SlideShare una empresa de Scribd logo

Cyber Crime is Wreaking Havoc

Hewlett Packard Enterprise Business Value Exchange
Hewlett Packard Enterprise Business Value Exchange

Cyber-attacks destroy the trusted relationship with customers and partners, the lifeblood of financial services. The industry is also behind the curve when it comes to adapting to the changes in working practices and consumer behaviour, driven by rapidly evolving smart devices.

Economía y finanzas
1 de 8
Descargar para leer sin conexión
Viewpoint paper Cyber crime is wreaking havoc The financial services sector must be prepared
Table of contents 1 Change with the times 1 Next-generation threats 2 BYOT—an expectation, not a privilege 2 Cyber-attack risks continue to rise 2 New attacks are coming—get prepared 3 Technology used to cope with coming threats 3 Identity is everything 4 Threat detection and attack analysis are evolving 4 Compliance and governance is essential 5 Playing field getting leveled 6 About the author Viewpoint paper | Cyber crime is wreaking havoc
1 Viewpoint paper | Cyber crime is wreaking havoc Financial services are getting squeezed by massive social and technological changes, and the need to modernize. Combine that with the growth and sophistication of cyber crime, it’s time to fight back and level the playing field with a strong security policy. Change with the times Banking executives are aware of the cyber threats directly impacting financial services, and the erosion of trust that such attacks invariably entail. They are also aware of the dramatic changes happening in IT infrastructures, and consumer- driven tech trends such as bring your own technology (BYOT); it’s forcing them to rethink much of what they have practiced in the last 20 years. While these trends are happening now, what follows in the next 10 years is likely to be even more disruptive. Many sectors are already preparing for the future, but is the financial services industry (FSI) in danger of being overwhelmed due to its ingrained technological conservatism—particularly when it comes to security policy? Next-generation threats Cyber attacks that steal money, intellectual property, or launch political attacks can destroy trusted relationships with customers and partners, which is your lifeblood. Banks, understandably, still rely on keeping large parts of their organizations behind firewalls, much as they still prefer gigantic headquarters buildings to give an assurance of trust, reliability, and permanence. Appearances can be deceptive, and old school defences can give a false sense of reassurance. A continued reliance on centralized, mainframe network architecture reduces flexibility when dealing with next-generation attacks. At the same time, it puts financial institutions at a disadvantage, trying to adapt to fundamental changes in working practices and consumer behavior—driven by rapidly evolving, always- connected smart devices. By not adapting, they will lose out to rivals that learn how to securely embrace the change for customers and employees, and new innovative FSI sector entrants that have already disrupted their own sectors, such as retail.
2 BYOT—an expectation, not a privilege In other industry sectors, BYOT is no longer seen as a privilege. It’s becoming a multilayered, multipurpose device of choice that shares business and personal data and functions. This trend will accelerate; devices will become extensions and virtual outposts of the central organization and hubs for personal data clusters now developing. How ready is your organization for this? The pace of development in smart devices outstrips anything in conventional network architecture or desktop PCs. Financial services will have to accept that employees will use these devices or become potential dinosaurs in a newly competitive, disruptive financial services sector. Cyber-attack risks continue to rise Banks and financial institutions have no choice but to adapt to BYOT and other social and technical trends. Cyber attacks are out of their control and will increase exponentially in the next 10 years. The negative cost of each attack will also increase. The Ponemon 2013 Cost of Cyber Crime Study, sponsored by HP, pegs the average annual cost of cyber crime for organizations at $7.2 million in 2013, up 30% from 2012. That figure has risen every single year the survey has run. Meanwhile, according to a recent report by Booz Allen, a consultancy firm, cyber attacks are the “new normal” for the financial services industry.1 In the United States (U.S.), The Depository Trust Clearing Corporation (DTCC) has named Distributed Denial of Service (DDoS) attacks as one of the three types of attacks that pose a “systemic risk” to the financial system. The organization, which settles the majority of securities transactions in the U.S., said DDoS attacks against financial institutions have dramatically increased in the last 12 months. Such attacks are also often used as a smokescreen for more targeted attacks and to exploit pressured call center staff vulnerable to phishing attacks.2 New attacks are coming—get prepared Worse is coming. The European Union (EU) sponsored International Cyber Security Protection Alliance (ICSPA) has predicted that 2020 will see cyber criminals using some or all of the following tactics and malicious technologies. Some are based on the very technologies that banks and others are using to lower IT costs, such as cloud and virtualization. • Exploitation of Near Field Communication (NFC) technologies, which banks will be using for new services in the future • Highly distributed denial of service attacks using cloud infrastructures • A move from device-based to cloud-based botnets, hijacking distributed processing power • A mature illicit market for virtual items—stolen and counterfeit • Physical attacks against data centers and Internet exchanges • Electronic attacks on critical infrastructure, including power supply, transport, and data services • Micro-criminality, including theft and fraudulent generation of micro payments • Bio-hacks for multifactor authentication components • High impact, targeted identity theft and avatar hijack • Sophisticated reputation manipulation • Augmented reality misused for attacks and frauds based on social engineering • Hacks against connected devices with direct physical impact such as wearable technologies Viewpoint paper | Cyber crime is wreaking havoc 1 boozallen.com/media-center/press- releases/48399320/booz-allen-releases- annual-cyber-security-trends-for-2014 2 Ibid. The Ponemon 2013 Cost of Cyber Crime Study, sponsored by HP, pegs the average annual cost of cyber crime for organizations at $7.2 million in 2013, up 30% from 2012.
3 Not all these threats will disrupt financial services, but some certainly will, and it’s clear that none would be stopped by contemporary cyber defences. Banks will want to use NFC to introduce new products and fast payment solutions. How will they protect their customers from aggressive targeted attacks and the use of avatar-based—a highly advanced digital creation assembled from numerous stolen aspects of an individual’s real identity—attacks? Where banks can be fooled into thinking they are dealing with a real customer online, when they’re not. In this next level of identity theft, bank customers find themselves “cloned” online. Right now, it’s unlikely that plans are being put in place to beat such advanced criminal techniques. Denial-of-service attacks will increase in number and intensity as criminals have seen the fruits of fostering disruption and fear among bank customers. This industrialization of micro- payment fraud will put huge new pressure on staff and security policies to contain multiple account harvesting techniques. Therefore, unless the banking industry initiates change now, it will be highly vulnerable to the systemic failure that the DTCC fears. Technology used to cope with coming threats Neil Passingham, technical solutions director at HP, believes that security is always behind the threat curve. He said, “We need to leverage resources—make the most of Big Data and the cloud for example. CISOs are advised to use present day solutions but what they really want is to be listened to. We need to align serious solutions that secure their business.” All leading security vendors should heed this statement. Given whole new attack types that will seek out vulnerabilities in tools and infrastructures—and the use of super-connected devices— financial services, like other organizations, need to urgently switch attention to application layers and the data itself. The organizational perimeter needs to shrink to an absolute minimum core data piece, where data simply cannot be breached. All else can be protected as much or as little as needed by using mature risk assessment controls. Beyond that, the focus must be on advanced encryption techniques, and security analytics that exploit the power of Big Data. This will turn enterprises from reactive security positions to intelligence-based positions, where risk positions are calculated around hard data readings with attack lines plotted before they can happen. New forms of identity such as unique personal data clusters will be needed to combat aggressive phishing and fraud attacks. The trend will be toward creating online identities and access models that rely on multifaceted digital profiles based on an individual’s online behavior rather than simple two-factor authorization. Identity is everything True identity is the lifeblood of financial services, but the measurement of identity needs to change. Passwords, two-factor, even biometric systems are flawed. Identity as implemented in enterprise applications doesn’t necessarily align with how identity works in the real world. Systems are being researched and will be brought to market that create complex identity sets based on personal data clusters and an individual’s data history rather than passwords that can be stolen or easily guessed. A “biodata” identity system is more secure than even biometric data such as fingerprint or eye scans, which have been proven not to be failsafe. This is all part of how data analytics, Big Data, and informatics will form the core of next-generation cyber defences. Viewpoint paper | Cyber crime is wreaking havoc Unless the banking industry initiates change now, it will be highly vulnerable to the systemic failure that the DTCC fears.
4 Threat detection and attack analysis are evolving Elsewhere, forensics are moving from a method of simply analyzing a cyber attack after the event, to a tool that can profile the cybercriminal and attack methods by building bio data patterns of criminal and malware activity. Such digital forensics will become an integral part of the enterprise in the near future. It can also be used to monitor employee behavior to cope with insider threats and unusual data patterns or financial movements. There are a number of developments in this area. For example, a number of vendors are developing their own threat intelligence services such as a “next-generation” security operation center (SOC) and security intelligence as a service and other “human factors” research to help meet the 2020 cyber challenge. 3,4,5 Conventional signature-based anti-malware solutions cannot cope with 2013 levels of malware production, let alone those predicted for 2020. New anti-malware solutions, which are already appearing, trap malware at a micro visor level, so it can’t enter the organization at any level or point—and the infected file can be safely extracted. New-generation security protocols will adjust, seek out, and quarantine perceived threats before any system is compromised. Compliance and governance is essential Unfortunately for security managers in financial services, turning to governments for help in dealing with next-generation threats is likely to end in disappointment. Instead bodies such as the EU, U.S. Federal Government, and increasingly powerful Middle Eastern and Asian agencies are likely to make financial services work harder to meet new compliance regulations as emphasis will be firmly made on banks’ responsibilities to protect the consumer, bank customers, and partners. When Islamic hacktivists attacked U.S. banks in early 2012, the response was not sympathy, rather calls from government for greater diligence on the part of the banks themselves. At the same time, progress on international cooperation to defeat cyber crime and state sponsored cyber attacks on banks and other organizations is limited, and the situation is unlikely to improve anytime soon. Revelations by whistle-blower Edward Snowden are likely to make governments cooperate less on issues of cyber security. Sadly, Snowden revealed that even allies are willing to use cyber means to spy on each other—hardly the spirit to foster international cooperation against mutual enemies. Financial services information leaders face the prospect of uncontrolled international cybercrime, and governments concerned with locking down and protecting their own infrastructures from their allies, while responding to public concern about data breaches with tighter governance and higher financial penalties. A failure to invest in data management systems that assist in meeting compliance rules will not be an option. Complicating the picture, as banks open up and abandon their traditional security posture to be more competitive and efficient, they increase their actual risk of exposure to compliance busting data breaches. Viewpoint paper | Cyber crime is wreaking havoc 3 en.wikipedia.org/wiki/Data_analysis_ techniques_for_fraud_detection 4 eweek.com/small-business/hp-updates-arcsight- portfolio-with-security-analytics/ 5 techrepublic.com/blog/it-security/how-user- behavior-monitoring-helps-reduce-risk/ Given that whole new attack types will seek out vulnerabilities in tools and infrastructures—and the use of super-connected devices—financial services need to urgently switch attention to application layers and the data itself.
5 Playing field getting leveled No doubt the picture for financial services is a hugely challenging one. They are squeezed by massive social and technological changes, and the need to modernize. At the same time, an unprecedented period of growth and sophistication of cyber crime is predicted. And there will be further legislative pressure in a globalized market. At the same time, vendors and the information security industry are fighting back with a level of innovation that has been absent for too long. Advances in Big Data analytics, intelligent anti-malware techniques, digital forensics, and identity science are emerging, which will start to level the playing field back in favor of a financial services sector that must change itself at the same time. Learn more at hp.com/enterprise/security Viewpoint paper | Cyber crime is wreaking havoc
Rate this documentShare with colleagues Sign up for updates hp.com/go/getupdated About the author Dan Chaplin Dan Chaplin is a strategic consultant for the HP Enterprise Security Services CTO Office, supporting the link between HP security services and challenges in the financial services industry. Having joined HP in 2003 and worked with many of the top financial services providers across EMEA, Chaplin understands the challenges of delivering large scale change in a highly regulated and technically risk-averse environment. He has been heavily involved with HP Managed Security Services, working with clients to understand their security maturity and how they can more efficiently deliver their security operations. Chaplin helps clients understand the benefits and challenges of effective security outsourcing and measuring the success of their investments through proper reporting and service governance. Viewpoint paper | Cyber crime is wreaking havoc © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. 4AA5-1187ENW, March 2014

