Overall, which types of fraud has your organisation experienced in the past year?
|
|
- Eugene Allison
- 8 years ago
- Views:
Transcription
1 1) Overall, which types of fraud has your organisation experienced in the past year? Insider fraud Corporate Account Takeover Consumer Account Takeover ATM/ABM (skimming, ram raid, etc.) Bill pay Cheque Corruption or bribery Credit/debit card Cross-border Call Centre First-party Customer information theft Customer information deletion or corruption Intellectual Property theft or piracy Intellectual Property deletion or corruption Mobile device (malware, hack, etc.) Money-laundering Mortgage Online banking ecommerce (non-banking) Theft of physical assets Third-party POS skimming Vendor, third-party or supplier (non-skimming) 2) Which types of fraud do you feel your organisation is currently best prepared to prevent and detect? Insider fraud ACH/wire (corporate account takeover) ATM/ABM (skimming, ram raid, etc.) Bill pay Check
2 Corruption or bribery Credit/debit card Cross-border Call Centre First-party Customer information theft Customer information deletion or corruption Intellectual Property theft or piracy Intellectual Property deletion or corruption Mobile device (malware, hack, etc.) Money-laundering Mortgage Online banking ecommerce (non-banking) Theft of physical assets Third-party POS skimming Vendor, third-party or supplier (non-skimming) 3) How is a fraud incident involving your organisation typically detected? At the point of origination At the point of transaction During account audit/reconciliation Internal whistleblower Third-party investigation Third-party notification Through automated data analysis or transaction monitoring software When a customer notifies us 4) When fraud occurs, how long do you estimate it takes your organisation to uncover the incident? 1 to 2 hours 3 to 4 hours
3 5 to 6 hours 7 to 8 hours More than 8 hours We lack that ability every incident is different 5) Upon discovering fraud, how long does it take for your organisation to react, respond and resolve the incident? 1-8 hours 9-16 hours hours 1-2 days 3-5 days More than five days We lack that ability 6) Have financial losses linked to fraud increased, decreased or stayed steady in the past year? Increased Decreased Remained Steady Unsure 7) Beyond the financial toll from the fraud incidents, what non-financial losses did your organisation suffer from fraud incidents? Customer accounts (moved to other institutions) Loss of productivity No losses Regulatory or other compliance issues (additional scrutiny from regulators or standards bodies) Reputational impact
4 8) Which are your organisation's biggest challenges to fraud prevention? Difficulty integrating data from various sources Difficulty investigating crimes across borders Inadequate fraud detection tools & technologies Insufficient resources (budget and/or personnel) Lack of customer awareness Lack of skills on staff Organisational silos Poor coordination with law enforcement 9) Which of these recommended technology-based controls has your organisation already invested in? Multifactor authentication Device ID Out-of-band verification for authentication Out-of-band verification for transactions "Positive pay," debit blocks, and other limits on transactional use Enhanced control over changes to account-maintenance activities by customers Enhanced controls over account activities Enhanced customer education Fraud detection and monitoring systems Internet protocol [IP] reputation-based tools Behavior-based anomaly detection technology Manual processes to detect online banking anomalies Cross-channel fraud detection Big data analytics Artificial intelligence 10) Which anti-fraud investments do you plan to make within the next 12 months? Multifactor authentication Device ID
5 Out-of-band verification for authentication Out-of-band verification for transactions "Positive pay," debit blocks, and other limits on transactional use Enhanced control over changes to account-maintenance activities by customers Enhanced controls over account activities Enhanced customer education Fraud detection and monitoring systems Internet protocol [IP] reputation-based tools Behavior-based anomaly detection technology Manual processes to detect online banking anomalies Cross-channel fraud detection Big data analytics Artificial intelligence 11) Who ultimately should be held responsible for losses incurred from financial data breaches (assuming the fraudsters themselves are not tracked down)? The organisation whose systems were breached The institution that issued the compromised financial instrument or transaction channel (e.g. payment card or bank account) The security vendor that testified to the breached entity's security The payment card brands whose cards are susceptible to breach and fraud The holder of the account that was compromised Organisations who's systems or products were used to conduct the fraud (such as domain name providers) without due diligence being taken as to their use 12) In the most common or most serious cases of fraud your organisation experienced, which PRIMARY mechanisms were employed to obtain information for fraudulent use? (select two) Phishing - to capture web credentials Phishing - to install malware (from attachment or web site) Malware infection (visiting compromised web site) Malware infection by any other method Call Centre Social Engineering Employee Social Engineering (other than Call Centre)
