Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cybercrime: Mitigation Challenges

Published byNelson Griffith Modified over 6 years ago

Similar presentations

Presentation on theme: "Cybercrime: Mitigation Challenges"— Presentation transcript:

1 Cybercrime: Mitigation Challenges
29 November 2016 Phoenicia Hotel – Beirut, Lebanon Fouad KHALIFEH Group Chief Compliance Officer FRANSABANK sal

2 Highlights Risks of Cybercrime Categories of Targeted Attackers
Data Breach and its’ Consequences Implementing future-proof security Governance: Integrating compliance with threat intelligence Conclusion and Recommendations November 2016 Fouad Khalifeh

3 Risks of Cybercrime Assets Reputation November 2016 Fouad Khalifeh

4 Categories of Targeted Attackers
Banks are as exposed to ‘mass market’ attacks as any other organization. But the greatest threat is from targeted attacks as these can be more difficult to detect and the attacker may focus on a specific system or set of information. Attackers generally fall into three broad categories: The financially motivated attacker who intends to compromise systems to conduct theft or fraud electronically. The espionage motivated attacker who intends to steal information to sell on to a third party. November 2016 Fouad Khalifeh

5 Categories of Targeted Attackers
The politically motivated attacker who intends to compromise information or systems to achieve a goal shared within a group. Such attacks can be defended against if organizations implement a multi-layer approach to security: making it as difficult as possible for attackers to compromise systems and maximizing the speed of attack detection. November 2016 Fouad Khalifeh

6 Data Breach Two years ago, J.P. Morgan, the largest U.S. bank by assets, was targeted by cybercriminals in a breach that exposed names, addresses and other information of 76 million customer households, although no money was taken. Data Breach has a much powerful impact than loss of funds November 2016 Fouad Khalifeh

7 Consequences of a Data Breach
A data breach in a financial institution can put the business at risk from different perspectives. All of the following issues need to be considered when a data breach occurs: Managing a breach: The process of retrieving data and tracing the breach involves expense and resource. November 2016 Fouad Khalifeh

8 Consequences of a Data Breach
Impact on brand reputation: Customers can lose faith in their bank if breaches are broadcast in the media. Regulatory fines (and others like cards issuers and customer-related legal actions, etc.) : Stronger and more impactful enforcement is likely to be seen more often. These consequences can be avoided by ensuring that systems are secured and by remaining vigilant so that successful attacks can be remediated before data is breached. November 2016 Fouad Khalifeh

9 Implementing future-proof security
Emerging trends and technology evolution are paving the way for new ways of working, but also for new security threats and challenges (example: the recent “Ransomware” issue). As cybercriminals shift their focus to bank employees, and mobile banking gains momentum, the only constant in this game is change. Security strategies and infrastructures need to become more agile and predictive as no technology can rule out the human factor completely, so security awareness will remain critical. November 2016 Fouad Khalifeh

10 Implementing future-proof security
Education of Employees is the best defense against many threats. However, this is most effective when organizations break away from traditional security awareness models to employ creative techniques and deploy technologies that can influence user behaviors. Automation of processes it helps guard against human error and offers the capability to manage large amounts of data Multi-layer security including firewalls, secure sign-on, dual authentication with triangulation of access and real-time business event monitoring, helps protect against data failings from external attack. November 2016 Fouad Khalifeh

11 Implementing future-proof security
Improved real-time tracking and business intelligence will alert companies to any security breach. The ability to monitor every transaction across global operations will be the key to protecting against internal and external threats. Managed security services or a security operations center, will help detect real-time external or internal security breaches. New technologies such as mobile banking applications or payment, need to be considered within the overall security framework. This will be critical from a cost and resource perspective. Applications, procured through line of business functions, can operate outside of the core infrastructure which will impact on the security and risk posture of the organization. November 2016 Fouad Khalifeh

12 Implementing future-proof security
The bottom-line is that financial institutions will be unlikely to keep ahead of criminals and so will remain a top target for attacks. To counteract, organizations will need to continuously update information security policies, systems and infrastructures, and ensure they keep up with best practices in securing customers’ data. November 2016 Fouad Khalifeh

