cyber crime threat landscape - a focus on the financial industry
Post on 21-Jan-2015
429 Views
Preview:
DESCRIPTION
TRANSCRIPT
The Cyber Crime Threat Landscape
A Focus on The Financial IndustryPresented by Morris Cody and William McBorrough, Principals, MCGlobalTech
Presenters Profile
• Morris Cody, Managing Principal, MCGlobalTech• 25+ yrs - IT Infrastructure Management• 6+ yrs – Cyber Security Management• Industries: Financial, Manufacturing, Consulting, Private, Public
• William J. McBorrough, Managing Principal, MCGlobalTech• 15+ yrs – Cyber Security Management, Architecture, Engineering,
Operations, Awareness Training• 6+ yrs – Adjunct Professor, Cyber Security – Undergraduate, Graduate • Industries: Financial, Manufacturing, Healthcare, Higher Ed., Government
MCGlobalTech
• Provides strategic IT / Security advisory services;
• Align technology and security solutions to drive and support business goals;
• Assess IT security posture;
• Experienced in the private and public sector;
• Promotes IS education and awareness;
• Focused on four primary consulting services;
• Enterprise Information Security Management
• IT Infrastructure Management
• IT Governance & Compliance
• Cloud Computing Migration
Protect Your Assets, Protect Your Brand Know Your Threat Landscape
Hacking - Primary Cause of Data Breach
Symantec Corporation: Internet Security Threat Report 2014 :: Volume 19
MEDIA FRENZY - HEADLINES
• ATM thieves conduct massive cyber attacks;– $45 million from automated teller machines (Washington Post);
• More banks hit by cyberattacks than Initially thought;– JPMorgan Chase, Bank of America, Citibank, PNC Financial,
Union Bank, BB&T and Capital One (American Banker);
• Major banks hit with biggest cyberattacks in history– These denial of service attacks were the largest recorded by a
wide margin (CNN Money).
Reports - Symantec / Telegraph
• There was a 42 percent increase in cyberattacks against U.S. businesses in 2012;
• These attacks are becoming more powerful and more sophisticated with each passing year;
• Major financial institutions are continually under assault and the total number of attacks are increasing;
• This has caused a negative impact on company brand, public trust, customer retention, bottom line profits
Threat Landscape Actors
PwC, CIO, CSO Magazine - Key findings from The Global State of Information Security Survey 2014
How was your organization impacted by the security incidents?
PwC Magazine - Key findings from The Global State of Information Security Survey 2014
Frequency of Incidents Per Industry
Verizon 2014 Data Breach Investigations Report
Web App Attacks Motivation Factors
Verizon 2014 Data Breach Investigations Report
Payment Card Skimmers
Verizon 2014 Data Breach Investigations Report
DoS Attacks Increase in Effectiveness
Verizon 2014 Data Breach Investigations Report
Poll Questions
• Do you have a good understanding about the threat landscape facing your organization?– Yes – No– Unsure
• What best describes the level of knowledge among non-IT executive about your company’s cyber security defenses?– Good – Some– Poor– None
Are you the next Target?
2013 has been dubbed the year of the “mega-breach”!
Don’t become a 2014 statistic.
Target CFO to Congress
“The unfortunate reality is that we suffered a breach, and all businesses — and their customers — are facing increasingly sophisticated threats from cybercriminals,”
-John Mulligan, Target CFO
Case Study – The Target Breach
• Initially reported 40, then 70, then 110 million customers’ data compromised.
• 40 million = population of NY + LA + other 25 largest US cities.
Anatomy of the Target Breach
Typical Data Breach Example
Now do you all come in?
What Finance managers must know about their role in thwarting cyber attacks?
There are four general steps to become more ready to face and deal with the threats we’ve discussed thus far:
Step 1 – Know the threat
1. Know the threat
Step 2 – Know the business
1. Know the threat
2. Understand your Business
.
Step 3 – Know your weaknesses
1. Know the threat
2. Understand your business
3. Identify your weaknesses
.
Step 4 – Be proactive
•
1. Know the threat• 2. Understand your
business• 3. Identify your
weaknesses• 4. Be Proactive
.
Poll Questions
• In the past 12 months, have you participated in role-based security awareness training that focuses on your specific duties ?– Yes – No
• How confident are you that your organization’s security staff understands your business and finance operations?– Very Confident– Somewhat Confident– Not Confident at all
Summary Points
Considerations• Financial services companies
are funding information security initiatives
• Can’t fight todays cyber crimes with yesterday’s technology
• Threat landscape is become more sophisticated
• Cyber attacks are growing exponentially
Call To Action• Create threat awareness
• Know your threat landscape
• Understand your business security needs
• Identify your security weaknesses
• Proactive Actions
• Create / Implement a good cyber security program
Questions?
MCGlobalTech Contact Information
Mission Critical Global Technology Group1776 I Street, NW
9th FloorWashington, District of Columbia 20006
Phone: 571-249-3932Website: www.mcglobaltech.comEmail: Info@mcglobaltech.com
William McBorrough Morris CodyManaging Principal Managing Principalwjm4@mcglobaltech.com mcody@mcglobaltech.com
top related