6 Physical data removal - stolen Physical data removal - lost/poorly disposed of Network penetration (e.g. poor firewall or data segmentation policies) Application security compromise Poor authentication policies (e.g. default, shared or simple passwords) Large scale data breach using a combination of the above (potentially an "Advanced Persistent Threat") 13) What attack mechanisms do you feel that your company is BEST able to defend against? Phishing - to capture web credentials Phishing - to install malware (from attachment or web site) Malware infection (visiting compromised web site) Malware infection by any other method Call Centre Social Engineering Employee Social Engineering (other than Call Centre) Physical data removal - stolen Physical data removal - lost/poorly disposed of Network security circumvention (e.g. poor firewall or segmentation policies) Application security compromise Poor authentication policies (e.g. default, shared or simple passwords) Large scale data breach using a combination of the above (potentially an "Advanced Persistent Threat") 14) What change have you seen in account takeover activity in the past year? Corporate Account takeover incidents have decreased Consumer Account takeover incidents have decreased Corporate Account takeover incidents have increased Consumer Account takeover incidents have increased No measurable impact
7 15) What change have you seen in account takeover financial losses in the past year? Corporate Account takeover losses have decreased Consumer Account takeover losses have decreased Corporate Account takeover losses have increased Consumer Account takeover losses have increased No measurable change 16) Over the past year, how did card-related fraud losses most commonly occur? Customer perpetrated the fraud Data breach at a payment processor Data breach at a retailer Insider/employee perpetrated the fraud Mail or telephone order/internet fraud/card-not-present PIN point-of-sale fraud Signature point-of-sale (skimming) fraud Unauthorised ATM (skimming) withdrawals not applicable 17) Over the past year, have you detected a rise in cross-channel fraud, where multiple channels are compromised concurrently? Yes, we detect an increase in cross-channel fraud No significant increase Cross-channel incidents have decreased 18) How has the number of targeted phishing attacks aimed at your employees changed in the past year? Increased Decreased Employees have not been targeted
8 19) How has the number of fraud incidents resulting from these targeted phishing attacks changed in the past year? Increased Decreased Employees have not been targeted 20) What mobile malware trends have you seen over the past year? We see a significant increase in mobile malware attacks We see no significant change whatsoever We actually see a decrease 21) How does your organisation defend against mobile malware attacks? Secure mobile apps Provide free mobile malware detection software Provide secure mobile-browser banking Customer education Anomaly detection Mobile malware is not a current concern not applicable 22) How has the number of insider fraud incidents changed in the past year? The number has grown The number has decreased No measurable change 23) How does your organisation currently address insider fraud risks? Cross-checks with HR for unsatisfactory performance Use of centralised logging to detect data exfiltration Use of encrypted Web sessions via traffic inspection to detect data exfiltration
9 Use of SIEM signatures to detect precursors to IT sabotage Enhanced IAM systems Behavioral monitoring Anomaly detection Heightened background checks Quarterly reviews of employee activity Internal whistleblower 24) In your opinion, how effective are awareness & training programs for employees and customers in reducing incidents of fraud? Done right, very effective Not at all effective - just lip service Only somewhat effective 25) How do you assess your organisation's current anti-fraud awareness & training programs for employees? 1 - superior 2 - above average 3 - average 4 - below average 5 - failing 26) How do you assess your organisation's current anti-fraud awareness & training programs for customers? 1 - superior 2 - above average 3 - average 4 - below average 5 - failing 27) Does your organisation calculate the total impact of fraud across all channels on an ongoing basis? Yes No 28) Does your organisation report fraud incidents to the police?
10 Yes, in all cases Only when losses incurred reach a pre-determined level No 29) Does your organisation share information on fraudulent activity with other companies in your sector? If so, how effective is this strategy in reducing fraud perpetrated against your company? We do not share information on fraud outside our organisation Sharing information on fraudulent activity with other companies has no measurable impact on reducing future fraudulent activity against us Sharing information on fraudulent activity with other companies helps us implement appropriate counter-fraud measures which has a measurable impact on future attempts at fraud 30) Do you support the need for added public surveillance and expanded monitoring powers for law enforcement in combatting cyberfraud? Always for matters of a national security scope Only in extreme cases where court authorisation can be produced In specific cases where court preauthorisation can provide blanket access Law enforcement & intel agencies should have access to all available information Surveillance and monitoring are always acceptable with proper notice & consent So long as the fundamental right to individuals' privacy is respected 31) Where should we draw the line for warrantless access when investigating cybercrime or traditional fraud activity? Warrantless access with proper notice, consent and disclosure is permissible It must be disclosed well ahead of time in every instance It must be publicly disclosed & independently audited, but allowed It must only be kept secret if deemed of a national security nature It should never be used as it erodes public trust not applicable 32) Why is the battle against money laundering and ID theft so difficult in the UK?
