Financial services now on the 'front line' of Cyber

Uploaded on 2014-11-27 in NEWS-Cybersecurity News

Financial services are the front lines for a lot of the cyber battles being sparked today, argued Rich Mogull, CEO of information security research firm Securosis. The reason why, according to Mogull, is simple: that’s where the money is. 

During a panel discussion at the Kaspersky Lab enterprise IT summit on Tuesday afternoon, Mogull along with executives from Visa, Wells Fargo, and McKinsey Research took a pulse on the rise and fall of cyber attacks on financial services and retailers.

Looking at the Target breach last winter, amid others that preceded it, Visa’s chief enterprise risk officer Ellen Richey acknowledged that the payments system is often the primary target. But as we see an increasing stream of data breaches, Richey highlighted what might be a silver lining, if there is one: fraud rates are one-third the level they were a few decades ago.
McKinsey Research consultant Chris Rezek concurred that some metrics and trends seem to be stabilizing, but concerns are certainly growing.
Steve Adegbite, senior vice president of enterprise information security oversight and strategy at Wells Fargo, lamented that methodology hasn’t actually changed. The difference now, Adgebite suspected, is that these criminals are casting their nets wider to achieve larger volume by going after softer targets. To mitigate these threats, Adegbite advised setting up a third-party security program looping in supply chain and legal to ensure and encourage the same levels of security all around.
But a big cash grab isn’t the only motivation — even when going after global financial institutions. Richey pointed toward denial-of-service (DoS) attacks, primarily conducted by “hacktivists,” an increasingly common term online for hackers motivated by political causes.
Adegbite predicted that most attackers are going to move where the data is, meaning emerging technologies in the cloud and datacenters could be most at risk. Both Adegbite and Richey reminded that threats are different around the world, by region, making it more complicated and challenging for global payments systems providers. Richey added what worries her more is keeping data onshore as well as secure.
Reflecting on the debilitating Heartbleed bug discovered last week, Rezek stressed it’s not just about preventing breaches but having a good response plan in place, which is often most visible to end users through immediate and informative disclosures.
Related Links:
http://cyberwar.einnews.com/article/200270434/C7rmOlZbQPCRJdxr?n=1&code=Jxdbxrcc-cKQ9hNi

http://en.actu.net/redirect.php?url=http://www.zdnet.com/financial-services-now-the-front-lines-in-cyber-warfare-experts-suggest-7000028461/

 

 

« Worlwide Crackdown on Hackers
Is Big Data the Best Preparation Against Natural Disasters? »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

SSL247

SSL247

SSL247 is Europe's leading Web Security Consultancy Firm. We enjoy long-standing partnerships with Certificate Authorities including Symantec, GlobalSign, Entrust Datacard, Comodo, Thales and Qualys.

Malware.lu

Malware.lu

Malware.lu is a repository of malware and technical analysis. The goal of the project is to provide samples and technical analysis to security researchers.

NCC Group

NCC Group

NCC Group is a global cyber and software resilience business operating across multiple sectors, geographies and technologies.

SSLGURU

SSLGURU

SSLGURU bring all of the major SSL certificate vendors to one market place in order to create the world's largest SSL store with the most competitive prices.

Indium Software

Indium Software

Indium Software is an Independent Software Testing Company offering software testing services (including security testing) and offshore Quality Assurance solutions.

European Organisation for Security (EOS)

European Organisation for Security (EOS)

EOS represents all domains of security solutions and services.providers including ICT information and communications technologies.

National Institute of Information and Communications Technology (NICT) - Japan

National Institute of Information and Communications Technology (NICT) - Japan

NICT is Japan’s sole National Research and Development Agency specializing in the field of information and communications technology.

MedCrypt

MedCrypt

MedCrypt are a team of medical device experts focused on bringing modern cybersecurity features to the next generation of healthcare technology.

Crown Sterling

Crown Sterling

Crown Sterling delivers next generation software-based, AI-driven cryptography in the form of random number generators and encryption products.

ShieldApps

ShieldApps

ShieldApps comprehensive suite of products is designed to protect your personal devices from privacy threats, including hacking attempts, online tracking, fingerprinting, phishing, malware, and more.

TotalAV

TotalAV

TotalAV Antivirus is a free-to-use app packed with all the essential features to find and remove malware, keeping you safe.

PKI Solutions

PKI Solutions

PKI Solutions offers Public Key Infrastructure (PKI) products, services, and training to help ensure the security of organizations now and in the future.

Unciphered

Unciphered

Unciphered was created as the first company providing services for opening locked hardware cryptocurrency wallets.

Logiq Consulting

Logiq Consulting

Logiq Consulting provide a full range of Cyber Security, Information Assurance and System Engineering services.

Turngate

Turngate

Turngate simplify security investigations so you can see employee activities and entitlements in your enterprise in seconds.

Ark Technology Consultants

Ark Technology Consultants

Ark Technology Consultants is a unique IT Services Firm which blends technology solutions with consultative insight around governance and process management.