Cyber Crime Threat Landscape - A Focus on the Financial Industry
1. The Cyber Crime Threat Landscape
A Focus on The Financial Industry
Presented by Morris Cody and William
McBorrough, Principals, MCGlobalTech
2. Presenters Profile
• Morris Cody, Managing Principal, MCGlobalTech
• 25+ yrs - IT Infrastructure Management
• 6+ yrs – Cyber Security Management
• Industries: Financial, Manufacturing, Consulting, Private, Public
• William J. McBorrough, Managing Principal, MCGlobalTech
• 15+ yrs – Cyber Security Management, Architecture, Engineering,
Operations, Awareness Training
• 6+ yrs – Adjunct Professor, Cyber Security – Undergraduate, Graduate
• Industries: Financial, Manufacturing, Healthcare, Higher Ed., Government
3. MCGlobalTech
• Provides strategic IT / Security advisory services;
• Align technology and security solutions to drive and support business goals;
• Assess IT security posture;
• Experienced in the private and public sector;
• Promotes IS education and awareness;
• Focused on four primary consulting services;
• Enterprise Information Security Management
• IT Infrastructure Management
• IT Governance & Compliance
• Cloud Computing Migration
5. Hacking - Primary Cause of Data Breach
Symantec Corporation: Internet Security Threat Report 2014 :: Volume 19
6. MEDIA FRENZY - HEADLINES
• ATM thieves conduct massive cyber attacks;
– $45 million from automated teller machines (Washington Post);
• More banks hit by cyberattacks than Initially
thought;
– JPMorgan Chase, Bank of America, Citibank, PNC Financial,
Union Bank, BB&T and Capital One (American Banker);
• Major banks hit with biggest cyberattacks in history
– These denial of service attacks were the largest recorded by a
wide margin (CNN Money).
7. Reports - Symantec / Telegraph
• There was a 42 percent increase in cyberattacks
against U.S. businesses in 2012;
• These attacks are becoming more powerful and more
sophisticated with each passing year;
• Major financial institutions are continually under assault
and the total number of attacks are increasing;
• This has caused a negative impact on company brand,
public trust, customer retention, bottom line profits
8. Threat Landscape Actors
PwC, CIO, CSO Magazine - Key findings from The Global State of Information Security Survey 2014
9. How was your organization
impacted by the security incidents?
PwC Magazine - Key findings from The Global State of Information Security Survey 2014
13. DoS Attacks Increase in Effectiveness
Verizon 2014 Data Breach Investigations Report
14. Poll Questions
• Do you have a good understanding about the threat
landscape facing your organization?
– Yes
– No
– Unsure
• What best describes the level of knowledge among non-IT
executive about your company’s cyber security defenses?
– Good
– Some
– Poor
– None
15. Are you the next Target?
2013 has been dubbed
the year of the “mega-
breach”!
Don’t become a 2014
statistic.
16. Target CFO to Congress
“The unfortunate reality is that we suffered a
breach, and all businesses — and their
customers — are facing increasingly
sophisticated threats from cybercriminals,”
-John Mulligan, Target CFO
17. Case Study – The Target Breach
• Initially reported 40,
then 70, then 110
million customers’
data compromised.
• 40 million =
population of NY +
LA + other 25 largest
US cities.
20. Now do you all come in?
What Finance managers must know about
their role in thwarting cyber attacks?
There are four general steps to become
more ready to face and deal with the threats
we’ve discussed thus far:
22. Step 2 – Know the business
1. Know the threat
2. Understand your
Business
.
23. Step 3 – Know your weaknesses
1. Know the threat
2. Understand your
business
3. Identify your
weaknesses
.
24. Step 4 – Be proactive
•
1. Know the threat
• 2. Understand your
business
• 3. Identify your
weaknesses
• 4. Be Proactive
.
25. Poll Questions
• In the past 12 months, have you participated in role-
based security awareness training that focuses on your
specific duties ?
– Yes
– No
• How confident are you that your organization’s security
staff understands your business and finance operations?
– Very Confident
– Somewhat Confident
– Not Confident at all
26. Summary Points
Considerations
• Financial services companies
are funding information
security initiatives
• Can’t fight todays cyber crimes
with yesterday’s technology
• Threat landscape is become
more sophisticated
• Cyber attacks are growing
exponentially
Call To Action
• Create threat awareness
• Know your threat landscape
• Understand your business
security needs
• Identify your security
weaknesses
• Proactive Actions
• Create / Implement a good
cyber security program
28. MCGlobalTech Contact Information
Mission Critical Global Technology Group
1776 I Street, NW
9th Floor
Washington, District of Columbia 20006
Phone: 571-249-3932
Website: www.mcglobaltech.com
Email: Info@mcglobaltech.com
William McBorrough Morris Cody
Managing Principal Managing Principal
wjm4@mcglobaltech.com mcody@mcglobaltech.com