11 Cybercrime trends are moving faster than law enforcement can keep up Inadequate training for law enforcement & intelligence agencies Lack of collaboration and shared/centralised information access Discrepancies in law across geopolitical boundaries Organised cybercrime is too complex, layered and decentralised Don't believe the hype. The UK has made great progress in the past 36 months. 33) In what ways has cyberfraud supplanted traditional fraud? Actually, cyberfraud and cybercrime require entirely different law enforcement capabilities Both are motivated by profit and leverage deceptive tactics, but cyberfraud does it on a larger scale For traditional fraud to scale, it must go digital, so cyberfraud is the natural next step Law enforcement already treats them largely the same way Laws should be harmonised to prosecute and treat them with equal veracity 34) How should the effectiveness of fraud reporting be enhanced in the UK? Fraud reports should be openly accessible by everyone Much more resources should be allocated to combatting emerging threats Public education programs should be widely available across UK Free tools should be made available to supplement enhanced education Better metrics and quantitative methods should be used to track fraudulent activity There should be single reporting point for fraud and cyber crime 35) What is the title of the person charged with leading fraud prevention at your organisation? Chief operations officer Compliance officer Fraud manager Information security officer IT Physical security/loss prevention officer
12 Risk manager local counter fraud specialist 36) How large is your organisation's department assigned to fraud prevention and detection? 1 to 5 6 to to to 100 More than 100 We do not have a designated dept. Duties are managed by audit, compliance, IT, risk, etc. 37) What is your primary job function? Auditor BSA officer CEO/COO/CFO/CIO Compliance manager Fraud/loss prevention Finance/Accounting Operations Risk officer Security officer CISO Security consultant CRO Risk manager Senior Security/IT (non-c titles) Technical Staff 38) What type of entity is your organisation? Bank Building Society Government agency Independent service organisation
13 Other financial services organisation 39) If a bank or other FI, what is your organisations size by assets? Under 250 million 250 million to 500 million 500 million to 1 billion 1 billion to 5 billion 5 billion to 10 billion Over 10 billion Not applicable 40) Where is your organisation headquartered geographically? United Kingdom Asia (except India) Australia/New Zealand Canada Caribbean Europe (except UK) India Mexico Pacific/Oceania South America 41) The first 50 respondents will receive a 15 Amazon gift card. Please submit your address to qualify. If you would like to be notified of survey results, please provide your address in the box below:
PCI Compliance: How to ensure customer cardholder data is handled with care
PCI Compliance: How to ensure customer cardholder data is handled with care Choosing a safe payment process for your business Contents Contents 2 Executive Summary 3 PCI compliance and accreditation 4
More informationPractice Good Enterprise Security Management. Presented by Laurence CHAN, MTR Corporation Limited
Practice Good Enterprise Security Management Presented by Laurence CHAN, MTR Corporation Limited About Me Manager Information Security o o o o Policy formulation and governance Incident response Incident
More informationCyber - Security and Investigations. Ingrid Beierly August 18, 2008
Cyber - Security and Investigations Ingrid Beierly August 18, 2008 Agenda Visa Cyber - Security and Investigations Today s Targets Recent Attack Patterns Hacking Statistics (removed) Top Merchant Vulnerabilities
More informationA strategic approach to fraud
A strategic approach to fraud A continuous cycle of fraud risk management The risk of fraud is rising at an unprecedented rate. Today s tough economic climate is driving a surge in first party fraud for
More informationFranchise Data Compromise Trends and Cardholder. December, 2010
Franchise Data Compromise Trends and Cardholder Security Best Practices December, 2010 Franchise Data Security Agenda Cardholder Data Compromise Overview Breach Commonalities Hacking Techniques Franchisee
More informationASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES
ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES Leonard Levy PricewaterhouseCoopers LLP Session ID: SEC-W03 Session Classification: Intermediate Agenda The opportunity Assuming
More informationFFIEC CONSUMER GUIDANCE
FFIEC CONSUMER GUIDANCE Important Facts About Your Account Authentication Online Banking & Multi-factor authentication and layered security are helping assure safe Internet transactions for banks and their
More informationPresented by: Mike Morris and Jim Rumph
Presented by: Mike Morris and Jim Rumph Introduction MICHAEL MORRIS, CISA Systems Partner JIM RUMPH, CISA Systems Manager Objectives To understand how layered security assists in securing your network
More informationHere are two informational brochures that disclose ways that we protect your accounts and tips you can use to be safer online.
Here are two informational brochures that disclose ways that we protect your accounts and tips you can use to be safer online. FFIEC BUSINESS ACCOUNT GUIDANCE New financial standards will assist credit
More informationACI Response to FFIEC Guidance
ACI Response to FFIEC Guidance Version 1 July 2011 Table of contents Introduction 3 FFIEC Supervisory Expectations 4 ACI Online Banking Fraud Management 8 Online Banking Fraud Detection and Prevention
More informationBy: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015
Community Bank Auditors Group Cybersecurity What you need to do now June 9, 2015 By: Gerald Gagne MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C. Cybersecurity
More informationOnline security. Defeating cybercriminals. Protecting online banking clients in a rapidly evolving online environment. The threat.