Recomendados

Accenture re-organizing-todays-cyber-threats
Accenture re-organizing-todays-cyber-threatsAccenture re-organizing-todays-cyber-threats
Accenture re-organizing-todays-cyber-threatsLapman Lee ✔
 
IBM Security Services
IBM Security ServicesIBM Security Services
IBM Security ServicesRainer Mueller
 
ThreatMetrix Profile in March 2014 CIO Review
ThreatMetrix Profile in March 2014 CIO ReviewThreatMetrix Profile in March 2014 CIO Review
ThreatMetrix Profile in March 2014 CIO ReviewThreatMetrix
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyMark Albala
 
Analyst Report: The Digital Universe in 2020 - China
Analyst Report: The Digital Universe in 2020 - ChinaAnalyst Report: The Digital Universe in 2020 - China
Analyst Report: The Digital Universe in 2020 - ChinaEMC
 
1. security 20 20 - ebook-vol2
1. security 20 20 - ebook-vol21. security 20 20 - ebook-vol2
1. security 20 20 - ebook-vol2Adela Cocic
 
You Are the Target
You Are the TargetYou Are the Target
You Are the TargetEMC
 
Why Passwords are not strong enough
Why Passwords are not strong enoughWhy Passwords are not strong enough
Why Passwords are not strong enoughEMC
 

Más contenido relacionado

La actualidad más candente

Complacency in the Face of Evolving Cybersecurity Norms is Hazardous
Complacency in the Face of Evolving Cybersecurity Norms is HazardousComplacency in the Face of Evolving Cybersecurity Norms is Hazardous
Complacency in the Face of Evolving Cybersecurity Norms is HazardousEthan S. Burger
 
Cyber Security Threats | IIA Boise Chapter
Cyber Security Threats | IIA Boise ChapterCyber Security Threats | IIA Boise Chapter
Cyber Security Threats | IIA Boise ChapterPatricia M Watson
 
Managed security services for financial services firms
Managed security services for financial services firmsManaged security services for financial services firms
Managed security services for financial services firmsJake Weaver
 
