東 京 電 機 大 学 国 際 化 サイバーセキュリティ 学 特 別 コース. Cyber Security in the Financial Sector
|
|
- Cori Phillips
- 8 years ago
- Views:
Transcription
1 東 京 電 機 大 学 国 際 化 サイバーセキュリティ 学 特 別 コース Cyber Security in the Financial Sector GREG J. THOMPSON CISSP CANADA 1
2 Agenda 1. Introductions About me About Scotiabank 2. Definition of Cyber Security 3. Risks and Challenges Why is Cyber Security so Important? The Threat Landscape Historical Context Factors influencing Cyber Security & Global Trends High level description of controls 4. Threat Intelligence and Analysis Threat intelligence & response process tactical to strategic 5. Questions, time permitting 2
3 About Me Professional Background Vice President Operational Governance, Scotiabank Vice President of Enterprise Security Services and Deputy Chief Information Security Officer, Scotiabank 2003-Present Chief Information Security Officer, Manulife Financial Corporation Network Engineer, Circuit Designer, Bell Canada
4 About Scotiabank - Quick Facts Scotiabank is a leading financial services provider in over 55 countries and Canada s most international bank. Through our team of more than 86,000 employees, Scotiabank and its affiliates offer a broad range of products and services, including personal and commercial banking, wealth management, corporate and investment banking to over 21 million customers Automated Banking Machines Worldwide 3321 Branches Globally 4
5 Definition of Cybersecurity Cybersecurity is the integration of people, technologies, processes and practices designed to safeguard Information Technology (IT) assets and systems from attack, damage and unauthorized access. 5
6 Threats/Risks & Challenges SUMMARY OF HISTORICAL RISK LANDSCAPE AND INHERENT CHALLENGES FACING BANKS 6
7 Why is Cyber Security so Important? Cyber Security has become more integral to an enterprise s success, as more users work with company data and new tools and technologies provide greater capabilities for data management. However, at the same time, data breaches are increasing in size and frequency. The new realities of information usage and access Changing Work Environment: 66% of employees now spend more time accessing and reviewing corporate information than 3years ago The rising strategic value of information: 79% of senior executives report that new uses of (digital) information are key to organizational growth. Attacks are becoming more costly and widespread 90% of organizations experienced at least one data breach in the past year. 66% of security breaches go undetected for at least three months. There has been an 18% increase in average financial losses, with big liabilities increasing faster than smaller losses. Rapidly evolving threats: 69% of executives believe that their companies cannot keep up with the increasing pace and sophistication of attacks. Growth of Cloud Computing: 68% of IT executives claim responsibility for technology usage and security but lack the authority to manage these effectively. Source: Corporate Executive Board 7
8 Threats Threats Threats Continue to Compound Over Time Key Concept: Threats continue to compound and increase over time, while the time required to respond is shrinking. Unauthorized access Accidental issues Malicious users Computer Viruses Increased interconnectivity Hackers (geeks) Unauthorized access Accidental issues Malicious users Organized Crime Software Vulnerabilities Worms Trojans Computer Viruses Increased interconnectivity Hackers (geeks) Unauthorized access Accidental issues Malicious users Hacktivists State-sponsored threats Mobile malware Data Loss & APT Zero-day threats Internet of Things Organized Crime Software Vulnerabilities Worms/Trojans/Ransomware Computer Viruses Increased interconnectivity Hackers (geeks) Unauthorized access Accidental issues Malicious users Mainframe Client/Server Internet Mobile/Always on Internet 1975 Timeline
9 Low Uncontrollability High The Threat Landscape Threats Causing Companies Most Concern Employee Use of Social Media BYOD Mobile Device Application Vulnerabilities Employee Carelessness Malicious Insiders Other Application Vulnerabilities Third-Party Risk: SaaS Web Application Vulnerabilities Hacktivists State-Sponsored Attacks Third-Party Risk Privilege Abuse Third-Party Risk: IaaS Social Engineering/ Phishing Organized Crime and Fraud Regulatory Non-Compliance Abbreviations Definitions BYOD Bring your own device IaaS Infrastructure as a service SaaS Software as a service SCADA Supervisory control and data acquisition Low Risk Rating High Source: CEB 2012 Information Security Threat Landscape Survey. 9
10 Summary of Threat Scenarios Facing Banks Account Takeovers Phishing / Pharming Targeting employees Targeting customers Attacks on Third Party Payment Processors Targeting personal information such as social security numbers Used to create fake debit / credit cards ATM Skimming and Point of Sale Attacks Targeting customers credit and debit card information Used to create fake debit / credit cards Malicious Insiders Third Party Supplier attacks Targeting weak security at third parties as pivot-points into Bank networks Network Disruption and Distributed Denial of Service (DDoS) Attacks DDoS attacks used to disrupt services or misdirect incident respond teams Malware continues to evolve Emergence of Ransomware 10
