a single point of control while encrypting data with industry standard encryption and protocols (e.g. OpenPGP, AES, SFTP, SCP, AS2, and HTTPS).
GoAnywhere comes with extensive, enterprise-level features that meet security settings for company policies and compliance regulations like PCI DSS, HIPAA, and the GDPR. Detailed audit logs and reporting functionality help track all file transfer, user, and administrator activity, which can be compiled and distributed in case of an audit.
Still using manual processes to send and retrieve sensitive information? GoAnywhere’s comprehensive workflows help eliminate the need for traditional custom programs, homegrown scripts, and single-function tools. Advanced workflows can accommodate up to 60 different tasks for compression, data translation, integration, and more, and can be automated using GoAnywhere’s built-in scheduler and/or trigger capability.
Prism Infosec provides cybersecurity testing and consulting services from its offices in Cheltenham and Liverpool, UK and was established in 2006. The Company has delivered information security consultancy and assessment services to some of the world’s largest organisations.
Uniquely, Prism Infosec’s consultants possess both business and management focus as well as a broad range of technical skills. Whether delivering advice on cutting edge information security architectural solutions, conducting management control audits, or in-depth technical penetration testing our consultants always deliver a quality end-to-end service.
It is our ethos that our clients work with professional and experienced consultants at all times and customer satisfaction is our number one priority. We always ensure a prompt and efficient service and provide deliverables that can be used effectively by our audience at any level of the business.
Prism Infosec is a Payment Card Industry Qualified Security Assessor Company (QSAC), employing experienced QSAs who always offer pragmatic assessments and commensurate advice and recommendations. Prism Infosec is also a member of CREST, the not for profit organisation that serves the needs of a technical information security marketplace requiring the services of a regulated professional services industry.
Prism Infosec maintains an ISO9001:2015 certified (UKAS-accredited) Quality Management System (QMS) which ensures that quality is at the heart of all our service offerings and client relationships.
The Company prides itself on the delivery of a high standard of projects to its customers, across a number of our service offerings: -
- Pragmatic PCI QSA assessments;
- Experienced and practical advice on compliance with standards such as the PCI DSS and ISO27001;
- Enterprise application and infrastructure penetration testing;
- Bespoke red team engagements;
- Mobile application reviews (iOS, Android, Blackberry, Windows Phone);
- Social engineering, phishing campaigns and simulated cyber-attacks;
- Cloud security assessments and advice; and
- Risk assessments.
SVL is the UK's most experienced supplier of contact centre solutions. For 50 years we have been collecting and protecting interactions through quality software, advice and support for organisations of every size. The company provides a wide range of compliance solutions for organisations operating under regulatory environments, from the Payment Card Industry Data Security Standard PCI DSS to GDPR and PSD2.
SVL SecurePay offers organisations who take card payments total protection. We provide this outstanding product in partnership with Gala Technology, the development team behind the multi award-winning secure payment solution SOTpay. The cloud-based SOTpay platform gives you the flexibility to take secure payments via email, SMS, Electronic Invoice or even on Social Media channels, remaining in constant contact with the cardholder or simply receiving agent notifications when payments are completed. In the last 12 months, SOTPay has won awards from PCI London, Call & Contact Centre Expo, UKCCF and became Best International CNP product at the CNP Awards.
Tripwire is the trusted leader for establishing a strong cybersecurity foundation. Partnering with Fortune 500 enterprises, industrial organizations and government agencies, Tripwire protects the integrity of mission-critical systems spanning physical, virtual, cloud and DevOps environments. Tripwire’s award-winning portfolio delivers top critical security controls, including asset discovery, secure configuration management, vulnerability management and log management. As the pioneers of file integrity monitoring (FIM), Tripwire’s expertise is built on a 20+ year history of innovation helping organizations discover, minimize and monitor their attack surfaces.
Verifone is the leader in providing trusted, secure and innovative payment terminals, global payment as a service, and commerce enablement solutions that create more valuable experiences and rich interactions between consumers and merchants. The company's products and services include mobile, countertop and self-service payment devices, software, and web-based gateways. With 5,300 employees worldwide, and partnerships with local distributors, Verifone is able to deliver innovative payment solutions in 150 countries and across vertical markets.
Easily locate, control, protect and report on your Payment Card Information (PCI) across a multitude of corporate repositories – including, but limited to, endpoints, servers, external drives, cloud applications, such as Office 365, and cloud storage environments – using GeoLang’s Sensitive Data Discovery Platform!
Offering automated and flexible search task options created using a predefined set of rules, encompassing data protected under PCI compliance, as well as supporting more complex queries in the form of Compound Search Tasks to identify data sets specific to the organisation, the Ascema Sensitive Data Discovery tool identifies sensitive and regulated payment card information both at rest and in transit.
Easy and agile to deploy, configure, and manage - PCI Discovery is a must for compliance!
Visit our website - www.geolang.com - for more information, or meet us at PCI London!
GeoLang, part of the Shearwater Group PLC, is an award-winning UK-based data security company specialising in business resilience and information management solutions.
Established in 1989, Sysnet Global Solutions provides payment card industry, cyber security and compliance solutions that help businesses to improve security and acquiring organisations to reduce risk.
We empower businesses to be secure and compliant through award winning cybersecurity solutions and extraordinary services and support.