6/24/2016Financial Services Sector Coordinating Council For Critical Infrastructure Protection R&D Committee 1 Financial Cybersecurity in Complex, Heterogeneous.

Slides:

Advertisements

Similar presentations

Museum Presentation Intermuseum Conservation Association.

Advertisements

OCTAVESM Process 4 Create Threat Profiles

Presenters:Donald McCalman Sandy Gilchrist 1 st Sept 2008.

4.1.5 System Management Background What is in System Management Resource control and scheduling Booting, reconfiguration, defining limits for resource.

Workshop on High Confidence Medical Device Software and Systems (HCMDSS) Research & Roadmap June 2-3, 2005 Philadelphia, PA. Manufacturer/Care-Giver Perspective.

Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.

Cyber Security R&D Challenges: A Homeland Security Perspective Simon Szykman, Ph.D. Director, Cyber Security R&D

Cyberterrorism. Critical Infrastructure Vulnerability.

10/29/20091 Innovation Partnerhsip Models with the Finance Sector Dept. of Homeland Security Science & Technology Directorate Douglas Maughan, Ph.D. Branch.

DHS, National Cyber Security Division Overview

CYBER SECURITY in the SINGAPORE FINANCIAL SECTOR Tony Chew, Director, Technology Risk Supervision Monetary Authority of Singapore © Tel:

OPM Cybersecurity Competencies by Occupation (Technical Competencies) Information Technology Management Series Electronics Engineering.

Cyber Resilience Simon Onyons Financial Stability – Resilience Team.

Report on Intrusion Detection and Data Fusion By Ganesh Godavari.

Closing the CIP Technology Gap in the Banking and Finance Sector Treasury Department Office of Critical Infrastructure Protection and Compliance Policy.

(Geneva, Switzerland, September 2014)

Physical and Cyber Attacks1. 2 Inspirational Quote Country in which there are precipitous cliffs with torrents running between, deep natural hollows,

Security Issues on Campus: Government Initiatives Rodney J. Petersen University of Maryland Educause/Internet2 Security Task Force Copyright Rodney J.

Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.

Governance, Risk, and Compliance Bill Greene Senior Industry Director.

A project under the 7th Framework Programme CPS Workshop Stockholm 12/04/2010 Gunnar Björkman Project Coordinator A Security Project for the Protection.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

GridWise ® Architecture Council Cyber-Physical System Requirements for Transactive Energy Systems Shawn A. Chandler Maseeh College of Electrical and Computer.

BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.

CS 325: Software Engineering April 14, 2015 Software Security Security Requirements Software Security in the Life Cycle.

Created by Curt Harrell & Jesse Kuzy for THE DEPARTMENT OF HOMELAND SECURITY.

© 2001 Carnegie Mellon University S8A-1 OCTAVE SM Process 8 Develop Protection Strategy Workshop A: Protection Strategy Development Software Engineering.

Homeland Security. Learning Topics Purpose Introduction History Homeland Security Act Homeland Defense Terrorism Advisory System Keeping yourself safe.

Computer Science and Engineering 1 Service-Oriented Architecture Security 2.

Association of Defense Communities June 23, 2015

SECURITY ENGINEERING 2 April 2013 William W. McMillan.

© BITS BITS and FSSCC R&D Efforts John Carlson Senior Vice President of BITS Panel on Data Breaches in Payments Systems-- Roles and Best Practices.

NATO Advanced Research Workshop “Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy Framework” Scenario for Discussion.

Mobile Banking By: Chenyu Gong, Jalal Hafidi, Harika Malineni.

Health Care Information Systems Research in CERCS Doug Blough.

Report on Intrusion Detection and Data Fusion By Ganesh Godavari.

ARTIFICIAL INTELLIGENCE FOR HOME LAND SECURITY. THE AUTHORS Phd, Information Systems from New York University Management information systems, University.

1 st Seminar Session on Risk and Security Issues Center for Risk and Security The George Perkins Marsh Institute Conference Room May 13 th, 2005.

INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION

Cybersecurity: Think Globally, Act Locally Dr. Peter Freeman NSF Assistant Director for CISE Educause Net2003 April 30, 2003.

Enterprise Cybersecurity Strategy

TÜBİTAK – BİLGEM – SGE Cyber Security Institute Asım Gençer Gökce TÜBİTAK BİLGEM Cyber Security Institute (SGE) Role: Cyber.

Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.

Keynote 9: Cyber Security in Emerging C4I Systems: Deployment and Implementation Perspectives By Eric J. Eifert, Sr. VP of DarkMatter’s Managed Security.

Activu-Powered Video Wall Prominently Featured during President Obama’s Visit to the National Cybersecurity and Communications Integration Center On January.

