Financial services now on the 'front line' of Cyber

Financial services are the front lines for a lot of the cyber battles being sparked today, argued Rich Mogull, CEO of information security research firm Securosis. The reason why, according to Mogull, is simple: that’s where the money is. 

During a panel discussion at the Kaspersky Lab enterprise IT summit on Tuesday afternoon, Mogull along with executives from Visa, Wells Fargo, and McKinsey Research took a pulse on the rise and fall of cyber attacks on financial services and retailers.

Looking at the Target breach last winter, amid others that preceded it, Visa’s chief enterprise risk officer Ellen Richey acknowledged that the payments system is often the primary target. But as we see an increasing stream of data breaches, Richey highlighted what might be a silver lining, if there is one: fraud rates are one-third the level they were a few decades ago.
McKinsey Research consultant Chris Rezek concurred that some metrics and trends seem to be stabilizing, but concerns are certainly growing.
Steve Adegbite, senior vice president of enterprise information security oversight and strategy at Wells Fargo, lamented that methodology hasn’t actually changed. The difference now, Adgebite suspected, is that these criminals are casting their nets wider to achieve larger volume by going after softer targets. To mitigate these threats, Adegbite advised setting up a third-party security program looping in supply chain and legal to ensure and encourage the same levels of security all around.
But a big cash grab isn’t the only motivation — even when going after global financial institutions. Richey pointed toward denial-of-service (DoS) attacks, primarily conducted by “hacktivists,” an increasingly common term online for hackers motivated by political causes.
Adegbite predicted that most attackers are going to move where the data is, meaning emerging technologies in the cloud and datacenters could be most at risk. Both Adegbite and Richey reminded that threats are different around the world, by region, making it more complicated and challenging for global payments systems providers. Richey added what worries her more is keeping data onshore as well as secure.
Reflecting on the debilitating Heartbleed bug discovered last week, Rezek stressed it’s not just about preventing breaches but having a good response plan in place, which is often most visible to end users through immediate and informative disclosures.
Related Links:
http://cyberwar.einnews.com/article/200270434/C7rmOlZbQPCRJdxr?n=1&code=Jxdbxrcc-cKQ9hNi

http://en.actu.net/redirect.php?url=http://www.zdnet.com/financial-services-now-the-front-lines-in-cyber-warfare-experts-suggest-7000028461/

 

 

« Worlwide Crackdown on Hackers
Is Big Data the Best Preparation Against Natural Disasters? »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Conix

Conix

Conix offerings include Governance and Risk Management, Auditing and Penetration Testing, Digital Forensics, Managed Security Operations Centre (SOC).

BeOne Development

BeOne Development

BeOne Development provide innovative training and learning solutions for information security and compliance.

X-act Forensics

X-act Forensics

X-act forensics are computer forensic experts with experience in cases of computer fraud, intellectual property theft, and social networking cases.

Resec Technologies

Resec Technologies

Resec provides total protection against all types of known and unknown malware threats including viruses, Trojans, ransomware and phishing, regardless of their delivery method.

MXC Security

MXC Security

MXC designs and delivers corporate-wide information security management system with our full-time IRCA Accredited consulting team.

Crosspring

Crosspring

Crosspring is an incubator/accelerator for people who have the ambition to start a successful business or want to extend their existing business in the areas of FinTech, AR, VR, Cybersecurity and SaaS

CloudSEK

CloudSEK

CloudSEK has set its sights on building the world’s fastest and most reliable AI technology, that identifies and resolves digital threats.

Conference on Applied Machine Learning in Information Security (CAMLIS)

Conference on Applied Machine Learning in Information Security (CAMLIS)

CAMLIS is a venue for discussing applied research on machine learning, deep learning and data science in information security.

Lunio

Lunio

Lunio makes the internet a safer and more reliable place for everyone trying to grow their business by automatically getting rid of fake clicks, traffic, and leads on all ad platforms.

Allied Telesis

Allied Telesis

Allied Telesis delivers the secure, flexible, and agile solutions needed to meet the expectations of any industry’s critical mission.

Enginsight

Enginsight

Enginsight provides a comprehensive solution for monitoring and securing your servers and clients.

European Union Agency for Network and Information Security (ENISA)

European Union Agency for Network and Information Security (ENISA)

The European Union Agency for Cybersecurity, ENISA, is the Union’s agency dedicated to achieving a high common level of cybersecurity across Europe.

CloudWave

CloudWave

CloudWave, the expert in healthcare data security, provides cloud, cybersecurity, and managed services to healthcare organizations.

Blackwell Security

Blackwell Security

Blackwell is a driving force in healthcare cybersecurity, transforming how security operations are conducted within this critical sector.

Index Engines

Index Engines

Index Engines is the world’s leading AI-powered analytics engine to detect data corruption due to ransomware.

Internet Watch Foundation (IWF)

Internet Watch Foundation (IWF)

Since the early days of the internet, our job has been to help child victims of sexual abuse by hunting down and removing any online record of the abuse.