Eamonn O Raghallaigh Major Security Issues In E Commerce
Eamonn O Raghallaigh Major Security Issues In E CommerceEamonn O Raghallaigh Major Security Issues In E Commerce
Eamonn O Raghallaigh Major Security Issues In E CommerceEamonnORagh
 
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...Dr. Amarjeet Singh
 
Who is the next target proactive approaches to data security
Who is the next target proactive approaches to data securityWho is the next target proactive approaches to data security
Who is the next target proactive approaches to data securityUlf Mattsson
 
JPMorgan Chase & Co. -Risk Assessment Report
JPMorgan Chase & Co. -Risk Assessment ReportJPMorgan Chase & Co. -Risk Assessment Report
JPMorgan Chase & Co. -Risk Assessment ReportDivya Kothari
 
Security Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkSecurity Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkDivya Kothari
 
Cyber security master class 2018
Cyber security master class 2018Cyber security master class 2018
Cyber security master class 2018Sanjana Khound
 
Cyber Claims: GDPR and business email compromise drive greater frequencies
Cyber Claims: GDPR and business email compromise drive greater frequenciesCyber Claims: GDPR and business email compromise drive greater frequencies
Cyber Claims: GDPR and business email compromise drive greater frequenciesΔρ. Γιώργος K. Κασάπης
 
Cyber Review_April 2015
Cyber Review_April 2015Cyber Review_April 2015
Cyber Review_April 2015James Sheehan
 
Neira jones pci london january 2013 pdf ready
Neira jones pci london january 2013 pdf readyNeira jones pci london january 2013 pdf ready
Neira jones pci london january 2013 pdf readyNeira Jones
 
ghostsinthemachine2
ghostsinthemachine2ghostsinthemachine2
ghostsinthemachine2Shane Kite
 
Sas wp enterrprise fraud management
Sas wp enterrprise fraud managementSas wp enterrprise fraud management
Sas wp enterrprise fraud managementrkappear
 
The digital economy and cybersecurity
The digital economy and cybersecurityThe digital economy and cybersecurity
The digital economy and cybersecurityMark Albala
 
Global Identity Fraud Report 2020
Global Identity Fraud Report 2020Global Identity Fraud Report 2020
Global Identity Fraud Report 2020Shufti Pro
 
B susser researchpaper (2)
B susser researchpaper (2)B susser researchpaper (2)
B susser researchpaper (2)Bradley Susser
 
B susser researchpaper (3)
B susser researchpaper (3)B susser researchpaper (3)
B susser researchpaper (3)Bradley Susser
 

La actualidad más candente (19)

Complacency in the Face of Evolving Cybersecurity Norms is Hazardous
Complacency in the Face of Evolving Cybersecurity Norms is HazardousComplacency in the Face of Evolving Cybersecurity Norms is Hazardous
Complacency in the Face of Evolving Cybersecurity Norms is Hazardous
 
Cyber Security Threats | IIA Boise Chapter
Cyber Security Threats | IIA Boise ChapterCyber Security Threats | IIA Boise Chapter
Cyber Security Threats | IIA Boise Chapter
 
Managed security services for financial services firms
Managed security services for financial services firmsManaged security services for financial services firms
Managed security services for financial services firms
 
Eamonn O Raghallaigh Major Security Issues In E Commerce
Eamonn O Raghallaigh Major Security Issues In E CommerceEamonn O Raghallaigh Major Security Issues In E Commerce
Eamonn O Raghallaigh Major Security Issues In E Commerce
 
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
 
Who is the next target proactive approaches to data security
Who is the next target proactive approaches to data securityWho is the next target proactive approaches to data security
Who is the next target proactive approaches to data security
 
JPMorgan Chase & Co. -Risk Assessment Report
JPMorgan Chase & Co. -Risk Assessment ReportJPMorgan Chase & Co. -Risk Assessment Report
JPMorgan Chase & Co. -Risk Assessment Report
 
Security Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkSecurity Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. Framework
 
Cyber security master class 2018
Cyber security master class 2018Cyber security master class 2018
Cyber security master class 2018
 
Cyber Claims: GDPR and business email compromise drive greater frequencies
Cyber Claims: GDPR and business email compromise drive greater frequenciesCyber Claims: GDPR and business email compromise drive greater frequencies
Cyber Claims: GDPR and business email compromise drive greater frequencies
 
Cyber Review_April 2015
Cyber Review_April 2015Cyber Review_April 2015
Cyber Review_April 2015
 
Neira jones pci london january 2013 pdf ready
Neira jones pci london january 2013 pdf readyNeira jones pci london january 2013 pdf ready
Neira jones pci london january 2013 pdf ready
 
ghostsinthemachine2
ghostsinthemachine2ghostsinthemachine2
ghostsinthemachine2
 
Sas wp enterrprise fraud management
Sas wp enterrprise fraud managementSas wp enterrprise fraud management
Sas wp enterrprise fraud management
 
The digital economy and cybersecurity
The digital economy and cybersecurityThe digital economy and cybersecurity
The digital economy and cybersecurity
 
Global Identity Fraud Report 2020
Global Identity Fraud Report 2020Global Identity Fraud Report 2020
Global Identity Fraud Report 2020
 
B susser researchpaper (2)
B susser researchpaper (2)B susser researchpaper (2)
B susser researchpaper (2)
 
Emerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyEmerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business Ready
 
B susser researchpaper (3)
B susser researchpaper (3)B susser researchpaper (3)
B susser researchpaper (3)
 

Destacado

HSA-4122, "HSA Queuing Mode," by Ian Bratt
HSA-4122, "HSA Queuing Mode," by Ian BrattHSA-4122, "HSA Queuing Mode," by Ian Bratt
HSA-4122, "HSA Queuing Mode," by Ian BrattAMD Developer Central
 
From Data to Decisions Makers: A Behind the Scenes Look at Building The Most ...
From Data to Decisions Makers: A Behind the Scenes Look at Building The Most ...From Data to Decisions Makers: A Behind the Scenes Look at Building The Most ...
From Data to Decisions Makers: A Behind the Scenes Look at Building The Most ...Bob Rudis
 
Mediacodex Happiness Survey
Mediacodex Happiness SurveyMediacodex Happiness Survey
Mediacodex Happiness SurveyWahyd Vannoni
 
IFL Consortia Sep09 Teigland
IFL Consortia Sep09 TeiglandIFL Consortia Sep09 Teigland
IFL Consortia Sep09 TeiglandRobin Teigland
 
The Lily RowLog library
The Lily RowLog libraryThe Lily RowLog library
The Lily RowLog libraryNGDATA
 
More better core profiles
More better core profilesMore better core profiles
More better core profilesRoy Scholten
 
Analysis of Italian Crowdfunding Market (November 2013)
Analysis of Italian Crowdfunding Market (November 2013)Analysis of Italian Crowdfunding Market (November 2013)
Analysis of Italian Crowdfunding Market (November 2013)twintangibles
 
Diez ideas sobre aprendizaje colaborativo en red: Pautas para el diseño
Diez ideas sobre aprendizaje colaborativo en red: Pautas para el diseñoDiez ideas sobre aprendizaje colaborativo en red: Pautas para el diseño
Diez ideas sobre aprendizaje colaborativo en red: Pautas para el diseñoGaby Sánchez
 