11 Internal & external trends make information security risk management more difficult Factors Magnifying Information Security Risk 2 76% of employees now spend more time accessing and reviewing corporate information than three years ago. Growth of Shadow (Business-Led) IT 68% of IT executives claim responsibility for technology usage and security but lack the authority to manage these effectively. Changing Work Environment Rise in Information Security Risk Rapidly Mutating Threat Environment 79% of senior executives report that new uses of (digital) information are key to growth. 4 Rising Strategic Value of Information 69% of executives believe that their companies can t keep up with the increasing pace and sophistication of attacks. Source: The Ponemon Institute; McKinsey; World Economic Forum; Avanade, Global Survey: What s Creating Tension Between IT and Business Leaders?, 2014; CEB 2012 High Performance Survey; CEB 2012 Employee Technology Value Survey. 11
12 Regulation & Cyber Security Factors Driving Concern About Cyber/Information Security Regulation 1 Volume A flood of new regulations are being implemented at local, national and international levels. 2 Impact New regulations affect collection, storage and protection of information across all areas of the enterprise. 3 Complexity Online business can expose companies to a wider range of regulations than expected. Source: CEB analysis. Recent Reviews - Cyber Security and related topics OSFI Cyber Security Self Assessment Oct/13 Cyber Security Comparative Review - current IT Governance and Risk Management- Jul/14 Monetary Authority of Singapore Technology Risk Management Questionnaire New York Department of Financial Services Cyber Security Evaluation program Puerto Rico FDIC On site exam IT Controls. Joint Operational Resiliency Management - Canadian Payments Association Nov/14 Investment Industry Regulation Organization of Canada Cyber Security planned Jan/15 Internal Scenario readiness and testing Ransom ware Nov/13 Cyber Security Communication & escalation 12
13 Cyber Security in the News A cyber attack in 2014 may have compromised information about 76 million households. That included customer names, addresses, phone numbers and contact information. In addition, the breach affected about seven million of J.P. Morgan s small businesses customers. Hackers accessed personal information about as many as 110 million consumers. The aftershocks are still reverberating for Target nearly a year later. In August, Target said the costs associated with the hacking added up to $148 million. Hackers broke into the computer system used by the company's development team to steal information from cash registers. That data then found its way onto a computer in Eastern Europe. Cyber-thieves stole up to 60 million card numbers. The attacks went on for five months before they were discovered. In September, the company said that anyone who used a credit card to shop in the U.S. or Canada over a six month period earlier this year could have been a victim. Source: 13
14 My Challenge Keep the bank safe! Why so challenging? 1. Massive geographic span of employees, infrastructure and data makes securing networkconnected assets inherently difficult. 2. Emerging employee and customer engagement models are rapidly evolving thanks to adoption of mobile technologies and improvements in cellular technology. 3. I do not control the banking customer s device. 4. Threats are evolving faster and threat actors are constantly changing. 5. My adversaries are highly motivated, highly organized, well funded and have a high tolerance for failure. This means they only need to have a very small percentage of successful attacks to make profit. 14
15 Operational Threats Our Daily Challenge Threat Rank Type of Threat Threat Description Impact if Successful Attempt Frequency 1 Advanced Persistent Threats (APTs) Malicious software which circumvents traditional controls such as A/V, IPS and other layers of defense. Designed to either steal data or provide remote access to malicious attackers. Target, JPMorgan, etc. Every second. 2 Distributed Denial of Service Attacks The flooding of internet infrastructure to render a server, or network unavailable. The bank depends on the Internet for , 3 rd party systems and the entire e-deliver channel (SOL, SCO, Enlinea, etc.) Every minute. 3 Third Party and Home employee (home computer) remote access. Infected/compromised computers connecting to the banks network. Very difficult to manage as control does not exist at the endpoint. Requires a defensive approach. Data leakage/theft is the primary threat. Everyday. 4 SPAM/WireFraud/So cial Engineering via . s are targeted against employees (executives in 2014) and designed to trick the user into installing software or performing wire transfers. 5 Virus Outbreaks A virus enters into the endpoint and is able to propagate through various means (open shares, windows exploitation, etc.) 6 Web Application Exploitation Hackers breaking into the bank through the front door (our websites). Endpoint compromise which leads to data exfiltration. Monetary client loss related to fraudulent wire fransfers. Happens less every year, but commodity and old viruses work on endpoints that do not have a working security stack. Loss of reputation, loss of data, a forensics nightmare and preventing a re-occurence. Everyday. Rare; due to proactive controls. Every minute. 15
