Search Icon
Contact us

MDR Services

Our Managed Detection and Response Services provide continuous monitoring from a team who’ll neutralise any breaches at speed...

Incident Response Services

Gain access to malware experts to quickly contain threats and reduce future exposure to attacks...

Gartner Recognised

Integrity360 has been recognised as a Gartner Representative Vendor.

Download our CyberFire MDR ebook

Many organisations are choosing CyberFire MDR to strengthen their defences. Discover how it can protect your business in our brochure.

The hidden human costs of a cyber attack

Cyber attacks often seem faceless, but hidden behind the headlines of financial loss and technical details there are very real human stories. 

The reality of ransomware in 2025: What you need to know

In 2025, we’re witnessing a shift in how ransomware operates, who it targets, and the consequences of falling victim.

Your guide to 2026: Trends and Predictions

Stay ahead of the latest cybersecurity industry developments, advancements and threats, and understand how you can best protect your organisation.

Cybersecurity testing services

Do you know what your company’s network vulnerabilities are? Businesses that invest in penetration testing do.

What is PCI? Your most common questions answered

If your business handles credit card data, PCI DSS compliance isn’t optional—it’s critical. From retailers and e-commerce platforms to service providers and financial institutions, securing credit card data is critical to customer trust and preventing fraud.

Weekly Threat roundups

Stay informed with the latest cybersecurity news with our weekly threat roundups.

The A-Z Glossary of cybersecurity terms

Confused about cybersecurity? Our A-Z Glossary of terms can help you navigate this complicated industry.

Read our latest blog

For many small and mid-sized businesses, cybersecurity can feel overwhelming.

Integrity360 completes SOC 2 certification to strengthen global cyber defence ecosystem

SOC 2 certification reflects Integrity360’s continued investment in strengthening cyber resilience for clients across highly regulated and high-risk industries. 

Integrity360 expands into North America with Advantus360 Acquisition

Leading Canadian cybersecurity services provider Advantus360 joins Integrity360 creating the group’s first hub in North America

Security First 2026

See the full list of our conferences across the UK, Europe, Africa & the Caribbean
Integrity360 Emergency Incident Response button Under Attack?

“We’re not in scope!” - The dangerous myth of false security in payment technology

This is the recording of our live webinar held on February 24th, 2026

Listen to audio
View on demand recording

 

Speakers

  • Richard Ford, CTO, Integrity360
  • Martin Petrov, CTO - PCI, Integrity360
  • Alessandro Amalfitano, Practice Manager, Integrity360

 

On‑demand webinar: The truth about PCI DSS scope - Why “we don’t touch card data” is still a risk

 

“We don’t touch card data, so we aren’t in scope.”
It remains one of the most persistent - and most dangerous - myths in PCI DSS compliance and payment security.

Today’s merchants rely heavily on third‑party payment providers, hosted payment pages, iFrames, tokenisation, and P2PE to simplify PCI requirements. But while these technologies dramatically reduce PCI scope, they do not remove it. And in many cases, they create new blind spots that attackers know how to exploit.

This on‑demand webinar breaks down what “out of scope” really means in 2026 - and why organisations that believe PCI is “handled” often face the greatest exposure.

 

Why watch this on-demand session?

Even when cardholder data never touches your systems, residual risk remains across:

  • Web applications and e‑commerce integrations

  • Third‑party scripts, pixels, and supply‑chain dependencies

  • Misconfigured redirects and iFrame implementations

  • Terminal handling, P2PE processes, and staff procedures

  • Governance gaps, unverified service providers, and missing AOCs

  • Incident response readiness for web‑skimming and terminal‑tampering attacks

Threat actors are well aware of these weak points. Recent high‑profile breaches show that attackers rarely target the payment provider - they target merchants, their websites, and their processes.

 

What this webinar covers

Hosted by Richard Ford, CTO at Integrity360, with expert guests Martin Petrov (CTO - PCI) and Alessandro Amalfitano (PCI Practice Manager), this session takes a practical, real‑world look at:

  • Why “we’re not in scope” is almost never accurate

  • How iFrames, hosted payment pages, and P2PE reduce-but do not eliminate-PCI DSS responsibilities

  • Where PCI scope still applies in supposedly “de‑scoped” environments

  • What PCI DSS assessors actually expect to see for SAQ A and P2PE merchants

  • How attackers exploit overlooked dependencies, scripts, and assumptions

  • Real examples of card‑skimming, web‑skimming (Magecart), and terminal swap attacks

  • Practical steps to tighten governance, reduce risk, and avoid costly compliance failures

Whether you operate an e‑commerce platform, manage brick‑and‑mortar payment terminals, or rely on third‑party payment solutions, this session will help you clarify your true PCI obligations.

 

Who should watch?

  • E‑commerce merchants

  • Retailers using P2PE or payment terminals

  • CISOs & security leaders

  • Compliance managers & PCI owners

  • Payments, risk & governance teams

If your organisation processes any payments - online or in‑store - this content is essential.

 

Watch on demand now!

 

Gain clarity on PCI DSS scope, understand where risk truly lives, and learn how to protect your customers, revenue, and reputation.

 

“I cannot commend your team’s work enough, and this opinion is shared throughout the senior management team. It is a testament to your thoroughness and expertise”
Head of Information Security Operations, Technology/SaaS