SMTP over IPv6 at LinkedIn
SMTP over IPv6 at LinkedInSMTP over IPv6 at LinkedIn
SMTP over IPv6 at LinkedInFranck Martin
 
Análisis Forense de la Memoria RAM de un sistema
Análisis Forense de la Memoria RAM de un sistemaAnálisis Forense de la Memoria RAM de un sistema
Análisis Forense de la Memoria RAM de un sistemaEventos Creativos
 
Inequality: The Facts and the Future
Inequality: The Facts and the FutureInequality: The Facts and the Future
Inequality: The Facts and the FutureChifleyResearch
 
Give Me Three Things: Anti-Virus Bypass Made Easy
Give Me Three Things: Anti-Virus Bypass Made EasyGive Me Three Things: Anti-Virus Bypass Made Easy
Give Me Three Things: Anti-Virus Bypass Made EasySecurity Weekly
 
Unify’s predictions for 2016 and beyond
Unify’s predictions for 2016 and beyondUnify’s predictions for 2016 and beyond
Unify’s predictions for 2016 and beyondUnifyCo
 
Rapid Access to Consultative Expertise
Rapid Access to Consultative Expertise Rapid Access to Consultative Expertise
Rapid Access to Consultative Expertise tamingofthequeue
 
The Athena Doctrine
The Athena DoctrineThe Athena Doctrine
The Athena DoctrineJohn Gerzema
 
SkyHarbour Resources Investor Presentation
SkyHarbour Resources Investor PresentationSkyHarbour Resources Investor Presentation
SkyHarbour Resources Investor PresentationCompany Spotlight
 

Destacado (20)

Game-Changers: CIOs on Digital Transformation
Game-Changers: CIOs on Digital TransformationGame-Changers: CIOs on Digital Transformation
Game-Changers: CIOs on Digital Transformation
 
Slides irisa
Slides irisaSlides irisa
Slides irisa
 
Slides lyon-anr
Slides lyon-anrSlides lyon-anr
Slides lyon-anr
 
HSA-4122, "HSA Queuing Mode," by Ian Bratt
HSA-4122, "HSA Queuing Mode," by Ian BrattHSA-4122, "HSA Queuing Mode," by Ian Bratt
HSA-4122, "HSA Queuing Mode," by Ian Bratt
 
From Data to Decisions Makers: A Behind the Scenes Look at Building The Most ...
From Data to Decisions Makers: A Behind the Scenes Look at Building The Most ...From Data to Decisions Makers: A Behind the Scenes Look at Building The Most ...
From Data to Decisions Makers: A Behind the Scenes Look at Building The Most ...
 
Mediacodex Happiness Survey
Mediacodex Happiness SurveyMediacodex Happiness Survey
Mediacodex Happiness Survey
 
IFL Consortia Sep09 Teigland
IFL Consortia Sep09 TeiglandIFL Consortia Sep09 Teigland
IFL Consortia Sep09 Teigland
 
The Lily RowLog library
The Lily RowLog libraryThe Lily RowLog library
The Lily RowLog library
 
More better core profiles
More better core profilesMore better core profiles
More better core profiles
 
Analysis of Italian Crowdfunding Market (November 2013)
Analysis of Italian Crowdfunding Market (November 2013)Analysis of Italian Crowdfunding Market (November 2013)
Analysis of Italian Crowdfunding Market (November 2013)
 
Diez ideas sobre aprendizaje colaborativo en red: Pautas para el diseño
Diez ideas sobre aprendizaje colaborativo en red: Pautas para el diseñoDiez ideas sobre aprendizaje colaborativo en red: Pautas para el diseño
Diez ideas sobre aprendizaje colaborativo en red: Pautas para el diseño
 
SMTP over IPv6 at LinkedIn
SMTP over IPv6 at LinkedInSMTP over IPv6 at LinkedIn
SMTP over IPv6 at LinkedIn
 
Análisis Forense de la Memoria RAM de un sistema
Análisis Forense de la Memoria RAM de un sistemaAnálisis Forense de la Memoria RAM de un sistema
Análisis Forense de la Memoria RAM de un sistema
 
Using EOL: Taxon Pages
Using EOL: Taxon PagesUsing EOL: Taxon Pages
Using EOL: Taxon Pages
 
Inequality: The Facts and the Future
Inequality: The Facts and the FutureInequality: The Facts and the Future
Inequality: The Facts and the Future
 
Give Me Three Things: Anti-Virus Bypass Made Easy
Give Me Three Things: Anti-Virus Bypass Made EasyGive Me Three Things: Anti-Virus Bypass Made Easy
Give Me Three Things: Anti-Virus Bypass Made Easy
 
Unify’s predictions for 2016 and beyond
Unify’s predictions for 2016 and beyondUnify’s predictions for 2016 and beyond
Unify’s predictions for 2016 and beyond
 
Rapid Access to Consultative Expertise
Rapid Access to Consultative Expertise Rapid Access to Consultative Expertise
Rapid Access to Consultative Expertise
 
The Athena Doctrine
The Athena DoctrineThe Athena Doctrine
The Athena Doctrine
 
SkyHarbour Resources Investor Presentation
SkyHarbour Resources Investor PresentationSkyHarbour Resources Investor Presentation
SkyHarbour Resources Investor Presentation
 

Similar a Cyber Crime is Wreaking Havoc

Combating Cybersecurity Challenges with Advanced Analytics
Combating Cybersecurity Challenges with Advanced AnalyticsCombating Cybersecurity Challenges with Advanced Analytics
Combating Cybersecurity Challenges with Advanced AnalyticsCognizant
 
7 Cybersecurity Statistics You Need to Know in 2023.pptx
7 Cybersecurity Statistics You Need to Know in 2023.pptx7 Cybersecurity Statistics You Need to Know in 2023.pptx
7 Cybersecurity Statistics You Need to Know in 2023.pptxIT Company Dubai
 
Cybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & ImportanceCybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & Importancemanoharparakh
 
Intelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionIntelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionEMC
 
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...Booz Allen Hamilton
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Erik Ginalick
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threatsReadWrite
 
Commercial Real Estate - Cyber Risk 2020
Commercial Real Estate - Cyber Risk 2020Commercial Real Estate - Cyber Risk 2020
Commercial Real Estate - Cyber Risk 2020CBIZ, Inc.
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCybAnastaciaShadelb
 
White Paper Example - Brafton for NIP Group.pdf
White Paper Example - Brafton for NIP Group.pdfWhite Paper Example - Brafton for NIP Group.pdf
White Paper Example - Brafton for NIP Group.pdfBrafton
 
ESR_cyberSecurity_issue-1-1 (1)
ESR_cyberSecurity_issue-1-1 (1)ESR_cyberSecurity_issue-1-1 (1)
ESR_cyberSecurity_issue-1-1 (1)Julie Bridgen
 
5 Security Trends to Watch in 2020
5 Security Trends to Watch in 20205 Security Trends to Watch in 2020
5 Security Trends to Watch in 2020Dharmendra Rama
 
A1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for CybersecurityA1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for CybersecuritySpark Security
 

