© 2013 Promontory Financial Group, LLC. All rights reserved. CONFIDENTIAL WASHINGTON, D.C. ATLANTA BRUSSELS DENVER DUBAI HONG KONG LONDON MILAN NEW YORK.

Slides:

Advertisements

Similar presentations

Prescription for Criminal Justice Forensics. The government has all but declared a national state of emergency regarding computer-related crimes and has.

Advertisements

© 2013 Dechert LLP Defense Litigation Checklist September 26, 2013.

Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL

Risk Management a Case Study DATALAWS Information Technology Law Consultants Presented by F. F Akinsuyi (MSc, LLM)MBCS.

© Allen & Overy 2013 Global reach and local depth – your perfect match Luxembourg-Russia Desk Jacques Wantz In charge of the Luxembourg-Russia Desk Allen.

© 2012 Promontory Financial Group, LLC. All rights reserved. Washington Atlanta New York San Francisco Dubai London Milan Paris Singapore Sydney Tokyo.

Emerging Trends in Business. Outsourcing Contracting out of a business function, which was previously performed in-house, to an external provider. Contracting.

Cyber Security Finance Forum 2012 Michael DuBose Managing Director & Practice Leader Cyber Investigations.

"The Role of Arbitration in the Dispensal of Justice" Does Arbitration Maintain the Advantages it Traditionally Enjoyed? Nathan Searle, Senior Associate.

© 2011 Promontory Financial Group, LLC. All rights reserved. Washington, DC Atlanta Brussels Dubai Hong Kong London Milan New York Paris San Francisco.

Your cybersecurity breach will happen! Here’s what to do to mitigate your risk Thursday, 25 September 2014.

Mobil e 65% of companies are deploying at least one social software tool. SocialClou d Digital content grew to Over 80% of new apps were distributed or.

Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:

January 2012 Workshop on Radio Frequencies International Legal Expert Meeting, January 2012 Leiden University, The Netherlands Gerry Oberst.

December 8, 2014 Healthcare/Privacy Current Law Affecting Uses of Health Data Melissa Bianchi Partner.

27 September 2013 Promoting Russia as a Seat of Arbitration: What Are the Best Ways Forward? Peter Pettibone.

BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.

WHAT EVERY RISK MANAGER NEEDS TO KNOW ABOUT DATA SECURITY RIMS Rocky Mountain Chapter Meeting Thursday, July 25, :30 am – 12:30 pm.

Cybersecurity and the Department of Justice Vincent A. Citro, Assistant United States Attorney July 9-10, 2014 Unclassified – For Public Use.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #6 Forensics Services September 10, 2007.

Navigant Consulting, Inc. One vision, one strategy, one company.

Verification Pvt. Ltd. 1. Name : URVASHI Verification Pvt. Services : Criminal record verification Civil record verification Financial verification Tenants.

Cyber Security Nevada Businesses Overview June, 2014.

Supervision of Information Security and Technology Risk Barbara Yelcich, Federal Reserve Bank of New York Presentation to the World Bank September 10,

Navigant Consulting, Inc. One vision, one strategy, one company.

T UCKER A LAN I NC. …business and litigation consulting.

℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.

Data Security and Payment Card Acceptance Presented by: Brian Ridder Senior Vice President First National September 10, 2009.

Your Logo Here Your Copyright here, Year Selection Criteria Name, Title [Your Company Here] Date Here.

Stakeholder & Issue Management Approaches

BEIJING BRUSSELS CHICAGO DALLAS GENEVA HONG KONG LONDON LOS ANGELES NEW YORK SAN FRANCISCO SHANGHAI SINGAPORE TOKYO WASHINGTON D.C. What Pharmaceutical.

Jeff Miller Tamra Pawloski IT Procurement Summit headline news…

Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.

Chapter 11: Policies and Procedures Security+ Guide to Network Security Fundamentals Second Edition.

Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.

Internal Audit Considerations for Cybersecurity Risks Posed by Vendors October th, 2015 Chicago IIA Chapter’s 2 nd Annual IIA Chicago IT Hacking.

Territory Insurance Conference, resilient future Mr Ralph Bönig, Special Counsel, Finlaysons Cyber Times and the Insurance Industry Territory Insurance.

Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.

Develop your Legal Practice using “Cloud” applications, but … Make sure your data is safe! Tuesday 17 November 2015 The Law Society, London Allan Carton,

Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.

10 th February, 2016 Retail in the era of the connected customer Retail Leadership Summit 2016 Principal, A.T. Kearney Subhendu Roy

Damages for Late Payment of Claims in England AIDA Reinsurance Working Party, Paris - 2 December 2015 Simon Cooper, Partner.

CYBERSECURITY: RISK AND LIABILITY March 2, 2016 Joshua A. Mooney Co-chair-Cyber Law and Data Protection White and Williams LLP (215)

Friday 22nd April 2016 DS Chris Greatorex SEROCU

© Grant Thornton LLP. All rights reserved. Johnny Lee Managing Director Forensic, Investigative and Dispute Services Skip Westfall Managing Director, Forensic.

The Future. What will Change Fraud will not go away It will become more sophisticated and clever We have to step up to beat it June 16Caribbean Electronic.