Defeating cybercriminals Protecting online banking clients in a rapidly evolving online environment The threat As the pace of technological change accelerates, so does the resourcefulness and ingenuity
More informationTHE CHANGING FACE OF CYBERCRIME AND WHAT IT MEANS FOR BANKS
THE CHANGING FACE OF CYBERCRIME AND WHAT IT MEANS FOR BANKS David Glockner, Managing Director strozfriedberg.com Overview The big picture: what does cybercrime look like today and how is it evolving? What
More informationA practical guide to IT security
Data protection A practical guide to IT security Ideal for the small business The Data Protection Act states that appropriate technical and organisational measures shall be taken against unauthorised or
More informationWRITTEN TESTIMONY BEFORE THE HEARING ON PROTECTING PERSONAL CONSUMER INFORMATION FROM CYBER ATTACKS AND DATA BREACHES MARCH 26, 2014 2:30 PM
WRITTEN TESTIMONY BEFORE THE SENATE COMMITTEE ON COMMERCE, SCIENCE, & TRANSPORTATION HEARING ON PROTECTING PERSONAL CONSUMER INFORMATION FROM CYBER ATTACKS AND DATA BREACHES MARCH 26, 2014 2:30 PM TESTIMONY
More informationFraud Threat Intelligence
About ERM About The Speaker Safe Browsing, Monitoring Services Product Manager, Easy Solutions Inc. 8+ years anti-fraud, fraud risk, and security intelligence programs Previously licensed Securities Principle
More informationTransforming the Customer Experience When Fraud Attacks
Transforming the Customer Experience When Fraud Attacks About the Presenters Mike Young, VP, Product Team, Everbank Manages consumers and business banking products, as well as online and mobile banking
More informationYour Single Source. for credit, debit and pre-paid services. Fraud Risk and Mitigation
Your Single Source for credit, debit and pre-paid services Fraud Risk and Mitigation Agenda Types of Fraud Fraud Identification Notifications Next Steps 11/8/2013 2 Types of Fraud Lost and Stolen Cards
More informationAccepting Payment Cards and ecommerce Payments
Policy V. 4.1.1 Responsible Official: Vice President for Finance and Treasurer Effective Date: September 29, 2010 Accepting Payment Cards and ecommerce Payments Policy Statement The University of Vermont
More informationElectronic Fraud Awareness Advisory
Electronic Fraud Awareness Advisory Indiana Bankers Association Fraud Awareness Task Force February, 2012 Electronic Fraud Awareness Advisory Purpose/Summary The Indiana Bankers Association (IBA) was involved
More informationAddressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave
More informationApplying the 80/20 approach for Operational Excellence. How to combat new age threats, optimize investments and increase security.
Applying the 80/20 approach for Operational Excellence How to combat new age threats, optimize investments and increase security Vinod Vasudevan Agenda Current Threat Landscape The 80/20 Approach Achieving
More informationBreach Findings for Large Merchants. 28 January 2015 Glen Jones Cyber Intelligence and Investigation Lester Chan Payment System Security
Breach Findings for Large Merchants 28 January 2015 Glen Jones Cyber Intelligence and Investigation Lester Chan Payment System Security Disclaimer The information or recommendations contained herein are
More informationCybersecurity: Protecting Your Business. March 11, 2015
Cybersecurity: Protecting Your Business March 11, 2015 Grant Thornton. All LLP. rights All reserved. rights reserved. Agenda Introductions Presenters Cybersecurity Cybersecurity Trends Cybersecurity Attacks
More information2014 Payments Fraud Survey
2014 Payments Fraud Survey Summary of Consolidated Results Payments Information & Outreach Office Federal Reserve Bank of Minneapolis December 2014 Topics Survey Methodology & Respondent Profile Fraud
More informationDATA BREACHES: WHEN COMPLIANCE IS NOT ENOUGH
DATA BREACHES: WHEN COMPLIANCE IS NOT ENOUGH Andy Watson Grant Thornton LLP. All rights reserved. CYBERSECURITY 2 SURVEY OF CHIEF AUDIT EXECUTIVES (CAEs) GRANT THORNTON'S 2014 CAE SURVEY Data privacy and
More informationTarget Security Breach
Target Security Breach Lessons Learned for Retailers and Consumers 2014 Pointe Solutions, Inc. PO Box 41, Exton, PA 19341 USA +1 610 524 1230 Background In the aftermath of the Target breach that affected
More informationNetwork Security & Privacy Landscape
Network Security & Privacy Landscape Presented By: Greg Garijanian Senior Underwriter Professional Liability 1 Agenda Network Security Overview -Latest Threats - Exposure Trends - Regulations Case Studies