Similar a Cyber Crime is Wreaking Havoc (20)

Combating Cybersecurity Challenges with Advanced Analytics
Combating Cybersecurity Challenges with Advanced AnalyticsCombating Cybersecurity Challenges with Advanced Analytics
Combating Cybersecurity Challenges with Advanced Analytics
 
7 Cybersecurity Statistics You Need to Know in 2023.pptx
7 Cybersecurity Statistics You Need to Know in 2023.pptx7 Cybersecurity Statistics You Need to Know in 2023.pptx
7 Cybersecurity Statistics You Need to Know in 2023.pptx
 
Cybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & ImportanceCybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & Importance
 
The 10 Fastest Growing Cyber Security Companies of 2017
The 10 Fastest Growing Cyber Security Companies of 2017The 10 Fastest Growing Cyber Security Companies of 2017
The 10 Fastest Growing Cyber Security Companies of 2017
 
Intelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionIntelligence-Driven Fraud Prevention
Intelligence-Driven Fraud Prevention
 
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threats
 
Volume2 chapter1 security
Volume2 chapter1 securityVolume2 chapter1 security
Volume2 chapter1 security
 
Top cybersecurity trends to adapt in 2022
Top cybersecurity trends to adapt in 2022Top cybersecurity trends to adapt in 2022
Top cybersecurity trends to adapt in 2022
 
idg_secops-solutions
idg_secops-solutionsidg_secops-solutions
idg_secops-solutions
 
Commercial Real Estate - Cyber Risk 2020
Commercial Real Estate - Cyber Risk 2020Commercial Real Estate - Cyber Risk 2020
Commercial Real Estate - Cyber Risk 2020
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCyb
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCyb
 
White Paper Example - Brafton for NIP Group.pdf
White Paper Example - Brafton for NIP Group.pdfWhite Paper Example - Brafton for NIP Group.pdf
White Paper Example - Brafton for NIP Group.pdf
 
Get Prepared
Get PreparedGet Prepared
Get Prepared
 
ESR_cyberSecurity_issue-1-1 (1)
ESR_cyberSecurity_issue-1-1 (1)ESR_cyberSecurity_issue-1-1 (1)
ESR_cyberSecurity_issue-1-1 (1)
 
IT Security Trends in 2012
IT Security Trends in 2012IT Security Trends in 2012
IT Security Trends in 2012
 
5 Security Trends to Watch in 2020
5 Security Trends to Watch in 20205 Security Trends to Watch in 2020
5 Security Trends to Watch in 2020
 
A1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for CybersecurityA1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for Cybersecurity
 

Más de Hewlett Packard Enterprise Business Value Exchange

Más de Hewlett Packard Enterprise Business Value Exchange (20)

To Accelerate IT Innovation, Think like a Rocket Scientist
To Accelerate IT Innovation, Think like a Rocket ScientistTo Accelerate IT Innovation, Think like a Rocket Scientist
To Accelerate IT Innovation, Think like a Rocket Scientist
 
Manufacturing Forum 2016
Manufacturing Forum 2016Manufacturing Forum 2016
Manufacturing Forum 2016
 
Connecting the manufacturing industry
Connecting the manufacturing industryConnecting the manufacturing industry
Connecting the manufacturing industry
 
Getting to your hybrid future
Getting to your hybrid futureGetting to your hybrid future
Getting to your hybrid future
 
Technology rethink for next generation loyalty programmes
Technology rethink for next generation loyalty programmesTechnology rethink for next generation loyalty programmes
Technology rethink for next generation loyalty programmes
 
Hewlett Packard Enterprise Connected Manufacturing Brochure
Hewlett Packard Enterprise Connected Manufacturing Brochure Hewlett Packard Enterprise Connected Manufacturing Brochure
Hewlett Packard Enterprise Connected Manufacturing Brochure
 
FSI Key Propositions
FSI Key PropositionsFSI Key Propositions
FSI Key Propositions
 
The Path to Self-Disruption
The Path to Self-DisruptionThe Path to Self-Disruption
The Path to Self-Disruption
 
Happy Employees Lead to Happy Customers
Happy Employees Lead to Happy CustomersHappy Employees Lead to Happy Customers
Happy Employees Lead to Happy Customers
 
How to Deliver Value "Beyond the Pill"
How to Deliver Value "Beyond the Pill"How to Deliver Value "Beyond the Pill"
How to Deliver Value "Beyond the Pill"
 
The Path to Self-Disruption
The Path to Self-DisruptionThe Path to Self-Disruption
The Path to Self-Disruption
 
HPE Security Report 2016
HPE Security Report 2016HPE Security Report 2016
HPE Security Report 2016
 
Realising Potential - The Dandelion Program
Realising Potential - The Dandelion ProgramRealising Potential - The Dandelion Program
Realising Potential - The Dandelion Program
 
FinTech Innovation Model 2015
FinTech Innovation Model 2015FinTech Innovation Model 2015
FinTech Innovation Model 2015
 
Time for co-operation
Time for co-operationTime for co-operation
Time for co-operation
 
Awareness is only the first step
Awareness is only the first stepAwareness is only the first step
Awareness is only the first step
 
Time for co-operation
Time for co-operationTime for co-operation
Time for co-operation
 
Personalize the Travel Experience - and Gain Insights
Personalize the Travel Experience - and Gain Insights Personalize the Travel Experience - and Gain Insights
Personalize the Travel Experience - and Gain Insights
 
Plan for the Worst; Fight for the Best
Plan for the Worst; Fight for the BestPlan for the Worst; Fight for the Best
Plan for the Worst; Fight for the Best
 
BVEx Research: Open Data Unlocked
BVEx Research: Open Data UnlockedBVEx Research: Open Data Unlocked
BVEx Research: Open Data Unlocked
 

Último

Building pressure? Rising rents, and what to expect in the future
Building pressure? Rising rents, and what to expect in the futureBuilding pressure? Rising rents, and what to expect in the future
Building pressure? Rising rents, and what to expect in the futureResolutionFoundation
 
Uk-NO1 Rohani Amil In Islamabad Amil Baba in Rawalpindi Kala Jadu Amil In Raw...
Uk-NO1 Rohani Amil In Islamabad Amil Baba in Rawalpindi Kala Jadu Amil In Raw...Uk-NO1 Rohani Amil In Islamabad Amil Baba in Rawalpindi Kala Jadu Amil In Raw...
Uk-NO1 Rohani Amil In Islamabad Amil Baba in Rawalpindi Kala Jadu Amil In Raw...Amil baba
 
Hello this ppt is about seminar final project
Hello this ppt is about seminar final projectHello this ppt is about seminar final project
Hello this ppt is about seminar final projectninnasirsi
 
10 QuickBooks Tips 2024 - Globus Finanza.pdf
10 QuickBooks Tips 2024 - Globus Finanza.pdf10 QuickBooks Tips 2024 - Globus Finanza.pdf
10 QuickBooks Tips 2024 - Globus Finanza.pdfglobusfinanza
 
Introduction to Health Economics Dr. R. Kurinji Malar.pptx
Introduction to Health Economics Dr. R. Kurinji Malar.pptxIntroduction to Health Economics Dr. R. Kurinji Malar.pptx
Introduction to Health Economics Dr. R. Kurinji Malar.pptxDrRkurinjiMalarkurin
 
