SlideShare ist ein Scribd-Unternehmen logo

Website Security Threats: Spotlight on the Netherlands

Als PPTX, PDF herunterladen
Symantec Website Security
Symantec Website Security

The topic of security has grabbed headlines over the last few years and indeed the last few weeks, but most of this attention has focused on a small percentage of large enterprises. However, security is not an issue for them alone, as mid-market companies increasingly deal with the same threats. Join Symantec Website Security Solutions to understand how you can take a proactive website security stance. A webinar posted here https://www.brighttalk.com/webcast/6331/109323 looks at the size of Ecommerce market opportunity in the Netherlands, and the threat landscape in general and website security solutions that can help your protect your company.

TechnologieBildung
1 von 41
Website Security Threats: Spotlight on the Netherlands 2 May 2014 9.30am CET Jane Broderick – Account Manager Andrew Horbury – Product Marketing Manager
Agenda • The growing market opportunity • Cybercrime • Data Breaches • Website Vulnerabilities & Malware • Targeted Attacks • CA breaches • Diginotar • Symantec Website Security Solutions Spotlight on the Netherlands 2
Spotlight on the Netherlands 3
Ecommerce in Europe Spotlight on the Netherlands 4
Netherlands Ecommerce • 94% of 16,7 million Dutch population used the Internet in 2012 • 10.9 million Dutch citizens bought goods and services online , amounting to a total value of €9.8bn in 2012. This represents an increase of 9,1% compared to 2011. Spotlight on the Netherlands 5
Who is affected most by cybercrime? Spotlight on the Netherlands 6 CYBERCRIME VICTIMS MORE LIKELY TO BE: MALE – 64% (COMPARED TO 58% OF FEMALES) MILLENNIAL – 66% (COMPARED TO 54% OF BABY BOOMERS) AND: • MOBILE DEVICE OWNERS – 63% • SOCIAL NETWORK USERS – 63% • PUBLIC / UNSECURED WI-FI USERS – 68% • EMERGING MARKET – 68% • PARENT OF CHILDREN 8-17 – 65% 85% CHINA 77% RUSSIA 73% SOUTH AFRICA Source: 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf
EUR82 BN FRAUD 38% THEFT OR LOSS 21% REPAIRS 24% OTHER 17% 83% OF DIRECT FINANCIAL COSTS ARE A RESULT OF FRAUD, REPAIRS, THEFT AND LOSS EUR215 AVERAGE COST PER VICTIM THE GLOBAL PRICE TAG OF CONSUMER CYBERCRIME Source: 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf REPRESENTS A 50 PERCENT INCREASE OVER 2012 ENOUGH TO HOST THE 2012 LONDON OLYMPICS NEARLY 10 TIMES OVER Spotlight on the Netherlands 7
1 ALL AMOUNTS IN EUR (at 26 April 2014) ROUNDED TO THE NEAREST BILLION 27 USA BN 2MEXICO BN 6BRAZIL BN 9 EUROPE BN 1RUSSIA BN 28CHINA BN 3INDIA BN 1 JAPAN BN AUSTRALIA BN THE GLOBAL PRICE TAG OF CONSUMER CYBERCRIME 0.2 SOUTH AFRICA BN CANADA 2 BN; SINGAPORE 0.7 BN; NEW ZEALAND 0.1 BN; TURKEY 1.4 BN; SAUDI ARABIA 0.4 BN; UAE 0.2 BN; COLOMBIA 0.4 BN Source: 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf
• THE GLOBAL PRICE TAG OF CONSUMER CYBERCRIME • EUR82 BILLION ANNUALLY, COST PER CYBERCRIME VICTIM UP 50 PERCENT • THE SCALE OF CONSUMER CYBERCRIME • 1 MILLION+ VICTIMS DAILY • CREATING PERFECT STORM AS LINES BLUR BETWEEN WORK/PLAY • 49% USE THEIR PERSONAL DEVICE FOR WORK AND PLAY • AROUND ONE-IN-FIVE SHARE WORK RELATED INFORMATION WITH FRIENDS AND FAMILY Spotlight on the Netherlands 9 Source: 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf
Netherlands: State of the nation • 30% of adults have experienced cybercrime in the past 12 months (61% globally) • 3M cybercrime victims in the past 12 months (378M globally) • 53% of males who have been victim of cybercrime in their lifetime (sorry no number available for females) (64% globally) • 137M EUR: total cost of cybercrime in the past 12 months (82Bn EUR globally) • 53EUR: Average direct cost per cybercrime victim in the past 12 months (215EUR globally) • Social network users who do not log out after each session 53% (39% globally) • Social network users who share their social media passwords with others 30% (keep an eye on this one). Spotlight on the Netherlands 10
We are making it easy…… The third most common password tip found in the 2013 Adobe breach was…. Spotlight on the Netherlands 11
We are making it easy…… The third most common password tip found in the 2013 Adobe breach was…. USUALDon’t share passwords or reuse them on multiple sites Spotlight on the Netherlands 12
Mega Breaches 2011 2012 2013 Breaches 208 156 253 Identities Exposed 232M 93M 552M Breaches >10M 5 1 8 Spotlight on the Netherlands 13 The Year of the Breach
Mega Breaches 2011 2012 2013 Breaches 208 156 253 Identities Exposed 232M 93M 552M Breaches >10M 5 1 8 Spotlight on the Netherlands 14
Mega Breaches 2011 2012 2013 Breaches 208 156 253 Identities Exposed 232M 93M 552M Breaches >10M 5 1 8 Spotlight on the Netherlands 15 2013 was the Year of the Mega Breach
2013 Year of the Mega Breach Source: 2012 Symantec ISTR • 8 of the top 10 breaches were of more than 10 million identities • Average Identities exposed were 4 times greater than 2012 Spotlight on the Netherlands 16
Breaches • The average number of identities exposed per data breach for Hacking incidents was approximately 4.7 million. • Theft or loss of a device was ranked third, and accounted for 27% of data breach incidents. Spotlight on the Netherlands 17
Mega Breaches – What Was Lost Spotlight on the Netherlands 18
Vulnerabilities 19Spotlight on the Netherlands
