They make it sound easy. Identify data assets. Assess threats. Protect it. Encrypt it. In theory, sure. In practice, not so much. Besides, what does a real attack look like? This session explores the problem, punch and counter-punch, by demonstrating attack techniques and encryption coding practices. We will start with common use cases, such as data warehousing, payment systems, Big Data analytics, and more. We will then discuss the threats and vulnerabilities, perform a basic threat modeling and risk assessment, and show how criminals punch through the security. Using secure development patterns and tools, we’ll demonstrate how to block and counter-punch the criminals. Heavy on the demos and light on the theory, this talk provides practical guidance on effective encryption.