Banking: Commercial and Central Banking.pptx
Banking: Commercial and Central Banking.pptxBanking: Commercial and Central Banking.pptx
Banking: Commercial and Central Banking.pptxANTHONYAKINYOSOYE1
 
Global Economic Outlook, 2024 - Scholaride Consulting
Global Economic Outlook, 2024 - Scholaride ConsultingGlobal Economic Outlook, 2024 - Scholaride Consulting
Global Economic Outlook, 2024 - Scholaride Consultingswastiknandyofficial
 
Zimbabwe's New Gold-Backed Currency- A Path to Stability or Another Monetary.pdf
Zimbabwe's New Gold-Backed Currency- A Path to Stability or Another Monetary.pdfZimbabwe's New Gold-Backed Currency- A Path to Stability or Another Monetary.pdf
Zimbabwe's New Gold-Backed Currency- A Path to Stability or Another Monetary.pdfFREELANCER
 
OAT_RI_Ep18 WeighingTheRisks_Mar24_GlobalCredit.pptx
OAT_RI_Ep18 WeighingTheRisks_Mar24_GlobalCredit.pptxOAT_RI_Ep18 WeighingTheRisks_Mar24_GlobalCredit.pptx
OAT_RI_Ep18 WeighingTheRisks_Mar24_GlobalCredit.pptxhiddenlevers
 
TACLOBAN-CITY-DIVISION-POPQUIZ-2023.pptx
TACLOBAN-CITY-DIVISION-POPQUIZ-2023.pptxTACLOBAN-CITY-DIVISION-POPQUIZ-2023.pptx
TACLOBAN-CITY-DIVISION-POPQUIZ-2023.pptxKathlynVillar
 
Thoma Bravo Equity - Presentation Pension Fund
Thoma Bravo Equity - Presentation Pension FundThoma Bravo Equity - Presentation Pension Fund
Thoma Bravo Equity - Presentation Pension FundAshwinJey
 
2B Nation-State.pptx contemporary world nation
2B Nation-State.pptx contemporary world nation2B Nation-State.pptx contemporary world nation
2B Nation-State.pptx contemporary world nationko9240888
 
Aon-UK-DC-Pension-Tracker-Q1-2024. slideshare
Aon-UK-DC-Pension-Tracker-Q1-2024. slideshareAon-UK-DC-Pension-Tracker-Q1-2024. slideshare
Aon-UK-DC-Pension-Tracker-Q1-2024. slideshareHenry Tapper
 
What is sip and What are its Benefits in 2024
What is sip and What are its Benefits in 2024What is sip and What are its Benefits in 2024
What is sip and What are its Benefits in 2024prajwalgopocket
 
ΤτΕ: Ανάπτυξη 2,3% και πληθωρισμός 2,8% φέτος
ΤτΕ: Ανάπτυξη 2,3% και πληθωρισμός 2,8% φέτοςΤτΕ: Ανάπτυξη 2,3% και πληθωρισμός 2,8% φέτος
ΤτΕ: Ανάπτυξη 2,3% και πληθωρισμός 2,8% φέτοςNewsroom8
 
2024-04-09 - Pension Playpen roundtable - slides.pptx
2024-04-09 - Pension Playpen roundtable - slides.pptx2024-04-09 - Pension Playpen roundtable - slides.pptx
2024-04-09 - Pension Playpen roundtable - slides.pptxHenry Tapper
 
ekthesi-trapeza-tis-ellados-gia-2023.pdf
ekthesi-trapeza-tis-ellados-gia-2023.pdfekthesi-trapeza-tis-ellados-gia-2023.pdf
ekthesi-trapeza-tis-ellados-gia-2023.pdfSteliosTheodorou4
 
Demographic transition and the rise of wealth inequality
Demographic transition and the rise of wealth inequalityDemographic transition and the rise of wealth inequality
Demographic transition and the rise of wealth inequalityGRAPE
 
Money Forward Integrated Report “Forward Map” 2024
Money Forward Integrated Report “Forward Map” 2024Money Forward Integrated Report “Forward Map” 2024
Money Forward Integrated Report “Forward Map” 2024Money Forward
 

Último (19)

Building pressure? Rising rents, and what to expect in the future
Building pressure? Rising rents, and what to expect in the futureBuilding pressure? Rising rents, and what to expect in the future
Building pressure? Rising rents, and what to expect in the future
 
Uk-NO1 Rohani Amil In Islamabad Amil Baba in Rawalpindi Kala Jadu Amil In Raw...
Uk-NO1 Rohani Amil In Islamabad Amil Baba in Rawalpindi Kala Jadu Amil In Raw...Uk-NO1 Rohani Amil In Islamabad Amil Baba in Rawalpindi Kala Jadu Amil In Raw...
Uk-NO1 Rohani Amil In Islamabad Amil Baba in Rawalpindi Kala Jadu Amil In Raw...
 
Hello this ppt is about seminar final project
Hello this ppt is about seminar final projectHello this ppt is about seminar final project
Hello this ppt is about seminar final project
 
10 QuickBooks Tips 2024 - Globus Finanza.pdf
10 QuickBooks Tips 2024 - Globus Finanza.pdf10 QuickBooks Tips 2024 - Globus Finanza.pdf
10 QuickBooks Tips 2024 - Globus Finanza.pdf
 
Introduction to Health Economics Dr. R. Kurinji Malar.pptx
Introduction to Health Economics Dr. R. Kurinji Malar.pptxIntroduction to Health Economics Dr. R. Kurinji Malar.pptx
Introduction to Health Economics Dr. R. Kurinji Malar.pptx
 
Banking: Commercial and Central Banking.pptx
Banking: Commercial and Central Banking.pptxBanking: Commercial and Central Banking.pptx
Banking: Commercial and Central Banking.pptx
 
Global Economic Outlook, 2024 - Scholaride Consulting
Global Economic Outlook, 2024 - Scholaride ConsultingGlobal Economic Outlook, 2024 - Scholaride Consulting
Global Economic Outlook, 2024 - Scholaride Consulting
 
Zimbabwe's New Gold-Backed Currency- A Path to Stability or Another Monetary.pdf
Zimbabwe's New Gold-Backed Currency- A Path to Stability or Another Monetary.pdfZimbabwe's New Gold-Backed Currency- A Path to Stability or Another Monetary.pdf
Zimbabwe's New Gold-Backed Currency- A Path to Stability or Another Monetary.pdf
 
OAT_RI_Ep18 WeighingTheRisks_Mar24_GlobalCredit.pptx
OAT_RI_Ep18 WeighingTheRisks_Mar24_GlobalCredit.pptxOAT_RI_Ep18 WeighingTheRisks_Mar24_GlobalCredit.pptx
OAT_RI_Ep18 WeighingTheRisks_Mar24_GlobalCredit.pptx
 
TACLOBAN-CITY-DIVISION-POPQUIZ-2023.pptx
TACLOBAN-CITY-DIVISION-POPQUIZ-2023.pptxTACLOBAN-CITY-DIVISION-POPQUIZ-2023.pptx
TACLOBAN-CITY-DIVISION-POPQUIZ-2023.pptx
 