Vulnerabilities • With so many vulnerable web sites cybercriminals have no need to set up their own web sites to host malware 20Spotlight on the Netherlands
• Targeted Attacks predominantly start as spear phishing attacks • In 2012, Watering Hole Attacks emerged Send an email to a person of interest Spear Phishing Infect a website and lie in wait for them Watering Hole Attack Spotlight on the Netherlands 21
Effectiveness of Watering Hole Attacks • Watering Hole attacks are targeted at specific groups • Can capture a large number of victims in a very short time Infected 500 Companies Watering Hole Attack in 2012 1 All Within 24 Hours Spotlight on the Netherlands 22
Watering Hole Targeted iOS Developers • Several high profile companies fall victim to just such an attack Spotlight on the Netherlands 23
Website Security Challenges Evolving Regulations • Externalisation & Virtualisation • Consolidation • Integration Evolving Cyber Crime • Web-Focused • Targeting users • Stealing Confidential Information Evolving Web Use Enable Business Innovation and Agility Protect the Brand Evolving Infrastructures • Consumerisation • More Mobility • Social Augmented ‘Big Data’ Website • Protect the Consumer • Protect the User • Increasing scope Spotlight on the Netherlands 24
Implications of the Evolving Threat Landscape Individual SMB’s Large companies and Enterprises Symantec Increase security of their sites and apps Manage, monitor and automate security of servers/sites/apps. Provide our customers with additional security services Consumers Which sites can I trust? Who can I trust? Spotlight on the Netherlands 25
http://bit.ly/1oT6qwc • DigiNotar breach • Browser Exploit Against SSL/TLS Attack (BEAST) • SSL Renegotiation Attack • CRIME, Lucky 13 • Heartbleed Its clear that SSL is more newsworthy today than ever SSL in the news……. 26
Heartbleed – OpenSSL Vulnerability • This is not a vulnerability with SSL/TLS • SSL/TLS is not broken, nor are the SSL certificates issued by Symantec • Users of Open SSL versions 1.0.1 through (and including) 1.0.1f are affected Advice for Businesses Check your version of OpenSSL and either: • Recompile OpenSSL without the heartbeat extension • Update to the latest fixed version of the software (1.0.1g) if you are using OpenSSL versions 1.0.1 through (and including) 1.0.1f • After moving to a fixed version of OpenSSL, contact the SSL certificate’s issuing Certification Authority for a replacement • Finally, businesses should also consider resetting end-user passwords that potentially may have been visible in compromised server memory. Website Security Threats: April 2014 Update
Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 28
Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 29
Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 30
Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 31
Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 32
CA news Spotlight on the Netherlands 33
Spotlight on the Netherlands More servers, more certificates, more developers, more complexity Late night calls when a certificate expires, or is wrongly configured What happens when things do go wrong 34
Expired & Misconfigured Certificates Drive Costs, Losses & Brand Damage CALLS TO TECH SUPPORT USERS TRAINED TO IGNORE WARNINGS LOST PRODUCTIVITY MISSED SALES OPPORTUNITIES DEFECTION TO COMPETITORS DAMAGE TO BRAND AND CREDIBILITY CALLS TO CUSTOMER SUPPORT INTERNAL APPLICATIONS EXTERNAL APPLICATIONS Spotlight on the Netherlands 35
Five to do’s 1. Do you know what certificates you have? – Their expiry dates, how to renew them? 2. Be ready: Expect the unexpected but mitigate the risk 3. How can you deliver improved reporting across your organisation 4. New Algorithms can reduce overheads and create efficiencies – do you know what they are? 5. Are you ready and prepared for Internal Server Name Deprecation? Spotlight on the Netherlands 36
One final to do • Call me – I understand SSL, your challenges and needs –Jane Broderick –Tel: +44 20 7448 5608 –Email: jane_broderick@symantec.com Spotlight on the Netherlands 37
More information? Spotlight on the Netherlands 2013 ISTR: www.symantec.com/threatreport/ Always-On SSL: go.symantec.com/always-on-ssl/ Symantec Certificate Intelligence Center: go.symantec.com/certificate-intelligence- center Symantec Website Security Solutions www.symantec.com/ssl 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf Twitter @nortonsecured 38
Thank you! Copyright © 2014 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Spotlight on the Netherlands 39 Jane Broderick – Account Manager Tel: +44 207 4485 608 email: jane_broderick@symantec.com Andrew Horbury – Product Marketing Tel: +44 7703 468 966 email: andrew_horbury@symantec.com
Web-based threats: Any website can infect you • In the past – you had to visit dangerous sites to get infected but today it could be a legitimate site attacking you • Web malware exploits - leverage software vulnerabilities without users knowledge • Which sites can infect you? Your favourites: – News, travel, online games, real estate, government, many others With so many vulnerable web sites cybercriminals have no need to set up their own web sites to host malware • 78% of scanned websites have vulnerabilities • 1 in 8 sites had critical unpatched vulnerabilities • In 2013, over 56,000 domains were used to host web malware Source: Symantec ISTR Spotlight on the Netherlands 40
CA news Spotlight on the Netherlands 41