16 Pillars of Information Security Governance Continuous Monitoring Identity & Access Mgmt Business Continuity Control Validation Risk Assessment Strategy & Architecture Policies Standards Best Practices Audit Oversight Regulatory Oversight Compliance Vendor Management Security Operations Centre Intrusion Prevention Anti-Virus Threat Intelligence Incident Response Customer & Employee Entitlements Provisioning & Deprovisioning Access Certification Strong Authentication Planning Testing Validation Reporting Incident Response Gap Analysis Data Loss Prevention Asset Management Vulnerability Management Cyber Threat Scenario Planning Impact Assessments Root Cause Analysis Due Diligence Mission + Vision Budget & Planning Education, Awareness and Training Organization & Planning Emerging Technology 16
17 Sample of Cyber Security Controls Deployed Vulnerability Scanning Technology Scanning more than 150,000 assets in a two week cycle Scanners running 24/7/365 Intrusion Prevention Systems Global deployment of Host-Based Intrusion Prevention systems on approximately 90,000 endpoints Global deployment of Network-Based Intrusion Prevention Systems Implemented above in full block mode Global Anti-virus deployments at network/ gateways and on workstations/endpoints Ongoing Application & Database Vulnerability Scanning Penetration tests Code reviews Hardening & Compliance Application Whitelisting Firewall logging Logical Access logging Security Information & Event Management (SIEM) technology Data Loss Prevention , Web, Endpoint 17
18 Threat Intelligence and Analysis FROM TACTICAL RESPONSE TO STRATEGIC DESIGN 18
19 Threat Intelligence - Overview Threat intelligence can be obtained through both external and internal sources. External: Information sharing and collaboration is critical for meaningful collection of actionable threat intelligence There are credible subscription-based sources of threat intelligence Formal intelligence sharing amongst industry peers is a valuable source Personal and informal relationships with industry sources /peers can often yield meaningful intelligence Internal Big Data Analysis: Many organizations already own the data that, when correlated, can provide highly actionable intelligence Implementation of Security Information & Event Management (SIEM) solutions can help to distill the huge amounts of data (Big data?) into actionable intelligence Organizations must learn from their threat response and remediation to identify ongoing dynamic improvements in their systems of controls. 19
20 Big Data Analytics Threat Intelligence - Data Management & Response Cyber Security Data Inputs NIST Cyber Security Framework Alignment: 1. Identify 2. Protect 3. Detect 4. Respond 5. Recover Threat Intel Various Sources Tactical: Day to Day Response IPS/IDS Offenses React & Remediate Anti-Malware (AV + Whitelisting) Trends & Baselines Identify Design Gaps Active Directory Firewall Logs Vulnerability and Configuration Data Network Monitoring Forensics & DLP Unstructured Data Normalize data Manage / Reduce events per second Structured data feed SIEM Advanced Analytics Hunt teams Structured Data Strategic: Continuous Improvements KRIs KPIs Measure & Report Proactive Remediation Patch Update Upgrade Remove Identify Improvements Anti-Fraud Reduce Offenses
21 Threat Intelligence: Key Concepts 1. Leverage the data you already own: Leverage the data you already have you likely already have considerable threat intelligence at your disposal. External threat intelligence is valuable and must be part of your program, but do not underestimate the value of the data generated by your existing controls. 2. Invest in technology which supports the collection and analysis of data from many sources SIEM technology for example may help by providing such a platform. 3. Do not underestimate the effort required to implement SIEM or other big data solutions. Ingesting data from disparate systems can be challenging. 4. Learn & Innovate: Our adversaries tactics can highlight design weaknesses Threat intelligence and response should help us learn and identify not only policy or configuration improvements, but most importantly proactive design improvements. 21
22 In Summary The need for Cyber Security has never been higher. The threats we face continue to compound over time. Our adversaries continue to find innovative ways to exploit our vulnerabilities. The changing work environment continues to challenge security professionals A broad set of cyber security professionals, processes and technology are required to keep pace with the evolving threat landscape and the evolving work environment. We must harness the intelligence (both internal and external) to protect our data and to learn and evolve our defenses. We must constantly learn, adapt and innovate. 22
23 Questions 23
24 Thank you! Greg J. Thompson CISSP
Cyber Security Metrics Dashboards & Analytics
Cyber Security Metrics Dashboards & Analytics Feb, 2014 Robert J. Michalsky Principal, Cyber Security NJVC, LLC Proprietary Data UNCLASSIFIED Agenda Healthcare Sector Threats Recent History Security Metrics
More informationCybersecurity Awareness. Part 1
Part 1 Objectives Discuss the Evolution of Data Security Define and Discuss Cybersecurity Review Threat Environment Part 1 Discuss Information Security Programs s Enhancements for Cybersecurity Risks Threat
More informationCybersecurity: What CFO s Need to Know
Cybersecurity: What CFO s Need to Know William J. Nowik, CISA, CISSP, QSA PCIP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2014 Wolf & Company, P.C. Today s Agenda Introduction