Thoma Bravo Equity - Presentation Pension Fund
Thoma Bravo Equity - Presentation Pension FundThoma Bravo Equity - Presentation Pension Fund
Thoma Bravo Equity - Presentation Pension Fund
 
2B Nation-State.pptx contemporary world nation
2B Nation-State.pptx contemporary world nation2B Nation-State.pptx contemporary world nation
2B Nation-State.pptx contemporary world nation
 
Aon-UK-DC-Pension-Tracker-Q1-2024. slideshare
Aon-UK-DC-Pension-Tracker-Q1-2024. slideshareAon-UK-DC-Pension-Tracker-Q1-2024. slideshare
Aon-UK-DC-Pension-Tracker-Q1-2024. slideshare
 
What is sip and What are its Benefits in 2024
What is sip and What are its Benefits in 2024What is sip and What are its Benefits in 2024
What is sip and What are its Benefits in 2024
 
ΤτΕ: Ανάπτυξη 2,3% και πληθωρισμός 2,8% φέτος
ΤτΕ: Ανάπτυξη 2,3% και πληθωρισμός 2,8% φέτοςΤτΕ: Ανάπτυξη 2,3% και πληθωρισμός 2,8% φέτος
ΤτΕ: Ανάπτυξη 2,3% και πληθωρισμός 2,8% φέτος
 
2024-04-09 - Pension Playpen roundtable - slides.pptx
2024-04-09 - Pension Playpen roundtable - slides.pptx2024-04-09 - Pension Playpen roundtable - slides.pptx
2024-04-09 - Pension Playpen roundtable - slides.pptx
 
ekthesi-trapeza-tis-ellados-gia-2023.pdf
ekthesi-trapeza-tis-ellados-gia-2023.pdfekthesi-trapeza-tis-ellados-gia-2023.pdf
ekthesi-trapeza-tis-ellados-gia-2023.pdf
 
Demographic transition and the rise of wealth inequality
Demographic transition and the rise of wealth inequalityDemographic transition and the rise of wealth inequality
Demographic transition and the rise of wealth inequality
 
Money Forward Integrated Report “Forward Map” 2024
Money Forward Integrated Report “Forward Map” 2024Money Forward Integrated Report “Forward Map” 2024
Money Forward Integrated Report “Forward Map” 2024
 

