1 / 10

How Cyber Threats Are Changing The Risk Profiles of Banks

How Cyber Threats Are Changing The Risk Profiles of Banks. AIBA Quarterly Meeting December 5, 2013. Changing risk profiles. Interesting trends Possible solutions. I. Interesting trends. Interesting trends. New technology has changed how consumers approach banking. .

iren
Download Presentation

How Cyber Threats Are Changing The Risk Profiles of Banks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. How Cyber Threats Are Changing The Risk Profiles of Banks AIBA Quarterly Meeting December 5, 2013

  2. Changing risk profiles Interesting trends Possible solutions

  3. I. Interesting trends

  4. Interesting trends New technology has changed how consumers approach banking. • . • “Banking is something I do, not a place I go.” • Selecting a bank based on usability, not on products and services Risks: • Keeping up with technology: the “Red queen” problem • Constant new technology constantly introduces risks

  5. Interesting trends, continued Regulators, firms and courts are shifting risk around. • Regulators have pushed third-party risk back to banks • New OCC third-party guidelines • Courts have pushed customer risk to banks • Patco Construction vOcean Bank • Entrepreneurs have developed a “cyber insurance” market

  6. Interesting trends, continued Cyber attackers have new motives. • New reasons to target banks: • Grievances against an entire industry, e.g. Occupy • Grievances with specific banks, e.g. OP Avenge Assange DDoS • PayPal, Visa and MasterCard targeted for blocking payments to Wikileaks.org • New reasons to use banks to gain access to other targets: • Media attention, e.g. OPUSA DDoS • Customer data • Offshore tax-haven leaks

  7. II. Possible solutions

  8. Possible Solutions Banks need industry-wide cooperation and sharing. • Common set of standards • Pressure for vendors and banks to meet best practices • Do not wait for regulators • Effective information sharing • Threats, responses and outcomes

  9. Possible Solutions IT/IS strategies must shift from reaction to anticipation. • Increase focus on predicting threats • Fighting fires is still important, but leads to burnout, for staff and customers • Encourage IT/IS staff to look further afield What is the bank’s response when: • A competitor gets hit • When the bank receives negative press • When the bank’s name shows up in Pastebin, or other hacker-friendly space

  10. Alex Muentz, principal Prior to joining Promontory, Alex was a senior associate at Picciotti and Schoenberg, where he facilitated internal and external investigations by assessing physical security, networks, systems, computers, smartphones, and other technologies for medium to large companies. Alex frequently advises in litigation matters relating to the information security community, including teaching about computer crime at the Temple University Department of Criminal Justice, where he is an adjunct professor. As an experienced network and system engineer, and white-hat hacker, he is an expert at reverse engineering, penetration testing, electronic discovery, and network intrusion. Alex previously was a contract attorney and team lead at several Philadelphia law firms, where his work included investigations, due diligence, database and connection diagnostics, and review of privilege logs in relation to litigations and subpoenas. Prior to his career in law, Alex was a senior technician at Springboard Media, where he collaborated with customers to perform technical support and design IT solutions. Prior to working at Springboard Media, Alex tested systems for information security and reliability at Vertex Pharmaceuticals where he specialized in data breaches and audits. Alex earned a J.D. at Temple University and a B.S. in economics at Northeastern University.

More Related