Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Whats up for today? 
Some chitchat about your baby…
The dark side of the internet 
• Phishing 
• Social engineering 
• Hacking (vulnerabilities & misconfigurations) 
• Inject...
Serious cases 
• 13 October 2014 1 million dutch e-mail 
accounts compromised. 
• 5600 Dutch websites hacked (SQL injectio...
Data Breaches Leads to Drop in Sales 
• Target Earnings Slide 46% After Data Breach 
• One third of consumers will shop el...
What can/must we do? 
• Audit/Pentest 
• Source code check 
• Scanning pro software * 
• WAF * (Web Application Firewall) ...
What can/must we do? 
• Audit/Pentest 
• Source code check 
• Scanning pro software * 
• WAF * (Web Application Firewall) ...
Treat (not thread) your baby like a baby 
Create the safe environment you want your baby to growup in. 
For you, your fami...
CONTACT 
Remo Hardeman 
Omerta Information Security 
remo@omerta.nl 
Visits 
Boompjes 57 
7e verdieping 
3011 XB Rotterdam...
CONTACT 
Remo Hardeman 
Omerta Information Security 
remo@omerta.nl 
Visits 
Boompjes 57 
7e verdieping 
3011 XB Rotterdam...
Remo presentatie v1
Upcoming SlideShare
Loading in …5
×

1

Share

Download to read offline

Remo presentatie v1

Download to read offline

Presentation at the international conference “PECOS4SMEs – Cross-border e-Commerce for SMEs” by Remo Hardeman.

This project has been funded with support from the European Commission.
This publication reflects the views only of the author, and the Commission cannot be held responsible for any use which may be made of the information contained therein.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

Remo presentatie v1

  1. 1. Whats up for today? Some chitchat about your baby…
  2. 2. The dark side of the internet • Phishing • Social engineering • Hacking (vulnerabilities & misconfigurations) • Injection (iFRAME) • DDOS • DNS hijacking • Cookie hijacking/stealing • MITM (Man In The Middle) • Xss and SQL injection • 3rd Parties
  3. 3. Serious cases • 13 October 2014 1 million dutch e-mail accounts compromised. • 5600 Dutch websites hacked (SQL injection) • Target hack, costs 40 million $, Home depot 60 Miljon $ ( total costs in revenue and security measures) • In two years 2 Billion account credentials breached ( including CC and person credentials)
  4. 4. Data Breaches Leads to Drop in Sales • Target Earnings Slide 46% After Data Breach • One third of consumers will shop elsewhere if their retailer of choice is breached, according to new research • Downtime and massive costs after data breach or malware infection.
  5. 5. What can/must we do? • Audit/Pentest • Source code check • Scanning pro software * • WAF * (Web Application Firewall) • Encrypt your database, encrypt credentials, if hacked it wont be worth decrypting due to time • Dedicated Hosting • HTTPS, Perfect Forward Secrecy, HSTS (HTTP Strict Transport Security) • MASKING * • Malware Analyses, day round * • DDOS protection * • Secure DNS * (ask hosting company) • Blacklisting checks * • Monitor your security • Security is a must, create budget! (its not IF, but WHEN you will get hacked) • Backupfallbackupfallback crisis scenario’s and documentation • Backoffice security, don’t let your twelve year old kid download movies on your work laptop • Educate the thing between chair and keyboard! Know your software platform(s) (sorry if its you) • Communicate with your customer about your cyber initiatives, but be very clear in how! * Do it yourself, approx. 400 euro a year.
  6. 6. What can/must we do? • Audit/Pentest • Source code check • Scanning pro software * • WAF * (Web Application Firewall) • Encrypt your database, encrypt credentials, if hacked it wont be worth decrypting due to time • Dedicated Hosting • HTTPS, Perfect Forward Secrecy, HSTS (HTTP Strict Transport Security) • MASKING * • Malware Analyses, day round * • DDOS protection * • Secure DNS * (ask hosting company) • Blacklisting checks * • Monitor your security • Security is a must, create budget! (its not IF, but WHEN you will get hacked) • Backupfallbackupfallback crisis scenario’s and documentation • Backoffice security, don’t let your twelve year old kid download movies on your work laptop • Educate the thing between chair and keyboard! Know your software platform(s) (sorry if its you) • Communicate with your customer about your cyber initiatives, but be very clear in how! * Do it yourself, approx. 400 euro a year.
  7. 7. Treat (not thread) your baby like a baby Create the safe environment you want your baby to growup in. For you, your family, your customer and your future. Happy Selling!
  8. 8. CONTACT Remo Hardeman Omerta Information Security remo@omerta.nl Visits Boompjes 57 7e verdieping 3011 XB Rotterdam SOCIAL MEDIA facebook.com/ omertanetherlands TWITTER https://twitter.com/ @omerta_infosec
  9. 9. CONTACT Remo Hardeman Omerta Information Security remo@omerta.nl Visits Boompjes 57 7e verdieping 3011 XB Rotterdam SOCIAL MEDIA facebook.com/ omertanetherlands TWITTER https://twitter.com/ @omerta_infosec
  • remhard

    Sep. 1, 2015

Presentation at the international conference “PECOS4SMEs – Cross-border e-Commerce for SMEs” by Remo Hardeman. This project has been funded with support from the European Commission. This publication reflects the views only of the author, and the Commission cannot be held responsible for any use which may be made of the information contained therein.

Views

Total views

418

On Slideshare

0

From embeds

0

Number of embeds

2

Actions

Downloads

3

Shares

0

Comments

0

Likes

1

×