More informationWRITTEN TESTIMONY BEFORE THE HEARING ON FEBRUARY 4, 2014 TESTIMONY OF JOHN MULLIGAN TARGET
WRITTEN TESTIMONY BEFORE THE SENATE COMMITTEE ON THE JUDICIARY HEARING ON PRIVACY IN THE DIGITAL AGE: PREVENTING DATA BREACHES AND COMBATING CYBERCRIME FEBRUARY 4, 2014 TESTIMONY OF JOHN MULLIGAN EXECUTIVE
More informationHacks, apps and espionage - how protected are you against cyber crime? Top 10 Legal Need-to-Knows
Hacks, apps and espionage - how protected are you against cyber crime? Top 10 Legal Need-to-Knows 24 February 2015 Callum Sinclair Faith Jayne Agenda Top 10 legal need-to-knows, including: What is cyber
More informationPolicy for Protecting Customer Data
Policy for Protecting Customer Data Store Name Store Owner/Manager Protecting our customer and employee information is very important to our store image and on-going business. We believe all of our employees
More informationAn New Approach to Security. Chris Ellis McAfee Senior System Engineer Chris_Ellis@McAfee.com
An New Approach to Security Chris Ellis McAfee Senior System Engineer Chris_Ellis@McAfee.com Advanced Targeted Attack Challenges Criminal Theft Sabotage Espionage After the Fact Expensive Public Uncertainty
More informationManaging cyber risks with insurance
www.pwc.com.tr/cybersecurity Managing cyber risks with insurance Key factors to consider when evaluating how cyber insurance can enhance your security program June 2014 Managing cyber risks to sensitive
More informationPayment Card Industry Data Security Standard Training. Chris Harper Vice President of Technical Services Secure Enterprise Computing, Inc.
Payment Card Industry Data Security Standard Training Chris Harper Vice President of Technical Services Secure Enterprise Computing, Inc. March 27, 2012 Agenda Check-In 9:00-9:30 PCI Intro and History
More information2012 NCSA / Symantec. National Small Business Study
2012 NCSA / Symantec National Small Business Study National Cyber Security Alliance Symantec JZ Analytics October 2012 Methodology and Sample Characteristics JZ Analytics was commissioned by the National
More informationInto the cybersecurity breach
Into the cybersecurity breach Tim Sanouvong State Sector Cyber Risk Services Deloitte & Touche LLP April 3, 2015 Agenda Setting the stage Cyber risks in state governments Cyber attack vectors Preparing
More informationMitigating and managing cyber risk: ten issues to consider
Mitigating and managing cyber risk: ten issues to consider The board of directors is responsible for managing and mitigating risk exposure. A recent study conducted by the Ponemon Institute 1 revealed
More informationSound Business Practices for Businesses to Mitigate Corporate Account Takeover
Sound Business Practices for Businesses to Mitigate Corporate Account Takeover This white paper provides sound business practices for companies to implement to safeguard against Corporate Account Takeover.
More informationCommon Data Breach Threats Facing Financial Institutions
Last Updated: February 25, 2015 Common Data Breach Threats Facing Financial s Although exact figures are elusive, there is no question that the number of data security breaches both reported and unreported
More informationWhat s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.
What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things. AGENDA Current State of Information Security Data Breach Statics Data Breach Case Studies Why current
More informationQuestions You Should be Asking NOW to Protect Your Business!
Questions You Should be Asking NOW to Protect Your Business! Angi Farren, AAP Senior Director Jen Wasmund, AAP Compliance Services Specialist 31 st Annual Conference SHAPE YOUR FUTURE April 23, 2013 Regional
More informationDeception scams drive increase in financial fraud
ADDRESS 2 Thomas More Square London E1W 1YN WEBSITE www.financialfraudaction.org.uk DIRECT LINE 020 3217 8436 NEWS RELEASE EMAIL press@ukcards-ffauk.org.uk Deception scams drive increase in financial fraud
More informationFFIEC BUSINESS ACCOUNT GUIDANCE
FFIEC BUSINESS ACCOUNT GUIDANCE New financial standards will assist credit unions and business account holders to make online banking safer and more secure from account hijacking and unauthorized funds
More information1. Ask what your financial institution knows or has personally experienced with regard to internal and external data breaches.