More informationMEMORANDUM. Date: October 28, 2013. Federally Regulated Financial Institutions. Subject: Cyber Security Self-Assessment Guidance
MEMORANDUM Date: October 28, 2013 To: Federally Regulated Financial Institutions Subject: Guidance The increasing frequency and sophistication of recent cyber-attacks has resulted in an elevated risk profile
More informationCybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix
Cybercrime myths, challenges and how to protect our business Vladimir Kantchev Managing Partner Service Centrix Agenda Cybercrime today Sources and destinations of the attacks Breach techniques How to
More informationInto the cybersecurity breach
Into the cybersecurity breach Tim Sanouvong State Sector Cyber Risk Services Deloitte & Touche LLP April 3, 2015 Agenda Setting the stage Cyber risks in state governments Cyber attack vectors Preparing
More informationAddressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave
More informationItaly. EY s Global Information Security Survey 2013
Italy EY s Global Information Security Survey 2013 EY s Global Information Security Survey 2013 This year s survey our 16th edition captures the responses of 1,909 C-suite and senior level IT and information
More informationBy: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015
Community Bank Auditors Group Cybersecurity What you need to do now June 9, 2015 By: Gerald Gagne MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C. Cybersecurity
More informationSecurity and Privacy
Security and Privacy Matthew McCormack, CISSP, CSSLP CTO, Global Public Sector, RSA The Security Division of EMC 1 BILLIONS OF USERS MILLIONS/BILLIONS OF APPS 2010 Cloud Big Data Social Mobile Devices
More informationCybersecurity and internal audit. August 15, 2014
Cybersecurity and internal audit August 15, 2014 arket insights: what we are seeing so far? 60% of organizations see increased risk from using social networking, cloud computing and personal mobile devices
More informationPENETRATION TESTING GUIDE. www.tbgsecurity.com 1
PENETRATION TESTING GUIDE www.tbgsecurity.com 1 Table of Contents What is a... 3 What is the difference between Ethical Hacking and other types of hackers and testing I ve heard about?... 3 How does a
More informationDefending Against Data Beaches: Internal Controls for Cybersecurity
Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity
More informationEMERGING THREATS & STRATEGIES FOR DEFENSE. Stephen Coty Chief Security Evangelist @StephenCoty
EMERGING THREATS & STRATEGIES FOR DEFENSE Stephen Coty Chief Security Evangelist @StephenCoty Industry Analysis 2014 Data Breaches - Ponemon Ponemon 2014 Data Breach Report *Statistics from 2013 Verizon
More informationSession 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness
Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness Wayne A. Wheeler The Aerospace Corporation GSAW 2015, Los Angeles, CA, March 2015 Agenda Emerging cyber
More informationSeptember 20, 2013 Senior IT Examiner Gene Lilienthal
Cyber Crime September 20, 2013 Senior IT Examiner Gene Lilienthal The following presentation are views and opinions of the speaker and does not necessarily reflect the views of the Federal Reserve Bank
More informationIBM Security Strategy
IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration
More informationASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES
ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES Leonard Levy PricewaterhouseCoopers LLP Session ID: SEC-W03 Session Classification: Intermediate Agenda The opportunity Assuming
More informationCybersecurity The role of Internal Audit
Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government
More informationIBM QRadar Security Intelligence April 2013
IBM QRadar Security Intelligence April 2013 1 2012 IBM Corporation Today s Challenges 2 Organizations Need an Intelligent View into Their Security Posture 3 What is Security Intelligence? Security Intelligence
More informationProtecting against cyber threats and security breaches
Protecting against cyber threats and security breaches IBM APT Survival Kit Alberto Benavente Martínez abenaventem@es.ibm.com IBM Security Services Jun 11, 2015 (Madrid, Spain) 12015 IBM Corporation So
More informationCYBERSECURITY: PROTECTING YOUR ORGANIZATION AGAINST CYBER ATTACKS. Viviana Campanaro CISSP Director, Security and Compliance July 14, 2015
CYBERSECURITY: PROTECTING YOUR ORGANIZATION AGAINST CYBER ATTACKS Viviana Campanaro CISSP Director, Security and Compliance July 14, 2015 TODAY S PRESENTER Viviana Campanaro, CISSP Director, Security and
More informationModular Network Security. Tyler Carter, McAfee Network Security
Modular Network Security Tyler Carter, McAfee Network Security Surviving Today s IT Challenges DDos BOTS PCI SOX / J-SOX Data Exfiltration Shady RAT Malware Microsoft Patches Web Attacks No Single Solution
More informationAnti-exploit tools: The next wave of enterprise security
Anti-exploit tools: The next wave of enterprise security Intro From malware and ransomware to increasingly common state-sponsored attacks, organizations across industries are struggling to stay ahead of
More informationCYBER SECURITY INFORMATION SHARING & COLLABORATION
Corporate Information Security CYBER SECURITY INFORMATION SHARING & COLLABORATION David N. Saul Senior Vice President & Chief Scientist 28 June 2013 Discussion Flow The Evolving Threat Environment Drivers