Financial Sector Cybersecurity R&D Priorities The Members of the FSSCC R&D Committee November 2014.

Cyber Insurance Risk Transfer Alternatives Heather Soronen - Operations Director Rocky Mountain Insurance Information Association.

AUTONOMIC COMPUTING B.Akhila Priya 06211A0504. Present-day IT environments are complex, heterogeneous in terms of software and hardware from multiple.

Non-Confidential Copyright © 2006 CyberRAVE LLC. All Rights Reserved. CyberRAVE January 24, 2006 Strategic Approach to Developing Corporate Data Insurance.

Cyber Insurance Risk Transfer Alternatives

Horizon 2020 Secure Societies European Info Day and Brokerage Event

CYBERSECURITY INCIDENCE IN THE FINANCIAL SERVICES SECTOR March 28, 2017 Presented by Osato Omogiafo Head IT Audit.

Cybersecurity - What’s Next? June 2017

Information Technology Sector

California Cybersecurity Integration Center (Cal-CSIC)

Detection and Analysis of Threats to the Energy Sector (DATES)

Governance, Risk, and Compliance Bill Greene Senior Industry Director

BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT

Wenjing Lou Complex Networks and Security Research (CNSR) Lab

SECURITY MECHANISM & E-COMMERCE

NJOHSP Partnerships and Resources

Cybersecurity Special Public Meeting/Commission Workshop for Natural Gas Utilities September 27, 2018.

An Urgent National Imperative

John Carlson Senior Director, BITS

Cybersecurity ATD technical

Partnership: Making Common Cause in a Common Effort

Managing IT Risk in a digital Transformation AGE

Cyber Security in a Risk Management Framework

CYBER RISKS IN SECURITIES SERVICES

Presentation transcript:

6/24/2016Financial Services Sector Coordinating Council For Critical Infrastructure Protection R&D Committee 1 Financial Cybersecurity in Complex, Heterogeneous Data Environments Martha Grabowski Le Moyne College Rensselaer Polytechnic Institute 7 May 2010

6/24/20162 Banking and Financial Systems Secure, resilient and reliable systems Seamless operations Public confidence in monetary systems Public-private partnerships for information sharing Industry-academia-government project

6/24/20163 Financial Services Sector Coordinating Council R&D Committee (FSSCC) Priorities Enrollment and identity credential management --identify, authenticate and authorize customers --provide controls to reduce vulnerabilities --improve identity management processes --reduce social engineering attacks Understanding the human insider threat

6/24/20164 Financial Services Sector Coordinating Council R&D Committee (FSSCC) Priorities Understanding the human insider threat --identify trustworthy candidates --couple historical record and identity confirmation analyses to develop holistic methods --develop data frame to predict likelihood of insider attacks --develop continuous, unobtrusive monitoring systems to reduce insider risks

6/24/20165 Leading Indicators Conditions, events, patterns or measures that precede an undesirable event Predict arrival of an event Identify activities to minimize and manage risk Traditionally developed using quantitative data sets Financial, medical, mining, aviation, transportation systems

6/24/20166 Telecommunications data Human Profile, Behavioral data Social network, Web 2.0/3.0 data Multimedia communications data Funds transfer, movement data Transaction data Organizational Culture data Heterogeneous, Complex Data

6/24/20167 Fusion Real-time Monitoring Decision Historical Data Other Information or Data Other Information or Data Prediction (distribution of abnormal events) Indication (early detection) Correlation (symptoms of flaws, signs of suspicious activities, associations with other events) Time-series Models, Statistical Estimations Geometric Brownian Motion & Leading Indicators Probabilistic Methods Approach Fuse results and simulate cyber systems using software agents Detect structural risks, load-related weaknesses and behaviorally-based disruptions Develop population and behaviorally-based models Model and capture interactions between humans and technology, and between design and operations Data cleansing, data mining and integration

6/24/20168 Goals Identify correlations and associations with flaws or suspicious activities Detect anomalies early in analysis/monitoring Predict occurrence of future events

6/24/20169 Results Measure, monitor, mitigate operational risk Requirements for capital Data security Vendor management Benchmarking and generalization Resiliency Maturity Model (CMU, 2008) Implications for other mission- and safety-critical large-scale systems

6/24/ Schedule 2 years September September 2012

6/24/ Project Team Financial Cybersecurity In Complex, Heterogeneous Data Environments Le Moyne College Prof Martha Grabowski Research Assistants Rensselaer Polytechnic Institute Prof W.K. Victor Chan Prof Cheng Hsu Doctoral students

6/24/ Contacts Martha Grabowski Chair, Business Administration Dept Director, Information Systems Program Le Moyne College Syracuse, NY Research Professor Rensselaer Polytechnic Institute Troy, NY