2. •Founded in 2009.
•Strong focus on cyber security within “payments”.
•Leading forensic team to assist hacked businesses.
• One of only three forensic specialists engaged directly by all three major Card Brands.
• Performed investigations on every continent.
• The ‘go to’ firm for the more sensitive investigations.
•Small, but global business.
Foregenix Overview
3. The eCommerce Threat
The growth of eCommerce.
Compromise rates are outpacing
any other business sector.
4. Threatscape - Foregenix Forensic Stats
12 Months of data:
• 80% of the breaches investigated are EU-based
• >70% are eCommerce
• >65% are Magento websites
5. Some numbers:
26% Market share - Magento eCommerce Platform.
~300,000 Magento sites globally.
Foregenix have checked ~217,000.
The eCommerce Threat
6. 217,000 websites checked…
• 86% are missing critical security patches.
• 5% are hacked and having their customer data stolen…
The eCommerce Threat
……transaction by transaction.
8. What are the implications of getting hacked?
• Fraud costs/liabilities - card brands.
• Penalties – GDPR/ICO.
• Reputation*.
• Cost of breach - forensics, unbudgeted spend on defences.
• Your focus. Dealing with a breach is draining.
9. Who picks up the Fraud Costs?
What do the criminals do with the stolen data?
1. They sell it.
• personal records PLUS credit card data = valuable.
2. They steal your customer identities.
• Loans, mortgages etc.
3. Cashouts - they use the card data fraudulently.
• Buy TVs, sell for cash etc.
10. Let’s put your business in the frame:
Imagine that YOUR business has been
hacked.
11. What happens next?
1. Card brands discover fraud.
2. Correlate data and find that the COMMON POINT OF
PURCHASE (CPP) is your website.
3. Request a forensic investigation from your bank.
4. And the investigation starts…
• How much data was at risk, how much got stolen, how did it get stolen, who did
it, is it ongoing?
12. Who pays for all of this?
You do.
Check your agreement with the bank. You are required
to protect the payment card data and…
They can pass ALL penalties on to you.
13. How do you defend?
Let’s talk about teamwork
To succeed, you need the right team working for you.
Understand the skills of your team – strengths & weaknesses.
E-Comm Pros: build you an amazingly successful online sales engine.
Cyber Security Pros: defend your business from criminals.
14. How do you defend?
5 Practical Tips to defend your online business:
1. Secure website set up – check our blog.
2. Ongoing management and maintenance of website.
3. Multi-Factor Authentication.
4. Proactive Cyber Security – Foregenix.
5. Cyber Insurance.
15. • Advanced Protection
• Advanced Threat Detection
• Skilled Threat Intelligence Team
• Warranty
Getting Proactive
Where Foregenix can help…
16. Summary
Don’t wait to get hacked - the threat is real.
Do the basics well – classic “stitch in time” scenario.
Choose your Team well – you’re playing to win.