More informationTechnology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications
Technology Blueprint Protect Your Email Servers Guard the data and availability that enable business-critical communications LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security
More informationBlackRidge Technology Transport Access Control: Overview
2011 BlackRidge Technology Transport Access Control: Overview 1 Introduction Enterprises and government agencies are under repeated cyber attack. Attacks range in scope from distributed denial of service
More informationPractice Good Enterprise Security Management. Presented by Laurence CHAN, MTR Corporation Limited
Practice Good Enterprise Security Management Presented by Laurence CHAN, MTR Corporation Limited About Me Manager Information Security o o o o Policy formulation and governance Incident response Incident
More informationA Case for Managed Security
A Case for Managed Security By Christopher Harper Managing Director, Security Superior Managed IT & Security Services 1. INTRODUCTION Most firms believe security breaches happen because of one key malfunction
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationdefending against advanced persistent threats: strategies for a new era of attacks agility made possible
defending against advanced persistent threats: strategies for a new era of attacks agility made possible security threats as we know them are changing The traditional dangers IT security teams have been
More informationDON T BE A VICTIM! IS YOUR ORGANIZATION PROTECTED FROM CYBERSECURITY THREATS?
HEALTH WEALTH CAREER DON T BE A VICTIM! IS YOUR ORGANIZATION PROTECTED FROM CYBERSECURITY THREATS? FREEMAN WOOD HEAD OF MERCER SENTINEL NORTH AMERICA GREGG SOMMER HEAD OF OPERATIONAL RISK ASSESSMENTS MERCER
More informationCHAPTER 3 : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC
: INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS 1 FIVE KEY RECOMMENDATIONS During 2014, NTT Group supported response efforts for a variety of incidents. Review of these engagements revealed some observations
More informationCyber Threat Intelligence Move to an intelligencedriven cybersecurity model
Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Stéphane Hurtaud Partner Governance Risk & Compliance Deloitte Laurent De La Vaissière Director Governance Risk & Compliance
More informationCyber Security. John Leek Chief Strategist
Cyber Security John Leek Chief Strategist AGENDA The Changing Business Landscape Acknowledge cybersecurity as an enterprise-wide risk management issue not just an IT issue How to develop a cybersecurity
More informationAhead of the threat with Security Intelligence
Ahead of the threat with Security Intelligence PITB Information Security Conference 2013 Zoaib Nafar Brand Technical Sales Lead 2012 IBM Corporation 1 The world is becoming more digitized and interconnected,
More informationFive keys to a more secure data environment
Five keys to a more secure data environment A holistic approach to data infrastructure security Compliance professionals know better than anyone how compromised data can lead to financial and reputational
More informationCybersecurity. Regional and Community Banks. Inherent Risks and Preparedness. www.bostonfed.org
Cybersecurity Inherent Risks and Preparedness Regional and Community Banks www.bostonfed.org Disclaimer The opinions expressed in this presentation are intended for informational purposes, and are not
More informationAutomated Protection on UCS with Trend Micro Deep Security
Copyright 2014 Trend Micro Inc. Automated Protection on UCS with Trend Micro Deep Security Chris Van Den Abbeele Senior presales Engineer Agenda 1. Industrialization of Cyber threats The boomerang of Project
More informationICBA Summary of FFIEC Cybersecurity Assessment Tool
ICBA Summary of FFIEC Cybersecurity Assessment Tool July 2015 Contact: Jeremy Dalpiaz Assistant Vice President Cyber Security and Data Security Policy Jeremy.Dalpiaz@icba.org www.icba.org ICBA Summary
More informationFFIEC Cybersecurity Assessment Tool
Overview In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed the Cybersecurity Tool (), on behalf of its members,
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationCloud and Critical Infrastructures how Cloud services are factored in from a risk perspective
Cloud and Critical Infrastructures how Cloud services are factored in from a risk perspective Reaching the Cloud era in the EU Riga 16 June 2015 Jonathan Sage Government and Regulatory Affairs Cyber Security
More informationWhat keep the CIO up at Night Managing Security Nightmares
What keep the CIO up at Night Managing Security Nightmares Tajul Muhammad Taha and Law SC Copyright 2011 Trend Micro Inc. What is CIOs real NIGHTMARES? Security Threats Advance Persistence Threats (APT)
More informationIncident Response. Six Best Practices for Managing Cyber Breaches. www.encase.com
Incident Response Six Best Practices for Managing Cyber Breaches www.encase.com What We ll Cover Your Challenges in Incident Response Six Best Practices for Managing a Cyber Breach In Depth: Best Practices
More informationAttachment A. Identification of Risks/Cybersecurity Governance
Attachment A Identification of Risks/Cybersecurity Governance 1. For each of the following practices employed by the Firm for management of information security assets, please provide the month and year
More informationWhat Do You Mean My Cloud Data Isn t Secure?
Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com As today s businesses transition more critical applications to the cloud, there
More informationDefending Against Cyber Attacks with SessionLevel Network Security
Defending Against Cyber Attacks with SessionLevel Network Security May 2010 PAGE 1 PAGE 1 Executive Summary Threat actors are determinedly focused on the theft / exfiltration of protected or sensitive
More informationAttackers are highly skilled, persistent, and very motivated at finding and exploiting new vectors. Microsoft Confidential for internal use only
Attackers are highly skilled, persistent, and very motivated at finding and exploiting new vectors Microsoft Confidential for internal use only Wall Street Journal, JP Morgan, Lockheed, Bushehr nuclear
More information2012 Bit9 Cyber Security Research Report
2012 Bit9 Cyber Security Research Report Table of Contents Executive Summary Survey Participants Conclusion Appendix 3 4 10 11 Executive Summary According to the results of a recent survey conducted by
More informationEnterprise Cybersecurity: Building an Effective Defense
Enterprise Cybersecurity: Building an Effective Defense Chris Williams Oct 29, 2015 14 Leidos 0224 1135 About the Presenter Chris Williams is an Enterprise Cybersecurity Architect at Leidos, Inc. He has
More informationSolution Path: Threats and Vulnerabilities
Solution Path: Threats and Vulnerabilities Published: 24 January 2012 Burton IT1 Research G00226331 Analyst(s): Dan Blum This solution path helps Gartner clients develop a strategy and program for managing
More informationAdvanced Threats: The New World Order
Advanced Threats: The New World Order Gary Lau Technology Consulting Manager Greater China gary.lau@rsa.com 1 Agenda Change of Threat Landscape and Business Impact Case Sharing Korean Incidents EMC CIRC
More information10 Smart Ideas for. Keeping Data Safe. From Hackers
0100101001001010010001010010101001010101001000000100101001010101010010101010010100 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000
More information7 Things All CFOs Should Know About Cyber Security
Insero & Company s Accounting & Finance Education Series Presents 7 Things All CFOs Should Know About Cyber Security September 23, 2014 Michael Montagliano Chief Technologist, IV4. Inc. CERTIFIED PUBLIC
More informationSIEM Implementation Approach Discussion. April 2012
SIEM Implementation Approach Discussion April 2012 Agenda What are we trying to solve? Summary Observations from the Security Assessments related to Logging & Monitoring Problem Statement Solution Conceptual
More informationNine recommendations for alternative funds battling cyber crime. kpmg.ca/cybersecurity
Nine recommendations for alternative funds battling cyber crime kpmg.ca/cybersecurity Cyber criminals steal user names and passwords and use it to conduct financial trading activity illicitly. Hackers
More informationEnd-user Security Analytics Strengthens Protection with ArcSight
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
More informationI ve been breached! Now what?