Empfohlen

Web Based Marketing
Web Based MarketingWeb Based Marketing
Web Based Marketing
B2BPlanner Ltd.
 
Web Security Threats and Solutions
Web Security Threats and Solutions Web Security Threats and Solutions
Web Security Threats and Solutions
Ivo Andreev
 
Security Threats to Electronic Commerce
Security Threats to Electronic CommerceSecurity Threats to Electronic Commerce
Security Threats to Electronic Commerce
Darlene Enderez
 
E commerce security
E commerce securityE commerce security
E commerce security
Shakti Singh
 
E Commerce -Security Threats and Challenges
E Commerce -Security Threats and ChallengesE Commerce -Security Threats and Challenges
E Commerce -Security Threats and Challenges
Inderjeet Singh
 
Security threats
Security threatsSecurity threats
Security threats
Qamar Farooq
 
6. Security Threats with E-Commerce
6. Security Threats with E-Commerce6. Security Threats with E-Commerce
6. Security Threats with E-Commerce
Jitendra Tomar
 
Ecommerce final ppt
Ecommerce final pptEcommerce final ppt
Ecommerce final ppt
reemalmarri
 

Empfohlen

Web Based Marketing
Web Based MarketingWeb Based Marketing
Web Based Marketing
B2BPlanner Ltd.
 