Cyber Crime is Wreaking Havoc

  • 1. Viewpoint paper Cyber crime is wreaking havoc The financial services sector must be prepared
  • 2. Table of contents 1 Change with the times 1 Next-generation threats 2 BYOT—an expectation, not a privilege 2 Cyber-attack risks continue to rise 2 New attacks are coming—get prepared 3 Technology used to cope with coming threats 3 Identity is everything 4 Threat detection and attack analysis are evolving 4 Compliance and governance is essential 5 Playing field getting leveled 6 About the author Viewpoint paper | Cyber crime is wreaking havoc
  • 3. 1 Viewpoint paper | Cyber crime is wreaking havoc Financial services are getting squeezed by massive social and technological changes, and the need to modernize. Combine that with the growth and sophistication of cyber crime, it’s time to fight back and level the playing field with a strong security policy. Change with the times Banking executives are aware of the cyber threats directly impacting financial services, and the erosion of trust that such attacks invariably entail. They are also aware of the dramatic changes happening in IT infrastructures, and consumer- driven tech trends such as bring your own technology (BYOT); it’s forcing them to rethink much of what they have practiced in the last 20 years. While these trends are happening now, what follows in the next 10 years is likely to be even more disruptive. Many sectors are already preparing for the future, but is the financial services industry (FSI) in danger of being overwhelmed due to its ingrained technological conservatism—particularly when it comes to security policy? Next-generation threats Cyber attacks that steal money, intellectual property, or launch political attacks can destroy trusted relationships with customers and partners, which is your lifeblood. Banks, understandably, still rely on keeping large parts of their organizations behind firewalls, much as they still prefer gigantic headquarters buildings to give an assurance of trust, reliability, and permanence. Appearances can be deceptive, and old school defences can give a false sense of reassurance. A continued reliance on centralized, mainframe network architecture reduces flexibility when dealing with next-generation attacks. At the same time, it puts financial institutions at a disadvantage, trying to adapt to fundamental changes in working practices and consumer behavior—driven by rapidly evolving, always- connected smart devices. By not adapting, they will lose out to rivals that learn how to securely embrace the change for customers and employees, and new innovative FSI sector entrants that have already disrupted their own sectors, such as retail.
  • 4. 2 BYOT—an expectation, not a privilege In other industry sectors, BYOT is no longer seen as a privilege. It’s becoming a multilayered, multipurpose device of choice that shares business and personal data and functions. This trend will accelerate; devices will become extensions and virtual outposts of the central organization and hubs for personal data clusters now developing. How ready is your organization for this? The pace of development in smart devices outstrips anything in conventional network architecture or desktop PCs. Financial services will have to accept that employees will use these devices or become potential dinosaurs in a newly competitive, disruptive financial services sector. Cyber-attack risks continue to rise Banks and financial institutions have no choice but to adapt to BYOT and other social and technical trends. Cyber attacks are out of their control and will increase exponentially in the next 10 years. The negative cost of each attack will also increase. The Ponemon 2013 Cost of Cyber Crime Study, sponsored by HP, pegs the average annual cost of cyber crime for organizations at $7.2 million in 2013, up 30% from 2012. That figure has risen every single year the survey has run. Meanwhile, according to a recent report by Booz Allen, a consultancy firm, cyber attacks are the “new normal” for the financial services industry.1 In the United States (U.S.), The Depository Trust Clearing Corporation (DTCC) has named Distributed Denial of Service (DDoS) attacks as one of the three types of attacks that pose a “systemic risk” to the financial system. The organization, which settles the majority of securities transactions in the U.S., said DDoS attacks against financial institutions have dramatically increased in the last 12 months. Such attacks are also often used as a smokescreen for more targeted attacks and to exploit pressured call center staff vulnerable to phishing attacks.2 New attacks are coming—get prepared Worse is coming. The European Union (EU) sponsored International Cyber Security Protection Alliance (ICSPA) has predicted that 2020 will see cyber criminals using some or all of the following tactics and malicious technologies. Some are based on the very technologies that banks and others are using to lower IT costs, such as cloud and virtualization. • Exploitation of Near Field Communication (NFC) technologies, which banks will be using for new services in the future • Highly distributed denial of service attacks using cloud infrastructures • A move from device-based to cloud-based botnets, hijacking distributed processing power • A mature illicit market for virtual items—stolen and counterfeit • Physical attacks against data centers and Internet exchanges • Electronic attacks on critical infrastructure, including power supply, transport, and data services • Micro-criminality, including theft and fraudulent generation of micro payments • Bio-hacks for multifactor authentication components • High impact, targeted identity theft and avatar hijack • Sophisticated reputation manipulation • Augmented reality misused for attacks and frauds based on social engineering • Hacks against connected devices with direct physical impact such as wearable technologies Viewpoint paper | Cyber crime is wreaking havoc 1 boozallen.com/media-center/press- releases/48399320/booz-allen-releases- annual-cyber-security-trends-for-2014 2 Ibid. The Ponemon 2013 Cost of Cyber Crime Study, sponsored by HP, pegs the average annual cost of cyber crime for organizations at $7.2 million in 2013, up 30% from 2012.
  • 5. 3 Not all these threats will disrupt financial services, but some certainly will, and it’s clear that none would be stopped by contemporary cyber defences. Banks will want to use NFC to introduce new products and fast payment solutions. How will they protect their customers from aggressive targeted attacks and the use of avatar-based—a highly advanced digital creation assembled from numerous stolen aspects of an individual’s real identity—attacks? Where banks can be fooled into thinking they are dealing with a real customer online, when they’re not. In this next level of identity theft, bank customers find themselves “cloned” online. Right now, it’s unlikely that plans are being put in place to beat such advanced criminal techniques. Denial-of-service attacks will increase in number and intensity as criminals have seen the fruits of fostering disruption and fear among bank customers. This industrialization of micro- payment fraud will put huge new pressure on staff and security policies to contain multiple account harvesting techniques. Therefore, unless the banking industry initiates change now, it will be highly vulnerable to the systemic failure that the DTCC fears. Technology used to cope with coming threats Neil Passingham, technical solutions director at HP, believes that security is always behind the threat curve. He said, “We need to leverage resources—make the most of Big Data and the cloud for example. CISOs are advised to use present day solutions but what they really want is to be listened to. We need to align serious solutions that secure their business.” All leading security vendors should heed this statement. Given whole new attack types that will seek out vulnerabilities in tools and infrastructures—and the use of super-connected devices— financial services, like other organizations, need to urgently switch attention to application layers and the data itself. The organizational perimeter needs to shrink to an absolute minimum core data piece, where data simply cannot be breached. All else can be protected as much or as little as needed by using mature risk assessment controls. Beyond that, the focus must be on advanced encryption techniques, and security analytics that exploit the power of Big Data. This will turn enterprises from reactive security positions to intelligence-based positions, where risk positions are calculated around hard data readings with attack lines plotted before they can happen. New forms of identity such as unique personal data clusters will be needed to combat aggressive phishing and fraud attacks. The trend will be toward creating online identities and access models that rely on multifaceted digital profiles based on an individual’s online behavior rather than simple two-factor authorization. Identity is everything True identity is the lifeblood of financial services, but the measurement of identity needs to change. Passwords, two-factor, even biometric systems are flawed. Identity as implemented in enterprise applications doesn’t necessarily align with how identity works in the real world. Systems are being researched and will be brought to market that create complex identity sets based on personal data clusters and an individual’s data history rather than passwords that can be stolen or easily guessed. A “biodata” identity system is more secure than even biometric data such as fingerprint or eye scans, which have been proven not to be failsafe. This is all part of how data analytics, Big Data, and informatics will form the core of next-generation cyber defences. Viewpoint paper | Cyber crime is wreaking havoc Unless the banking industry initiates change now, it will be highly vulnerable to the systemic failure that the DTCC fears.
  • 6. 4 Threat detection and attack analysis are evolving Elsewhere, forensics are moving from a method of simply analyzing a cyber attack after the event, to a tool that can profile the cybercriminal and attack methods by building bio data patterns of criminal and malware activity. Such digital forensics will become an integral part of the enterprise in the near future. It can also be used to monitor employee behavior to cope with insider threats and unusual data patterns or financial movements. There are a number of developments in this area. For example, a number of vendors are developing their own threat intelligence services such as a “next-generation” security operation center (SOC) and security intelligence as a service and other “human factors” research to help meet the 2020 cyber challenge. 3,4,5 Conventional signature-based anti-malware solutions cannot cope with 2013 levels of malware production, let alone those predicted for 2020. New anti-malware solutions, which are already appearing, trap malware at a micro visor level, so it can’t enter the organization at any level or point—and the infected file can be safely extracted. New-generation security protocols will adjust, seek out, and quarantine perceived threats before any system is compromised. Compliance and governance is essential Unfortunately for security managers in financial services, turning to governments for help in dealing with next-generation threats is likely to end in disappointment. Instead bodies such as the EU, U.S. Federal Government, and increasingly powerful Middle Eastern and Asian agencies are likely to make financial services work harder to meet new compliance regulations as emphasis will be firmly made on banks’ responsibilities to protect the consumer, bank customers, and partners. When Islamic hacktivists attacked U.S. banks in early 2012, the response was not sympathy, rather calls from government for greater diligence on the part of the banks themselves. At the same time, progress on international cooperation to defeat cyber crime and state sponsored cyber attacks on banks and other organizations is limited, and the situation is unlikely to improve anytime soon. Revelations by whistle-blower Edward Snowden are likely to make governments cooperate less on issues of cyber security. Sadly, Snowden revealed that even allies are willing to use cyber means to spy on each other—hardly the spirit to foster international cooperation against mutual enemies. Financial services information leaders face the prospect of uncontrolled international cybercrime, and governments concerned with locking down and protecting their own infrastructures from their allies, while responding to public concern about data breaches with tighter governance and higher financial penalties. A failure to invest in data management systems that assist in meeting compliance rules will not be an option. Complicating the picture, as banks open up and abandon their traditional security posture to be more competitive and efficient, they increase their actual risk of exposure to compliance busting data breaches. Viewpoint paper | Cyber crime is wreaking havoc 3 en.wikipedia.org/wiki/Data_analysis_ techniques_for_fraud_detection 4 eweek.com/small-business/hp-updates-arcsight- portfolio-with-security-analytics/ 5 techrepublic.com/blog/it-security/how-user- behavior-monitoring-helps-reduce-risk/ Given that whole new attack types will seek out vulnerabilities in tools and infrastructures—and the use of super-connected devices—financial services need to urgently switch attention to application layers and the data itself.
  • 7. 5 Playing field getting leveled No doubt the picture for financial services is a hugely challenging one. They are squeezed by massive social and technological changes, and the need to modernize. At the same time, an unprecedented period of growth and sophistication of cyber crime is predicted. And there will be further legislative pressure in a globalized market. At the same time, vendors and the information security industry are fighting back with a level of innovation that has been absent for too long. Advances in Big Data analytics, intelligent anti-malware techniques, digital forensics, and identity science are emerging, which will start to level the playing field back in favor of a financial services sector that must change itself at the same time. Learn more at hp.com/enterprise/security Viewpoint paper | Cyber crime is wreaking havoc
  • 8. Rate this documentShare with colleagues Sign up for updates hp.com/go/getupdated About the author Dan Chaplin Dan Chaplin is a strategic consultant for the HP Enterprise Security Services CTO Office, supporting the link between HP security services and challenges in the financial services industry. Having joined HP in 2003 and worked with many of the top financial services providers across EMEA, Chaplin understands the challenges of delivering large scale change in a highly regulated and technically risk-averse environment. He has been heavily involved with HP Managed Security Services, working with clients to understand their security maturity and how they can more efficiently deliver their security operations. Chaplin helps clients understand the benefits and challenges of effective security outsourcing and measuring the success of their investments through proper reporting and service governance. Viewpoint paper | Cyber crime is wreaking havoc © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. 4AA5-1187ENW, March 2014