13 Governance: Integrating compliance with threat intelligence
The security ecosystem is complex and starts with governance. Banks need to develop and enforce IT policies that comply with regulations, but also ensure that risk is being minimized for targeted attacks against identified critical systems, such as core banking or customer data. November 2016 Fouad Khalifeh

14 Governance: Integrating compliance with threat intelligence
Effective governance requires an integrated approach, which sets the standards on the right level for the different parts of the business. By prioritizing risks and defining policies that span across all locations, policies can be enforced through built-in automation and workflow to protect information, identify threats, anticipate and remediate incidents. November 2016 Fouad Khalifeh

15 Conclusion and Recommendations
The finance industry is constantly fighting cybercrime and, given the potential financial gain from a successful attack, this battle is likely to continue. However rigorous the security employed, exposure to new risks is inevitable (Risk Managers are required in this regard, to set the acceptable level of risk their organization can handle). New technologies and services must be adopted to cope with competitive pressure, and regulations must be complied with. November 2016 Fouad Khalifeh

16 Conclusion and Recommendations
Only by advancing the intelligence and analysis around attackers and their methods, can the industry hope to stay ahead How? By forming a group of the largest Lebanese banks, the Cybercrime Intelligence Management Group (CIMG). The CIMG will seek to tackle the growing cyber-threats, by having group members provide a support mechanism for information-sharing, management and collaboration. November 2016 Fouad Khalifeh

17 Conclusion and Recommendations
Such group could share information and data between members about threats and actual attacks, prepare comprehensive responses for when attacks occur, and conduct scenario analysis designed for the issues facing the biggest institutions. This will help create a central information hub that works towards advancing the intelligence and analysis around attackers and their methods: risk profiling attackers, and creating a sanctions-like list of attackers and potential threats. As data collection and dissemination is still at its early stages, creating such a group of banks can be effectively built today from the ground up. November 2016 Fouad Khalifeh

18 Conclusion and Recommendations
Debatable Issues facing the CIMG: CIMG to integrate all banks or just the biggest institutions? Banking Secrecy requirements: what kind of information to share, for it to be useful? Role of the SIC: currently no data is being shared on known Cybercrime cases Assets and Reputation are the main Cybercrime risks. Are there any other risks? And to which level are those risks “acceptable”, “manageable”, or plain “catastrophic”? Each institution will have to establish a risk-based approach towards cyber risks, in order to maximize the benefits of using the CIMG. November 2016 Fouad Khalifeh

19 Group Chief Compliance Officer
Thank you. Questions and Answers. Fouad KHALIFEH Group Chief Compliance Officer FRANSABANK sal Hamra Street Beirut, Lebanon Tel: Ext. 3663 Direct: Mobile: November 2016 Fouad Khalifeh

Download ppt "Cybercrime: Mitigation Challenges"

Similar presentations

Are Large Scale Data Breaches Inevitable? Douglas E. Salane Center for Cybercrime Studies John Jay College of Criminal Justice Cyber Infrastructure Protection.

Are Large Scale Data Breaches Inevitable? Douglas E. Salane Center for Cybercrime Studies John Jay College of Criminal Justice Cyber Infrastructure Protection.
Session 3 – Information Security Policies

Session 3 – Information Security Policies
Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.

Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.
© Copyright 2012 Pearson Education. All Rights Reserved. Chapter 10 Fraud & Internal Control ACCOUNTING INFORMATION SYSTEMS The Crossroads of Accounting.

© Copyright 2012 Pearson Education. All Rights Reserved. Chapter 10 Fraud & Internal Control ACCOUNTING INFORMATION SYSTEMS The Crossroads of Accounting.
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:

Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Dell Connected Security Solutions Simplify & unify.

Dell Connected Security Solutions Simplify & unify.
BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT

BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.

1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.
Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.

Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.
ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:

ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:
Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.

Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.
Enterprise Risk Management Chapter One Prepared by: Raval, Fichadia Raval Fichadia John Wiley & Sons, Inc. 2007.

Enterprise Risk Management Chapter One Prepared by: Raval, Fichadia Raval Fichadia John Wiley & Sons, Inc
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Ali Alhamdan, PhD National Information Center Ministry of Interior

Ali Alhamdan, PhD National Information Center Ministry of Interior
Chapter 8 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Albany Bank Corporation Security Incident Management Program.

Albany Bank Corporation Security Incident Management Program.
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.

Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.

Similar presentations

Ads by Google