Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Remo presentatie v1

348 views

Published on

Presentation at the international conference “PECOS4SMEs – Cross-border e-Commerce for SMEs” by Remo Hardeman.

This project has been funded with support from the European Commission.
This publication reflects the views only of the author, and the Commission cannot be held responsible for any use which may be made of the information contained therein.

Published in: Internet
  • Be the first to comment

Remo presentatie v1

  1. 1. Whats up for today? Some chitchat about your baby…
  2. 2. The dark side of the internet • Phishing • Social engineering • Hacking (vulnerabilities & misconfigurations) • Injection (iFRAME) • DDOS • DNS hijacking • Cookie hijacking/stealing • MITM (Man In The Middle) • Xss and SQL injection • 3rd Parties
  3. 3. Serious cases • 13 October 2014 1 million dutch e-mail accounts compromised. • 5600 Dutch websites hacked (SQL injection) • Target hack, costs 40 million $, Home depot 60 Miljon $ ( total costs in revenue and security measures) • In two years 2 Billion account credentials breached ( including CC and person credentials)
  4. 4. Data Breaches Leads to Drop in Sales • Target Earnings Slide 46% After Data Breach • One third of consumers will shop elsewhere if their retailer of choice is breached, according to new research • Downtime and massive costs after data breach or malware infection.
  5. 5. What can/must we do? • Audit/Pentest • Source code check • Scanning pro software * • WAF * (Web Application Firewall) • Encrypt your database, encrypt credentials, if hacked it wont be worth decrypting due to time • Dedicated Hosting • HTTPS, Perfect Forward Secrecy, HSTS (HTTP Strict Transport Security) • MASKING * • Malware Analyses, day round * • DDOS protection * • Secure DNS * (ask hosting company) • Blacklisting checks * • Monitor your security • Security is a must, create budget! (its not IF, but WHEN you will get hacked) • Backupfallbackupfallback crisis scenario’s and documentation • Backoffice security, don’t let your twelve year old kid download movies on your work laptop • Educate the thing between chair and keyboard! Know your software platform(s) (sorry if its you) • Communicate with your customer about your cyber initiatives, but be very clear in how! * Do it yourself, approx. 400 euro a year.
  6. 6. What can/must we do? • Audit/Pentest • Source code check • Scanning pro software * • WAF * (Web Application Firewall) • Encrypt your database, encrypt credentials, if hacked it wont be worth decrypting due to time • Dedicated Hosting • HTTPS, Perfect Forward Secrecy, HSTS (HTTP Strict Transport Security) • MASKING * • Malware Analyses, day round * • DDOS protection * • Secure DNS * (ask hosting company) • Blacklisting checks * • Monitor your security • Security is a must, create budget! (its not IF, but WHEN you will get hacked) • Backupfallbackupfallback crisis scenario’s and documentation • Backoffice security, don’t let your twelve year old kid download movies on your work laptop • Educate the thing between chair and keyboard! Know your software platform(s) (sorry if its you) • Communicate with your customer about your cyber initiatives, but be very clear in how! * Do it yourself, approx. 400 euro a year.
  7. 7. Treat (not thread) your baby like a baby Create the safe environment you want your baby to growup in. For you, your family, your customer and your future. Happy Selling!
  8. 8. CONTACT Remo Hardeman Omerta Information Security remo@omerta.nl Visits Boompjes 57 7e verdieping 3011 XB Rotterdam SOCIAL MEDIA facebook.com/ omertanetherlands TWITTER https://twitter.com/ @omerta_infosec
  9. 9. CONTACT Remo Hardeman Omerta Information Security remo@omerta.nl Visits Boompjes 57 7e verdieping 3011 XB Rotterdam SOCIAL MEDIA facebook.com/ omertanetherlands TWITTER https://twitter.com/ @omerta_infosec

×