Web Security Threats and Solutions
Web Security Threats and Solutions Web Security Threats and Solutions
Web Security Threats and Solutions
Ivo Andreev
 
Security Threats to Electronic Commerce
Security Threats to Electronic CommerceSecurity Threats to Electronic Commerce
Security Threats to Electronic Commerce
Darlene Enderez
 
E commerce security
E commerce securityE commerce security
E commerce security
Shakti Singh
 
E Commerce -Security Threats and Challenges
E Commerce -Security Threats and ChallengesE Commerce -Security Threats and Challenges
E Commerce -Security Threats and Challenges
Inderjeet Singh
 
Security threats
Security threatsSecurity threats
Security threats
Qamar Farooq
 
6. Security Threats with E-Commerce
6. Security Threats with E-Commerce6. Security Threats with E-Commerce
6. Security Threats with E-Commerce
Jitendra Tomar
 
Ecommerce final ppt
Ecommerce final pptEcommerce final ppt
Ecommerce final ppt
reemalmarri
 
Symantec Code Sign (NAM)
Symantec Code Sign (NAM)Symantec Code Sign (NAM)
Symantec Code Sign (NAM)
Symantec Website Security
 
Symantec Code Signing (SE)
Symantec Code Signing (SE)Symantec Code Signing (SE)
Symantec Code Signing (SE)
Symantec Website Security
 
Сертификаты подписания кода Symantec
Сертификаты подписания кода SymantecСертификаты подписания кода Symantec
Сертификаты подписания кода Symantec
Symantec Website Security
 
Symantec Code Signing (IT)
Symantec Code Signing (IT)Symantec Code Signing (IT)
Symantec Code Signing (IT)
Symantec Website Security
 
Symantec Code Signing (FR)
Symantec Code Signing (FR)Symantec Code Signing (FR)
Symantec Code Signing (FR)
Symantec Website Security
 
Code signing de Symantec (ES)
Code signing de Symantec (ES)Code signing de Symantec (ES)
Code signing de Symantec (ES)
Symantec Website Security
 
Symantec Code Signing (DE)
Symantec Code Signing (DE)Symantec Code Signing (DE)
Symantec Code Signing (DE)
Symantec Website Security
 
Symantec Code Signing (CH)
Symantec Code Signing (CH)Symantec Code Signing (CH)
Symantec Code Signing (CH)
Symantec Website Security
 
Symantec Code Signing (UK)
Symantec Code Signing (UK)Symantec Code Signing (UK)
Symantec Code Signing (UK)
Symantec Website Security
 
Symantec Website Security Threats: March 2014 update.
Symantec Website Security Threats: March 2014 update.Symantec Website Security Threats: March 2014 update.
Symantec Website Security Threats: March 2014 update.
Symantec Website Security
 
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...
Symantec Website Security
 
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Symantec Website Security
 
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarliGuida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Symantec Website Security
 
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsGuía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Symantec Website Security
 
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsGuía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Symantec Website Security
 
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Symantec Website Security
 
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Symantec Website Security
 
Symantec: The rise of hacktivism and insider threats
Symantec: The rise of hacktivism and insider threatsSymantec: The rise of hacktivism and insider threats
Symantec: The rise of hacktivism and insider threats
Symantec Website Security
 
Symantec Website Security Threats: February 2014 Update.
Symantec Website Security Threats: February 2014 Update.Symantec Website Security Threats: February 2014 Update.
Symantec Website Security Threats: February 2014 Update.
Symantec Website Security
 
Symantec SSL Explained
Symantec SSL ExplainedSymantec SSL Explained
Symantec SSL Explained
Symantec Website Security
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Weitere ähnliche Inhalte

Mehr von Symantec Website Security

Сертификаты подписания кода Symantec
Сертификаты подписания кода SymantecСертификаты подписания кода Symantec
Сертификаты подписания кода Symantec
Symantec Website Security
 
Symantec Code Signing (FR)
Symantec Code Signing (FR)Symantec Code Signing (FR)
Symantec Code Signing (FR)
Symantec Website Security
 
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Symantec Website Security
 
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarliGuida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Symantec Website Security
 
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsGuía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Symantec Website Security
 
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsGuía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Symantec Website Security
 
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Symantec Website Security
 
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Symantec Website Security
 

Mehr von Symantec Website Security (20)

Symantec Code Sign (NAM)
Symantec Code Sign (NAM)Symantec Code Sign (NAM)
Symantec Code Sign (NAM)
 
Symantec Code Signing (SE)
Symantec Code Signing (SE)Symantec Code Signing (SE)
Symantec Code Signing (SE)
 