Part 1: Internal & External Data Breach Vulnerabilities Presented on: Thursday, February 12, 2 3 ET Co presented by: Ann Davidson VP of Risk Consulting at Allied Solutions Joe Majka CSO at Verifone 1 Breakdown
More informationHow To Protect Your Credit Card Information From Being Stolen
Visa Account Information Security Tool Kit Welcome to the Visa Account Information Security Program 2 Contents 1. Securing cardholder data is everyone s concern 4 2. Visa Account Information Security (AIS)
More informationFraud and Abuse Policy
Fraud and Abuse Policy 2015 FRAUD AND ABUSE POLICY 2015 1 Contents 4. Introduction 6. Policy Goal 7. Combatting Customer Fraud and Abuse 8. Reporting Breaches 9. How Alleged Breaches Will Be Investigated
More informationProtecting Your Organisation from Targeted Cyber Intrusion
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
More informationKaspersky Fraud Prevention platform: a comprehensive solution for secure payment processing
Kaspersky Fraud Prevention platform: a comprehensive solution for secure Today s bank customers can perform most of their financial operations online. According to a global survey of Internet users conducted
More informationwww.pwc.com Cybersecurity and Privacy Hot Topics 2015
www.pwc.com Cybersecurity and Privacy Hot Topics 2015 Table of Contents Cybersecurity and Privacy Incidents are on the rise Executives and Boards are focused on Emerging Risks Banking & Capital Markets
More informationBest Practices in Account Takeover
WHITEPAPER Best Practices in Account Takeover July 2013 2 Table of Contents Introduction 3 Account Takeover is Painful 4 Differences between Account Takeover and Account Compromise 4 Why Account Compromise
More informationReducing Fraud whilst Keeping Transactions in Motion
Reducing Fraud whilst Keeping Transactions in Motion Fraud Today Following a decrease in 2012, fraud is on the rise again, and so are the costs involved in managing it. These factors are in turn driving
More informationWhat is Management Responsible For?
What is Management Responsible For? Matthew J. Putvinski, CPA, CISA, CISSP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2011 Wolf & Company, P.C. About Wolf & Company, P.C Regional
More informationTop 10 Anti-fraud Tips: The Cybersecurity Breach Aftermath
ebook Top 10 Anti-fraud Tips: The Cybersecurity Breach Aftermath Protecting against downstream fraud attacks in the wake of large-scale security breaches. Digital companies can no longer trust static login
More informationFrequently Asked Questions
PCI Compliance Frequently Asked Questions Table of Content GENERAL INFORMATION... 2 PAYMENT CARD INDUSTRY DATA SECURITY STANDARD (PCI DSS)...2 Are all merchants and service providers required to comply
More informationBriefly describe the #1 problem you have encountered with implementing Multi-Factor Authentication.
Polling Question Briefly describe the #1 problem you have encountered with implementing Multi-Factor Authentication. Please type in your response. This poll will close promptly at 1:00 pm CDT Getting the
More informationHow To Protect Your Online Banking From Fraud
DETECT MONITORING SERVICES AND DETECT SAFE BROWSING: Empowering Tools to Prevent Account Takeovers SUMMARY The Federal Financial Institutions Examination Council (FFIEC) is planning to update online transaction
More informationNew York State Department of Financial Services. Report on Cyber Security in the Insurance Sector
New York State Department of Financial Services Report on Cyber Security in the Insurance Sector February 2015 Report on Cyber Security in the Insurance Sector I. Introduction Cyber attacks against financial
More informationIT Security Risks & Trends
IT Security Risks & Trends Key Threats to All Businesses 1 1 What do the following have in common? Catholic church parish Hospice Collection agency Main Street newspaper stand Electrical contractor Health
More informationE Commerce and Internet Security
E Commerce and Internet Security Zachary Rosen, CFE, CIA President, ACFE Czech Republic Chapter Introduction The Internet has become a global phenomenon reshaping the way we communicate and conduct business.
More informationDefending Against Data Beaches: Internal Controls for Cybersecurity
Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity
More informationPresented By: Corporate Security Information Security Treasury Management
Presented By: Corporate Security Information Security Treasury Management Is Your Business Prepared for a Cyber Incident? It s not a matter of if, it s a matter of when Cyber Attacks are on the Rise; Physical
More informationWHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY.
WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY. A guide for IT security from BIOS The Problem SME s, Enterprises and government agencies are under virtually constant attack today. There
More informationSecurity and Privacy
Security and Privacy Matthew McCormack, CISSP, CSSLP CTO, Global Public Sector, RSA The Security Division of EMC 1 BILLIONS OF USERS MILLIONS/BILLIONS OF APPS 2010 Cloud Big Data Social Mobile Devices
More informationDevelopments in cybercrime and cybersecurity
Developments in cybercrime and cybersecurity Developments in cybercrime and cybersecurity As customers and clients increasingly go online to do their banking with convenience, privacy and security their
More informationMaking Your Fraud Vision 20 / 20. Thomas R. Strause, CIA, CFE, CBA, CISA, CFSA, CICA Partner FOS tstrause@fosaudit.
