- Bell Aliant
- NHTCU & FBI
- Peter Allor
- Marcel van den Berg
- Rainer Böhme
- Bob Burls
- William Cheswick
- Carlos Cid
- Anton Chuvakin
- Dave De Coster
- Lord Errol
- Boris Goranov
- Martijn de Hamer
- Elly van den Heuvel
- Jaap-Henk Hoepman
- Bart Jacobs
- Sari Kajantie
- Mark Koek
- Jos Kuijpers
- Brett Lambo
- Eric Luiijf
- Scott McIntyre
- Milton Mueller
- Pär Österberg Medina
- Carol Overes
- Richard Perlotto
- David Rice
- Marcus Sachs
- Jacques Schuurman
- Alex Shipp
- Lance Spitzner
- Don Stikvoort
- Gigi Tagliapietra
- Jan Joris Vereijken
- Rémon Verkerk
- Randal Vickers
- David Watson
- Tillmann Werner
- Maurice Wessling
- Colin Whittaker
- Georg Wicherski
- Nicholas Witchell
- Dave Woutersen
Jan Joris Vereijken studied computer science at Leiden University (M.Sc., 1993) and Eindhoven University of Technology (Ph.D., 1997), focusing on formal languages, automata theory, concurrency, and protocol validation. After leaving academia in order to pursue more practical endeavors, he was employed by Lucent Technologies’ Bell Labs as a software developer in their network systems division, working on carrier-grade telephony switches, and, later on, as a network architect in the UMTS area. In 2001, after the Internet bubble had burst, he found himself back at the ING Group, the Dutch financial services conglomerate. In his current role at this company, he is the Global Security Architect for ING Direct, the world’s leading Internet bank with 21 million on-line customers. At ING Direct, he faces the challenges of today’s cyber-fraud environment, trying to keep the money in and the bad guys out. Dr. Vereijken lives in Amsterdam’s colorful Bijlmer district, together with his wife Tieleke and four lovely cats.
Protecting 21 million Internet banking customers: anecdotes and action plans Wednesday 17 September, 14:35-15:20, Diamond RoomAs much as we would like to approach IT Security as a scientific discipline, the sad fact is that we are often clueless on what will happen next. Especially in Internet banking, security measures are mostly a direct and uninspired reaction to earlier observed incidents. That does not mean we cannot use common sense to prepare ourselves for the future. Assuming the bad guys will always go for the money, and for the lowest hanging fruit, we can strengthen our banking security architecture to survive in a cyber-ecosystem of vulnerable client PCs, ever smarter malware, and a tragically unaware and unpatchable general population. We discuss security measures currently seen in a modern internet-banking environment, based on anecdotes of fraud actually observed in the field. Furthermore, we discuss the actions that must be taken in the coming years to maintain the current equilibrium between the banks and bad guys.