Сертификаты подписания кода Symantec
Сертификаты подписания кода SymantecСертификаты подписания кода Symantec
Сертификаты подписания кода Symantec
 
Symantec Code Signing (IT)
Symantec Code Signing (IT)Symantec Code Signing (IT)
Symantec Code Signing (IT)
 
Symantec Code Signing (FR)
Symantec Code Signing (FR)Symantec Code Signing (FR)
Symantec Code Signing (FR)
 
Code signing de Symantec (ES)
Code signing de Symantec (ES)Code signing de Symantec (ES)
Code signing de Symantec (ES)
 
Symantec Code Signing (DE)
Symantec Code Signing (DE)Symantec Code Signing (DE)
Symantec Code Signing (DE)
 
Symantec Code Signing (CH)
Symantec Code Signing (CH)Symantec Code Signing (CH)
Symantec Code Signing (CH)
 
Symantec Code Signing (UK)
Symantec Code Signing (UK)Symantec Code Signing (UK)
Symantec Code Signing (UK)
 
Symantec Website Security Threats: March 2014 update.
Symantec Website Security Threats: March 2014 update.Symantec Website Security Threats: March 2014 update.
Symantec Website Security Threats: March 2014 update.
 
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...
 
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
 
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarliGuida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
 
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsGuía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
 
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsGuía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
 
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
 
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
 
Symantec: The rise of hacktivism and insider threats
Symantec: The rise of hacktivism and insider threatsSymantec: The rise of hacktivism and insider threats
Symantec: The rise of hacktivism and insider threats
 
Symantec Website Security Threats: February 2014 Update.
Symantec Website Security Threats: February 2014 Update.Symantec Website Security Threats: February 2014 Update.
Symantec Website Security Threats: February 2014 Update.
 
Symantec SSL Explained
Symantec SSL ExplainedSymantec SSL Explained
Symantec SSL Explained
 

Kürzlich hochgeladen

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 

Kürzlich hochgeladen (20)