Making Your Fraud Vision 20 / 20 Thomas R. Strause, CIA, CFE, CBA, CISA, CFSA, CICA Partner tstrause@fosaudit.com 610-603-5603 Topics to be Covered + Summary of Fraud Statistics ACFE 2014 Report + Current
More informationWith the Target breach on everyone s mind, you may find these Customer Service Q & A s helpful.
With the Target breach on everyone s mind, you may find these Customer Service Q & A s helpful. Breach Overview Q: Media reports are stating that Target experienced a data breach. Can you provide more
More informationIRS & Partners Combat Tax-Related Identity Theft What s New for 2016
IRS & Partners Combat Tax-Related Identity Theft What s New for 2016 General Scope of Identity Theft Identity theft costs U.S. victims more than all property crimes combined Identity theft remains number
More informationIBM Security Strategy
IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration
More informationTax-Related Identity Theft: IRS Efforts to Assist Victims and Combat IDT Fraud
Tax-Related Identity Theft: IRS Efforts to Assist Victims and Combat IDT Fraud Glenn Gizzi Senior Stakeholder Liaison Marc Standig Enrolled Agent What is tax-related identity theft? Tax-related identity
More informationCyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte
Cyber security Time for a new paradigm Stéphane Hurtaud Partner Information & Technology Risk Deloitte 90 More than ever, cyberspace is a land of opportunity but also a dangerous world. As public and private
More informationNATIONAL CYBER SECURITY AWARENESS MONTH
NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the
More informationSpear Phishing Attacks Why They are Successful and How to Stop Them
White Paper Spear Phishing Attacks Why They are Successful and How to Stop Them Combating the Attack of Choice for Cybercriminals White Paper Contents Executive Summary 3 Introduction: The Rise of Spear
More informationSeptember 20, 2013 Senior IT Examiner Gene Lilienthal
Cyber Crime September 20, 2013 Senior IT Examiner Gene Lilienthal The following presentation are views and opinions of the speaker and does not necessarily reflect the views of the Federal Reserve Bank
More informationThe Evolution of Data Breaches
The Evolution of Data Breaches 2015 Data Privacy & Security Summit June 29, 2015 Mark Shelhart Incident Response & Forensics Retail Data Security recent victims The Largest Cyber Risks to your Organization
More informationCYBERSECURITY FRAUD LOSS ISSUES & HOW TO ADDRESS RISKS IN TODAY'S INSURANCE MARKETPLACE 12/16/2015. December 17, 2015
12/16/2015 CYBERSECURITY FRAUD LOSS ISSUES & HOW TO ADDRESS RISKS IN TODAY'S INSURANCE MARKETPLACE December 17, 2015 Angela R. Morelock, CPA, CFE, CFF, ABV Partner, BKD, LLP amorelock@bkd.com Jeff Eiserman
More informationExecutive Summary 3. Snowden and Retail Breaches Influencing Security Strategies 3. Attackers are on the Inside Protect Your Privileges 3
GLOBAL ADVANCED THREAT LANDSCAPE SURVEY 2014 TABLE OF CONTENTS Executive Summary 3 Snowden and Retail Breaches Influencing Security Strategies 3 Attackers are on the Inside Protect Your Privileges 3 Third-Party
More informationCyber Risk in Healthcare AOHC, 3 June 2015
Cyber Risk in Healthcare AOHC, 3 June 2015 Kopiha Nathan, Senior Healthcare Risk Management and Data Specialist James Penafiel, Underwriting Supervisor, Insurance Operations CFPC Conflict of Interest -
More informationSecurity strategies to stay off the Børsen front page
Security strategies to stay off the Børsen front page Steve Durkin, Channel Director for Europe, Q1 Labs, an IBM Company 1 2012 IBM Corporation Given the dynamic nature of the challenge, measuring the
More informationEconomic Crime: A Threat to Business Globally
www.pwc.com s 2014 Global Economic Crime Survey Latin America Supplement Economic Crime: A Threat to Business Globally Introduction We are pleased to present the Latin America results of the PricewaterhouseCoopers
More informationItaly. EY s Global Information Security Survey 2013
Italy EY s Global Information Security Survey 2013 EY s Global Information Security Survey 2013 This year s survey our 16th edition captures the responses of 1,909 C-suite and senior level IT and information
More informationCyber Liability Insurance Data Security, Privacy and Multimedia Protection
Page 1 of 5 Cyber Liability Insurance Data Security, Privacy and Multimedia Protection What is a Cyber Risk? Technology is advancing at such an alarming rate and business is more and more reliant on IT
More informationCyberArk Privileged Threat Analytics. Solution Brief
CyberArk Privileged Threat Analytics Solution Brief Table of Contents The New Security Battleground: Inside Your Network...3 Privileged Account Security...3 CyberArk Privileged Threat Analytics : Detect
More informationCumberland Business Debit Card. Terms & Conditions
