How we embedded a security mindset within our company
1
https://www.linkedin.com/in/jimvdwaal/
My slides will become available
2
https://www.linkedin.com/in/jimvdwaal/
3
The last 4 years
• Information Analyst
•Scrum Master
• IT Project Manager
•Product Owner
4
5
17 oktober 20186
Tweedehands verkopen
Boeken Entertainment Elektronica
Klein huishoudelijk Baby Kinder- enzwangeschapskleding
Speelgoed Dier Wonen & Slapen Sieraden, Horloges & Tassen
Zakelijk verkopen via bol.comDigitaal lezen
Start in een port-a-cabin Actief in België Overname door Ahold
Logistiek via bol.combol.com app
Onbeperktlezen
Koken & tafelen
Tuin & klussen
Sport &vrije tijd
Groot huishoudelijk Mooi & Gezond Bespaar Continu
7
> €1.5 billion in revenue
> 95%brand
awareness
> 100.000 orders per day
And the security challenge it brings
8
0
200
400
600
800
1000
1200
1400
1600
1800
1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017
€ I
N M
ILL
ION
S
YEAR
Revenue
Our journey
9
In security
18
A simplified visualisation
19
Business Analysis
Information Analysis
Development Testing
Business Analysts
Product Owner
Information Analyst
Engineers Tester
A simplified visualisation
20
Business Analysis
Information Analysis
Development Testing
Business Analysts
Product Owner
Information Analyst
Engineers Tester
A simplified visualisation
21
Business Analysis
Information Analysis
Development Testing
Business Analysts
Product Owner
Information Analyst
Engineers Tester
As a successful strategy
22
Developers write code, analysts write user stories.
Hackers write hacks, analysts write abuser stories.
23
24
25
26
Example process
27
Product in basket
Checkout
Example process
28
Product in basket
Checkout
Example process
29
Product in basket
Checkout
Reserve product in stock
Example process
30
Product in basket
Checkout
Reserve product in stock
A simplified visualisation
31
Business Analysis
Information Analysis
Development Testing
By giving workshops
32
Hack Defense
Did it actually help?
33
Agility
34
Ownership
35
A very big security team.
36
37
Do It Yourself!
38
https://www.linkedin.com/in/jimvdwaal/
till next bol.com
Just ask