Upload
hubspot
View
7.353
Download
1
Embed Size (px)
Citation preview
WHY SECURITY MATTERS for marketers
As marketers we’re focused on GROWTH
GROWTH
Chapter one: Why you should care about security.
If you collect data from customers, you are responsible for ensuring their protection
Bryan Eisenberg
Websites are being attacked every second
Insecure websites are more frequently targeted
• Most of these attacks are aimed to steal user information, or compromise a website.
• Looking at different attack types you can see what some of the most common attacks are – http is most prominent.
• 50% of attacks come against insecure websites.
Businesses of Every Size Are Being Targeted • Betty’s Tea is a UK based café chain
and was targeted in May 2015
• As a result of the attack: 120,000 customer names, email addresses and encrypted passwords were stolen.
A Story about Sony • Sony was hacked in November, 2014 and personal employee details including
names and salaries were leaked
• 47,000 records were stolen, and the outrage started immediately, and is still ongoing
A Story about Sony
17 MILLION ATTACKS PER DAY
Every Attack Ties into Value • According to PwC, every website SMB
website hacking incident costs between $92,000 - $165,000 on average.
• McAfee found almost 90% of small- and medium-sized business in the US do not use data protection for company and customer information, and less than half secured company email to prevent phishing scams.
7-year olds can even hack networks
Most Websites Don’t Have Security
Only 20% of website are secure!
Brands have the opportunity to stand out for proactively addressing it and those who do not will very soon be far behind. Align your brand with the changing consumer
mindset and be a leader in customer security.”
Bo Holland, CEO AllClearID
Chapter two: How website attacks happen.
There are two primary types of website attacks MAN-IN-THE-MIDDLE DDOS
Man-in-the-Middle Attacks
What is a Man-in-the-Middle Attack? • A Man-in-the-Middle attack happens when a hacker places a small file on your
website, and steals incoming user data. • These files can go undetected for weeks, months, or years due to their small size.
Visitor
Hacker
Website
DDoS
What is a DDoS Attack? • A DDoS (Distributed Denial of Service) attack happens when a hackers uses multiple
computers to flood traffic to a website. • Incoming traffic volume is so large and so sudden, there is no option but for your
website to go down.
Website
What can we do to prevent these attacks?
Chapter three: All about SSL & WAF.
What is SSL?
Visitor
Hacker
Website
• SSL stands for Secure Sockets Layer, and is a way of encrypting traffic between a website and the visitor.
• As a result of traffic being encrypted, hackers cannot steal private or customer information from Man-in-the-Middle attacks.
Benefits of SSL Trust SEO Website Enhancements
Benefits of SSL
A padlock displays in the URL bar for secure websites – increasing visitor and consumer confidence that their information is safe.
Trust SEO Website Enhancements
Benefits of SSL Trust SEO Website Enhancements
Benefits of SSL Trust SEO Website Features
Benefits of SSL
“If your in a competitive niche, then it can give you an edge from Google’s point of view. With the HTTPS ranking boost, it acts like a tiebreaker. For example, if all quality signals are equal for two results, then the one that is on HTTPS would get the extra boost that is needed to trump the other result.”
Google’s Gary Illyes, said: Trust SEO Website Enhancements
Benefits of SSL Trust SEO Website Enhancements
HTTPS is “moderately correlated to higher search rankings”
Source: http://backlinko.com/search-engine-ranking
Benefits of SSL Trust SEO Website Enhancements
Have you seen pages like this?
Benefits of SSL Trust SEO Website Enhancements
Using HTML5, your website can incorporate features that utilize the visitors device information, such as: • Geolocation • Video and Microphone • Device Motion/Orientation • Fullscreen Without SSL, none of these will work in Chrome or Firefox.
What is a WAF? • WAF stands for Web Application Firewall and forms a protective ring around your
website to weed-out bad traffic, and allow good visitors to come through.
Website Website Visitor
Hacker
Hacking Recovery Plan
1. Check with I.T. and/or your website host to determine root cause, and impact
2. Create scenarios and playbooks for every type of hacking incident (loss of user
information, website downtime, etc.)
3. Communicate with affected internal stakeholders
4. Communicate with external customers, prospects, and other affected parties
5. Ensure you have contact details for key team members
Chapter three: Next Steps.
Create a Hacking Recovery Plan
1. Check with I.T. and/or your website host to determine root cause, and impact
2. Create scenarios and playbooks for every type of hacking incident (loss of user
information, website downtime, etc.)
3. Communicate with affected internal stakeholders
4. Communicate with external customers, prospects, and other affected parties
5. Ensure you have contact details for key team members
Want to secure your website today?
Click here to start a free trial of the HubSpot Website Add-on.
Jeffrey Vocell (@jvocell)
Product Marketing Manager
Thank you!