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 

Website Security Threats: Spotlight on the Netherlands

  • 1. Website Security Threats: Spotlight on the Netherlands 2 May 2014 9.30am CET Jane Broderick – Account Manager Andrew Horbury – Product Marketing Manager
  • 2. Agenda • The growing market opportunity • Cybercrime • Data Breaches • Website Vulnerabilities & Malware • Targeted Attacks • CA breaches • Diginotar • Symantec Website Security Solutions Spotlight on the Netherlands 2
  • 3. Spotlight on the Netherlands 3
  • 4. Ecommerce in Europe Spotlight on the Netherlands 4
  • 5. Netherlands Ecommerce • 94% of 16,7 million Dutch population used the Internet in 2012 • 10.9 million Dutch citizens bought goods and services online , amounting to a total value of €9.8bn in 2012. This represents an increase of 9,1% compared to 2011. Spotlight on the Netherlands 5
  • 6. Who is affected most by cybercrime? Spotlight on the Netherlands 6 CYBERCRIME VICTIMS MORE LIKELY TO BE: MALE – 64% (COMPARED TO 58% OF FEMALES) MILLENNIAL – 66% (COMPARED TO 54% OF BABY BOOMERS) AND: • MOBILE DEVICE OWNERS – 63% • SOCIAL NETWORK USERS – 63% • PUBLIC / UNSECURED WI-FI USERS – 68% • EMERGING MARKET – 68% • PARENT OF CHILDREN 8-17 – 65% 85% CHINA 77% RUSSIA 73% SOUTH AFRICA Source: 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf
  • 7. EUR82 BN FRAUD 38% THEFT OR LOSS 21% REPAIRS 24% OTHER 17% 83% OF DIRECT FINANCIAL COSTS ARE A RESULT OF FRAUD, REPAIRS, THEFT AND LOSS EUR215 AVERAGE COST PER VICTIM THE GLOBAL PRICE TAG OF CONSUMER CYBERCRIME Source: 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf REPRESENTS A 50 PERCENT INCREASE OVER 2012 ENOUGH TO HOST THE 2012 LONDON OLYMPICS NEARLY 10 TIMES OVER Spotlight on the Netherlands 7
  • 8. 1 ALL AMOUNTS IN EUR (at 26 April 2014) ROUNDED TO THE NEAREST BILLION 27 USA BN 2MEXICO BN 6BRAZIL BN 9 EUROPE BN 1RUSSIA BN 28CHINA BN 3INDIA BN 1 JAPAN BN AUSTRALIA BN THE GLOBAL PRICE TAG OF CONSUMER CYBERCRIME 0.2 SOUTH AFRICA BN CANADA 2 BN; SINGAPORE 0.7 BN; NEW ZEALAND 0.1 BN; TURKEY 1.4 BN; SAUDI ARABIA 0.4 BN; UAE 0.2 BN; COLOMBIA 0.4 BN Source: 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf
  • 9. • THE GLOBAL PRICE TAG OF CONSUMER CYBERCRIME • EUR82 BILLION ANNUALLY, COST PER CYBERCRIME VICTIM UP 50 PERCENT • THE SCALE OF CONSUMER CYBERCRIME • 1 MILLION+ VICTIMS DAILY • CREATING PERFECT STORM AS LINES BLUR BETWEEN WORK/PLAY • 49% USE THEIR PERSONAL DEVICE FOR WORK AND PLAY • AROUND ONE-IN-FIVE SHARE WORK RELATED INFORMATION WITH FRIENDS AND FAMILY Spotlight on the Netherlands 9 Source: 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf
  • 10. Netherlands: State of the nation • 30% of adults have experienced cybercrime in the past 12 months (61% globally) • 3M cybercrime victims in the past 12 months (378M globally) • 53% of males who have been victim of cybercrime in their lifetime (sorry no number available for females) (64% globally) • 137M EUR: total cost of cybercrime in the past 12 months (82Bn EUR globally) • 53EUR: Average direct cost per cybercrime victim in the past 12 months (215EUR globally) • Social network users who do not log out after each session 53% (39% globally) • Social network users who share their social media passwords with others 30% (keep an eye on this one). Spotlight on the Netherlands 10
  • 11. We are making it easy…… The third most common password tip found in the 2013 Adobe breach was…. Spotlight on the Netherlands 11
  • 12. We are making it easy…… The third most common password tip found in the 2013 Adobe breach was…. USUALDon’t share passwords or reuse them on multiple sites Spotlight on the Netherlands 12
  • 13. Mega Breaches 2011 2012 2013 Breaches 208 156 253 Identities Exposed 232M 93M 552M Breaches >10M 5 1 8 Spotlight on the Netherlands 13 The Year of the Breach
  • 14. Mega Breaches 2011 2012 2013 Breaches 208 156 253 Identities Exposed 232M 93M 552M Breaches >10M 5 1 8 Spotlight on the Netherlands 14
  • 15. Mega Breaches 2011 2012 2013 Breaches 208 156 253 Identities Exposed 232M 93M 552M Breaches >10M 5 1 8 Spotlight on the Netherlands 15 2013 was the Year of the Mega Breach
  • 16. 2013 Year of the Mega Breach Source: 2012 Symantec ISTR • 8 of the top 10 breaches were of more than 10 million identities • Average Identities exposed were 4 times greater than 2012 Spotlight on the Netherlands 16
  • 17. Breaches • The average number of identities exposed per data breach for Hacking incidents was approximately 4.7 million. • Theft or loss of a device was ranked third, and accounted for 27% of data breach incidents. Spotlight on the Netherlands 17
  • 18. Mega Breaches – What Was Lost Spotlight on the Netherlands 18
  • 20. Vulnerabilities • With so many vulnerable web sites cybercriminals have no need to set up their own web sites to host malware 20Spotlight on the Netherlands
  • 21. • Targeted Attacks predominantly start as spear phishing attacks • In 2012, Watering Hole Attacks emerged Send an email to a person of interest Spear Phishing Infect a website and lie in wait for them Watering Hole Attack Spotlight on the Netherlands 21