Cumberland Business Debit Card Terms & Conditions These Conditions apply to the use of business debit cards issued by Cumberland Building Society ( the Society ) by which you can: withdraw money, or obtain
More informationSecurity. Tiffany Trent-Abram VP, Global Product Management. November 6 th, 2015. One Connection - A World of Opportunities
One Connection - A World of Opportunities Security Tiffany Trent-Abram VP, Global Product Management November 6 th, 2015 2015 TNS Inc. All Rights Reserved. Bringing Global Credibility and History TNS Specializes
More informationProtect Your Business and Customers from Online Fraud
DATASHEET Protect Your Business and Customers from Online Fraud What s Inside 2 WebSafe 5 F5 Global Services 5 More Information Online services allow your company to have a global presence and to conveniently
More informationGladiator NetTeller Enterprise Security Monitoring Online Fraud Detection INFORMATION SECURITY & RISK MANAGEMENT
Gladiator NetTeller Enterprise Security Monitoring Online Fraud Detection INFORMATION SECURITY & RISK MANAGEMENT Gladiator NetTeller Enterprise Security Monitoring Online Fraud Detection Foreword The consumerization
More informationCAVAN AND MONAGHAN EDUCATION AND TRAINING BOARD. Data Breach Management Policy. Adopted by Cavan and Monaghan Education Training Board
CAVAN AND MONAGHAN EDUCATION AND TRAINING BOARD Data Breach Management Policy Adopted by Cavan and Monaghan Education Training Board on 11 September 2013 Policy Safeguarding personally identifiable information
More informationWHITE PAPER. PCI Basics: What it Takes to Be Compliant
WHITE PAPER PCI Basics: What it Takes to Be Compliant Introduction A long-running worldwide advertising campaign by Visa states that the card is accepted everywhere you want to be. Unfortunately, and through
More informationCyber Security Issues - Brief Business Report
Cyber Security: Are You Prepared? This briefing provides a high-level overview of the cyber security issues that businesses should be aware of. You should talk to a lawyer and an IT specialist for a complete
More informationWHITE PAPER KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST PROTECTING THE PROTECTOR
KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST Protecting Identities. Enhancing Reputations. IDT911 1 DATA BREACHES AND SUBSEQUENT IDENTITY THEFT AND FRAUD THREATEN YOUR ORGANIZATION
More informationCybersecurity: What CFO s Need to Know
Cybersecurity: What CFO s Need to Know William J. Nowik, CISA, CISSP, QSA PCIP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2014 Wolf & Company, P.C. Today s Agenda Introduction
More informationCyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft
Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security
More informationwww.pwc.fi We believe successful global organisations can confront fraud, corruption and abuse PwC Finland Forensic Services
www.pwc.fi We believe successful global organisations can confront fraud, corruption and abuse Finland Who are we? Bring a robust forensics team to the table to support your organisation Our practice can
More informationJim Bray, Cyber Security Adviser InfoSight, Inc.
Best Practices for protecting patient data Training and education is your best defense! Presented by Jim Bray, Cyber Security Adviser InfoSight, Inc. 2014 InfoSight Cyber Security starts with education
More informationWe will not collect, use or disclose your personal information without your consent, except where required or permitted by law.
HSBC Privacy Notice HSBC's Privacy Principles HSBC Bank Canada is a subsidiary of HSBC Holdings plc which, together with its subsidiaries and affiliates, is one of the world s largest banking and financial
More informationPayments Fraud: It's Not Fun & Games
Payments Fraud: It's Not Fun & Games Claudia Swendseid Senior Vice President Payments Information & Outreach Office Federal Reserve Bank of Minneapolis NACHA Payments 2015 Claudia Swendseid Senior Vice
More informationHow To Cover A Data Breach In The European Market
SECURITY, CYBER AND NETWORK INSURANCE SECURING YOUR FUTURE Businesses today rely heavily on computer networks. Using computers, and logging on to public and private networks has become second nature to
More informationCyber Liability Insurance Data Security, Privacy and Multimedia Protection
Page 1 of 5 Cyber Liability Insurance Data Security, Privacy and Multimedia Protection What is a Cyber Risk? Technology is advancing at such an alarming rate and business is more and more reliant on IT
More informationCybersecurity Issues for Community Banks
Eastern Massachusetts Compliance Network Cybersecurity Issues for Community Banks Copyright 2014 by K&L Gates LLP. All rights reserved. Sean P. Mahoney sean.mahoney@klgates.com K&L Gates LLP State Street
More information