I ve been breached! Now what? THE AFTERMATH OF A BREACH & STEPS TO REDUCE RISK The number of data breaches in the United States in 2014 hit a record high. And 2015 is not looking any better. There have
More informationCORE INSIGHT ENTERPRISE: CSO USE CASES FOR ENTERPRISE SECURITY TESTING AND MEASUREMENT
CORE INSIGHT ENTERPRISE: CSO USE CASES FOR ENTERPRISE SECURITY TESTING AND MEASUREMENT How advancements in automated security testing software empower organizations to continuously measure information
More informationCyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown
Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available
More informationPreparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS
Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS CONTENTS PAGE RECONNAISSANCE STAGE 4 INCURSION STAGE 5 DISCOVERY STAGE 6 CAPTURE STAGE 7 EXFILTRATION STAGE
More informationContinuous Network Monitoring
Continuous Network Monitoring Eliminate periodic assessment processes that expose security and compliance programs to failure Continuous Network Monitoring Continuous network monitoring and assessment
More informationExternal Supplier Control Requirements
External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must
More informationCombatting the Biggest Cyber Threats to the Financial Services Industry. A White Paper Presented by: Lockheed Martin Corporation
Combatting the Biggest Cyber Threats to the Financial Services Industry A White Paper Presented by: Lockheed Martin Corporation Combatting the Biggest Cyber Threats to the Financial Services Industry Combatting
More informationPACB One-Day Cybersecurity Workshop
PACB One-Day Cybersecurity Workshop WHAT IS CYBERSECURITY? PRESENTED BY: JON WALDMAN, SBS CISA, CRISC 1 Contact Information Jon Waldman Partner, Senior IS Consultant CISA, CRISC Masters of Info Assurance
More informationCompliance Guide ISO 27002. Compliance Guide. September 2015. Contents. Introduction 1. Detailed Controls Mapping 2.
ISO 27002 Compliance Guide September 2015 Contents Compliance Guide 01 02 03 Introduction 1 Detailed Controls Mapping 2 About Rapid7 7 01 INTRODUCTION If you re looking for a comprehensive, global framework
More informationFighting Advanced Threats
Fighting Advanced Threats With FortiOS 5 Introduction In recent years, cybercriminals have repeatedly demonstrated the ability to circumvent network security and cause significant damages to enterprises.
More informationAdvanced Cyber Threats in State and Local Government
RESEARCH SURVEY Advanced Cyber Threats in State and Local Government January 2014 SHUTTERSTOCK UNDERWRITTEN BY: Section 1: Executive Overview In the past, scattershot, broad-based attacks were often more
More informationOctober 24, 2014. Mitigating Legal and Business Risks of Cyber Breaches
October 24, 2014 Mitigating Legal and Business Risks of Cyber Breaches AGENDA Introductions Cyber Threat Landscape Cyber Risk Mitigation Strategies 1 Introductions 2 Introductions To Be Confirmed Title
More informationThe webinar will begin shortly
The webinar will begin shortly An Introduction to Security Intelligence Presented by IBM Security Chris Ross Senior Security Specialist, IBM Security Agenda The Security Landscape An Introduction to Security
More informationWho Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015
Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence AIBA Quarterly Meeting September 10, 2015 The Answer 2 Everyone The relationship between the board, C-suite, IT, and compliance leaders
More informationWhite. Paper. Rethinking Endpoint Security. February 2015
White Paper Rethinking Endpoint Security By Jon OItsik, Senior Principal Analyst With Kyle Prigmore, Associate Analyst February 2015 This ESG White Paper was commissioned by RSA Security and is distributed
More informationEndpoint & Server Protection. Brent Biernat First Vice President Network Services May 13, 2014
Endpoint & Server Protection Brent Biernat First Vice President Network Services May 13, 2014 The Evolution of Cyber Crime 1878 Bell Telephone Teenage Switchboard Operator Disconnected calls, eavesdropped,
More informationCyber Situational Awareness for Enterprise Security
Cyber Situational Awareness for Enterprise Security Tzvi Kasten AVP, Business Development Biju Varghese Director, Engineering Sudhir Garg Technical Architect The security world is changing as the nature
More informationEnterprise Cybersecurity: Building an Effective Defense
: Building an Effective Defense Chris Williams Scott Donaldson Abdul Aslam 1 About the Presenters Co Authors of Enterprise Cybersecurity: How to Implement a Successful Cyberdefense Program Against Advanced
More information24/7 Visibility into Advanced Malware on Networks and Endpoints
WHITEPAPER DATA SHEET 24/7 Visibility into Advanced Malware on Networks and Endpoints Leveraging threat intelligence to detect malware and exploitable vulnerabilities Oct. 24, 2014 Table of Contents Introduction
More informationBuilding a Business Case:
Building a Business Case: Cloud-Based Security for Small and Medium-Size Businesses table of contents + Key Business Drivers... 3... 4... 6 A TechTarget White Paper brought to you by Investing in IT security
More informationProtecting What Matters Most. Bartosz Kryński Senior Consultant, Clico
Protecting What Matters Most Bartosz Kryński Senior Consultant, Clico Cyber attacks are bad and getting Leaked films and scripts Employee lawsuit Media field day There are two kinds of big companies in
More informationNATIONAL CYBER SECURITY AWARENESS MONTH
NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the
More informationRequirements When Considering a Next- Generation Firewall
White Paper Requirements When Considering a Next- Generation Firewall What You Will Learn The checklist provided in this document details six must-have capabilities to look for when evaluating a nextgeneration
More informationHow a Company s IT Systems Can Be Breached Despite Strict Security Protocols
How a Company s IT Systems Can Be Breached Despite Strict Security Protocols Brian D. Huntley, CISSP, PMP, CBCP, CISA Senior Information Security Advisor Information Security Officer, IDT911 Overview Good
More informationManaging cyber risks with insurance
www.pwc.com.tr/cybersecurity Managing cyber risks with insurance Key factors to consider when evaluating how cyber insurance can enhance your security program June 2014 Managing cyber risks to sensitive
More informationThe Value of Vulnerability Management*
The Value of Vulnerability Management* *ISACA/IIA Dallas Presented by: Robert Buchheit, Director Advisory Practice, Dallas Ricky Allen, Manager Advisory Practice, Houston *connectedthinking PwC Agenda
More informationDON T BE A VICTIM! IS YOUR INVESTMENT PROGRAM PROTECTED FROM CYBERSECURITY THREATS?