  • 22. Effectiveness of Watering Hole Attacks • Watering Hole attacks are targeted at specific groups • Can capture a large number of victims in a very short time Infected 500 Companies Watering Hole Attack in 2012 1 All Within 24 Hours Spotlight on the Netherlands 22
  • 23. Watering Hole Targeted iOS Developers • Several high profile companies fall victim to just such an attack Spotlight on the Netherlands 23
  • 24. Website Security Challenges Evolving Regulations • Externalisation & Virtualisation • Consolidation • Integration Evolving Cyber Crime • Web-Focused • Targeting users • Stealing Confidential Information Evolving Web Use Enable Business Innovation and Agility Protect the Brand Evolving Infrastructures • Consumerisation • More Mobility • Social Augmented ‘Big Data’ Website • Protect the Consumer • Protect the User • Increasing scope Spotlight on the Netherlands 24
  • 25. Implications of the Evolving Threat Landscape Individual SMB’s Large companies and Enterprises Symantec Increase security of their sites and apps Manage, monitor and automate security of servers/sites/apps. Provide our customers with additional security services Consumers Which sites can I trust? Who can I trust? Spotlight on the Netherlands 25
  • 26. http://bit.ly/1oT6qwc • DigiNotar breach • Browser Exploit Against SSL/TLS Attack (BEAST) • SSL Renegotiation Attack • CRIME, Lucky 13 • Heartbleed Its clear that SSL is more newsworthy today than ever SSL in the news……. 26
  • 27. Heartbleed – OpenSSL Vulnerability • This is not a vulnerability with SSL/TLS • SSL/TLS is not broken, nor are the SSL certificates issued by Symantec • Users of Open SSL versions 1.0.1 through (and including) 1.0.1f are affected Advice for Businesses Check your version of OpenSSL and either: • Recompile OpenSSL without the heartbeat extension • Update to the latest fixed version of the software (1.0.1g) if you are using OpenSSL versions 1.0.1 through (and including) 1.0.1f • After moving to a fixed version of OpenSSL, contact the SSL certificate’s issuing Certification Authority for a replacement • Finally, businesses should also consider resetting end-user passwords that potentially may have been visible in compromised server memory. Website Security Threats: April 2014 Update
  • 28. Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 28
  • 29. Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 29
  • 30. Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 30
  • 31. Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 31
  • 32. Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 32
  • 33. CA news Spotlight on the Netherlands 33
  • 34. Spotlight on the Netherlands More servers, more certificates, more developers, more complexity Late night calls when a certificate expires, or is wrongly configured What happens when things do go wrong 34
  • 35. Expired & Misconfigured Certificates Drive Costs, Losses & Brand Damage CALLS TO TECH SUPPORT USERS TRAINED TO IGNORE WARNINGS LOST PRODUCTIVITY MISSED SALES OPPORTUNITIES DEFECTION TO COMPETITORS DAMAGE TO BRAND AND CREDIBILITY CALLS TO CUSTOMER SUPPORT INTERNAL APPLICATIONS EXTERNAL APPLICATIONS Spotlight on the Netherlands 35
  • 36. Five to do’s 1. Do you know what certificates you have? – Their expiry dates, how to renew them? 2. Be ready: Expect the unexpected but mitigate the risk 3. How can you deliver improved reporting across your organisation 4. New Algorithms can reduce overheads and create efficiencies – do you know what they are? 5. Are you ready and prepared for Internal Server Name Deprecation? Spotlight on the Netherlands 36
  • 37. One final to do • Call me – I understand SSL, your challenges and needs –Jane Broderick –Tel: +44 20 7448 5608 –Email: jane_broderick@symantec.com Spotlight on the Netherlands 37
  • 38. More information? Spotlight on the Netherlands 2013 ISTR: www.symantec.com/threatreport/ Always-On SSL: go.symantec.com/always-on-ssl/ Symantec Certificate Intelligence Center: go.symantec.com/certificate-intelligence- center Symantec Website Security Solutions www.symantec.com/ssl 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf Twitter @nortonsecured 38
  • 39. Thank you! Copyright © 2014 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Spotlight on the Netherlands 39 Jane Broderick – Account Manager Tel: +44 207 4485 608 email: jane_broderick@symantec.com Andrew Horbury – Product Marketing Tel: +44 7703 468 966 email: andrew_horbury@symantec.com
  • 40. Web-based threats: Any website can infect you • In the past – you had to visit dangerous sites to get infected but today it could be a legitimate site attacking you • Web malware exploits - leverage software vulnerabilities without users knowledge • Which sites can infect you? Your favourites: – News, travel, online games, real estate, government, many others With so many vulnerable web sites cybercriminals have no need to set up their own web sites to host malware • 78% of scanned websites have vulnerabilities • 1 in 8 sites had critical unpatched vulnerabilities • In 2013, over 56,000 domains were used to host web malware Source: Symantec ISTR Spotlight on the Netherlands 40
  • 41. CA news Spotlight on the Netherlands 41