Trinity Industries, Inc. FEI Presentation May 31, 2012.

GREENBERG TRAURIG, LLP ATTORNEYS AT LAW ©2010. All rights reserved. The New Form I-129: Are You Ready to Certify Compliance with US Export.

Washington State Auditor’s Office Third Party Receipting Presented to Washington Public Ports Association June 2016 Peg Bodin, CISA.

Cyber Security Phillip Davies Head of Content, Cyber and Investigations.

Cyber in Financial Services

Data Minimization Framework

Responding to Intrusions

Fraud Risk Management at Digital Insurance Market

Cyber Crimes Chunlian QU 9/18/2018.

CSI Survey 2007 Tiffany Gorman

NY IIA Seminar Contact Information April 20th, 2018.

Virginia Union University

FSMA Enforcement: Focus on Inspections

cyberopsalliance.com |

Attacks on The Manufacturing Industry

Cyber Security Culture

Cybercrime and Canadian Businesses

The Secure Contingency Plan

RRA introduction 14th July 2016 Prepared by: Puneet Kalra.

Banking $ London New York Tokyo Hong Kong Singapore

MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further

TUCKER ALAN INC. …business and litigation consulting.

Ashurst Legal Apprenticeship

Presentation transcript:

© 2013 Promontory Financial Group, LLC. All rights reserved. CONFIDENTIAL WASHINGTON, D.C. ATLANTA BRUSSELS DENVER DUBAI HONG KONG LONDON MILAN NEW YORK PARIS SAN FRANCISCO SINGAPORE SYDNEY TOKYO TORONTO How Cyber Threats Are Changing The Risk Profiles of Banks AIBA Quarterly Meeting December 5, 2013

2 CONFIDENTIAL© 2013 Promontory Financial Group, LLC. All rights reserved. Changing risk profiles I.Interesting trends II.Possible solutions

© 2013 Promontory Financial Group, LLC. All rights reserved.CONFIDENTIAL I. Interesting trends

4 CONFIDENTIAL© 2013 Promontory Financial Group, LLC. All rights reserved. Interesting trends New technology has changed how consumers approach banking.. “Banking is something I do, not a place I go.” Selecting a bank based on usability, not on products and services Risks: o Keeping up with technology: the “Red queen” problem o Constant new technology constantly introduces risks

5 CONFIDENTIAL© 2013 Promontory Financial Group, LLC. All rights reserved. Interesting trends, continued Regulators have pushed third-party risk back to banks o New OCC third-party guidelines Courts have pushed customer risk to banks o Patco Construction v Ocean Bank Entrepreneurs have developed a “cyber insurance” market Cyber Risk Regulators?Banks?Consumers Cyber Insurers? Regulators, firms and courts are shifting risk around.

6 CONFIDENTIAL© 2013 Promontory Financial Group, LLC. All rights reserved. Interesting trends, continued Cyber attackers have new motives. New reasons to target banks: Grievances against an entire industry, e.g. Occupy Grievances with specific banks, e.g. OP Avenge Assange DDoS o PayPal, Visa and MasterCard targeted for blocking payments to Wikileaks.org New reasons to use banks to gain access to other targets: Media attention, e.g. OPUSA DDoS Customer data o Offshore tax-haven leaks

© 2013 Promontory Financial Group, LLC. All rights reserved.CONFIDENTIAL II. Possible solutions

8 CONFIDENTIAL© 2013 Promontory Financial Group, LLC. All rights reserved. Possible Solutions Common set of standards Pressure for vendors and banks to meet best practices o Do not wait for regulators Effective information sharing o Threats, responses and outcomes Banks need industry-wide cooperation and sharing.

9 CONFIDENTIAL© 2013 Promontory Financial Group, LLC. All rights reserved. Possible Solutions – Increase focus on predicting threats Fighting fires is still important, but leads to burnout, for staff and customers Encourage IT/IS staff to look further afield What is the bank’s response when: o A competitor gets hit o When the bank receives negative press o When the bank’s name shows up in Pastebin, or other hacker-friendly space IT/IS strategies must shift from reaction to anticipation.

10 CONFIDENTIAL© 2013 Promontory Financial Group, LLC. All rights reserved. Prior to joining Promontory, Alex was a senior associate at Picciotti and Schoenberg, where he facilitated internal and external investigations by assessing physical security, networks, systems, computers, smartphones, and other technologies for medium to large companies. Alex frequently advises in litigation matters relating to the information security community, including teaching about computer crime at the Temple University Department of Criminal Justice, where he is an adjunct professor. As an experienced network and system engineer, and white-hat hacker, he is an expert at reverse engineering, penetration testing, electronic discovery, and network intrusion. Alex previously was a contract attorney and team lead at several Philadelphia law firms, where his work included investigations, due diligence, database and connection diagnostics, and review of privilege logs in relation to litigations and subpoenas. Prior to his career in law, Alex was a senior technician at Springboard Media, where he collaborated with customers to perform technical support and design IT solutions. Prior to working at Springboard Media, Alex tested systems for information security and reliability at Vertex Pharmaceuticals where he specialized in data breaches and audits. Alex earned a J.D. at Temple University and a B.S. in economics at Northeastern University. Alex Muentz, principal