HEALTH WEALTH CAREER DON T BE A VICTIM! IS YOUR INVESTMENT PROGRAM PROTECTED FROM CYBERSECURITY THREATS? Gregg Sommer, CAIA Head of Operational Risk Assessments St. Louis MERCER 2015 0 CYBERSECURITY BREACHES
More informationCyber Security and Information Assurance Controls Prevention and Reaction NOVEMBER 2013
Cyber Security and Information Assurance Controls Prevention and Reaction 1 About Enterprise Risk Management Capabilities Cyber Security Risk Management Information Assurance Strategic Governance Regulatory
More informationCan We Become Resilient to Cyber Attacks?
Can We Become Resilient to Cyber Attacks? Nick Coleman, Global Head Cyber Security Intelligence Services December 2014 Can we become resilient National Security, Economic Espionage Nation-state actors,
More informationTHE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS
THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS Download the entire guide and follow the conversation at SecurityRoundtable.org Detection, analysis, and understanding of threat
More informationThe FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED
The FBI Cyber Program Bauer Advising Symposium October 11, 2012 Today s Agenda What is the threat? Who are the adversaries? How are they attacking you? What can the FBI do to help? What can you do to stop
More informationAdvanced Threat Protection with Dell SecureWorks Security Services
Advanced Threat Protection with Dell SecureWorks Security Services Table of Contents Summary... 2 What are Advanced Threats?... 3 How do advanced threat actors operate?... 3 Addressing the Threat... 5
More informationSecurity for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape
White Paper Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape Financial services organizations have a unique relationship with technology: electronic data and transactions
More informationWHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY.
WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY. A guide for IT security from BIOS The Problem SME s, Enterprises and government agencies are under virtually constant attack today. There
More informationInformation Technology
Information Technology Information Technology Session Structure Board of director actions Significant and emerging IT risks Practical questions Resources Compensating Controls at the Directorate Level
More informationSecurity Intelligence Services. www.kaspersky.com
Kaspersky Security Intelligence Services. Threat Intelligence Services www.kaspersky.com THREAT INTELLIGENCE SERVICES Tracking, analyzing, interpreting and mitigating constantly evolving IT security threats
More informationWhat Directors need to know about Cybersecurity?
What Directors need to know about Cybersecurity? W HAT I S C YBERSECURITY? PRESENTED BY: UTAH BANKERS ASSOCIATION AND JON WALDMAN PARTNER, SENIOR IS CONSULTANT - SBS 1 Contact Information Jon Waldman Partner,
More informationHoneywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014
Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security
More informationCYBERSECURITY HOT TOPICS
1 CYBERSECURITY HOT TOPICS Secure Banking Solutions 2 Presenter Chad Knutson VP SBS Institute Senior Information Security Consultant Masters in Information Assurance CISSP, CISA, CRISC www.protectmybank.com
More informationCapabilities for Cybersecurity Resilience
Capabilities for Cybersecurity Resilience In the Homeland Security Enterprise May 2012 DHS Cybersecurity Strategy A cyberspace that: Is Secure and Resilient Enables Innovation Protects Public Advances
More informationStaying Secure After Microsoft Windows Server 2003 Reaches End of Life. Trevor Richmond, Sales Engineer Trend Micro
Staying Secure After Microsoft Windows Server 2003 Reaches End of Life Trevor Richmond, Sales Engineer Trend Micro Windows Server 2003 End of Life- Why Care? The next big vulnerability (Heartbleed/Shellshock)
More information