Financial services now on the 'front line' of Cyber

Uploaded on 2014-11-27 in NEWS-Cybersecurity News

Financial services are the front lines for a lot of the cyber battles being sparked today, argued Rich Mogull, CEO of information security research firm Securosis. The reason why, according to Mogull, is simple: that’s where the money is. 

During a panel discussion at the Kaspersky Lab enterprise IT summit on Tuesday afternoon, Mogull along with executives from Visa, Wells Fargo, and McKinsey Research took a pulse on the rise and fall of cyber attacks on financial services and retailers.

Looking at the Target breach last winter, amid others that preceded it, Visa’s chief enterprise risk officer Ellen Richey acknowledged that the payments system is often the primary target. But as we see an increasing stream of data breaches, Richey highlighted what might be a silver lining, if there is one: fraud rates are one-third the level they were a few decades ago.
McKinsey Research consultant Chris Rezek concurred that some metrics and trends seem to be stabilizing, but concerns are certainly growing.
Steve Adegbite, senior vice president of enterprise information security oversight and strategy at Wells Fargo, lamented that methodology hasn’t actually changed. The difference now, Adgebite suspected, is that these criminals are casting their nets wider to achieve larger volume by going after softer targets. To mitigate these threats, Adegbite advised setting up a third-party security program looping in supply chain and legal to ensure and encourage the same levels of security all around.
But a big cash grab isn’t the only motivation — even when going after global financial institutions. Richey pointed toward denial-of-service (DoS) attacks, primarily conducted by “hacktivists,” an increasingly common term online for hackers motivated by political causes.
Adegbite predicted that most attackers are going to move where the data is, meaning emerging technologies in the cloud and datacenters could be most at risk. Both Adegbite and Richey reminded that threats are different around the world, by region, making it more complicated and challenging for global payments systems providers. Richey added what worries her more is keeping data onshore as well as secure.
Reflecting on the debilitating Heartbleed bug discovered last week, Rezek stressed it’s not just about preventing breaches but having a good response plan in place, which is often most visible to end users through immediate and informative disclosures.
Related Links:
http://cyberwar.einnews.com/article/200270434/C7rmOlZbQPCRJdxr?n=1&code=Jxdbxrcc-cKQ9hNi

http://en.actu.net/redirect.php?url=http://www.zdnet.com/financial-services-now-the-front-lines-in-cyber-warfare-experts-suggest-7000028461/

 

 

« Worlwide Crackdown on Hackers
Is Big Data the Best Preparation Against Natural Disasters? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Hogan Lovells

Hogan Lovells

Hogan Lovells is an international business law firm with offices across Europe, Asia and the USA. Practice areas include Privacy & Cybersecurity.

Conceptivity +360 Cybersecurity

Conceptivity +360 Cybersecurity

Conceptivity +360 Security addresses advanced cybersecurity and supply chain security issues in policy, regulatory, legislation, standardisation, compliance and project management areas.

Abusix

Abusix

Abusix specializes in Internet security, network abuse handling, antispam and fraud prevention.

CTERA Networks

CTERA Networks

CTERA provides cloud storage solutions that enable service providers and enterprises to launch managed storage, backup, file sharing and mobile collaboration services using a single platform.

iProov

iProov

iProov delivers authentication and verification simply and securely, based on a genuine one-time biometric.

Beryllium InfoSec Collaborative

Beryllium InfoSec Collaborative

Beryllium InfoSec Collaborative is an information security and cyber security company with 40-plus years of experience across industry & government.

BetaDen

BetaDen

BetaDen provides a revolutionary platform for businesses to develop next-generation technology, such as the internet of things and industry 4.0.

Quantifind

Quantifind

Quantifind enables financial crimes/fraud analysts and investigators to make better decisions, faster, with intelligent automation.

Shearwater Group

Shearwater Group

Shearwater Group is an award-winning organisational resilience group that provides cyber security, advisory and managed security services to help secure businesses in a connected global economy.

Virtue Security

Virtue Security

Virtue Security are specialists in web application penetration testing.

Nassec

Nassec

Nassec is a Cyber Security firm dedicated to providing the best vulnerability management solutions. We offer tailor-made cyber security solutions based upon your requirements and nature of business.

Datenschutz Schmidt

Datenschutz Schmidt

Datenschutz Schmidt is a service provider with many years of experience, we support you in complying with numerous data protection guidelines, requirements and laws.

Secret Intelligence Service (SIS - MI6)

Secret Intelligence Service (SIS - MI6)

The UK’s Secret Intelligence Service, also known as MI6, has three core aims: stopping terrorism, disrupting the activity of hostile states, and giving the UK a cyber advantage.

East Midlands Cyber Resilience Centre (EMCRC)

East Midlands Cyber Resilience Centre (EMCRC)

The East Midlands Cyber Resilience Centre is set up to support and help protect businesses across the region against cyber crime.

Cyber-Security Council Germany

Cyber-Security Council Germany

The German Cyber Security Council's objective is to consult businesses, government agencies and political decision-makers and to support them against cybercrime.

Northern Computer

Northern Computer

Northern Computer provides comprehensive IT solutions that streamline your operations and help you achieve your business goals.