Presented at 6th International Conference on Security SECCON 2014
Protecting Banking and Financial Infrastructure
Brig. Muhammad Farooq Shaukat (Retd.)
Country Head of Security – Standard Chartered Bank
Topics Covered:
• Security Assessment
• Managing Security in Banking Sector
• Security Management Cycle
• Contours of Security Strategy
• Threat Matrix
• Threat / Risk Assessment
• Crime Trend
• Impact of Security State – Banking Sector
• Security Management
• Technological Measures
• Facts on ATM Skimming Attacks
• Training and Awareness
• Essence of Security Management
4. Security Assessment
Militancy
• The TTP central shura unanimously decided not to extend
the ‘ceasefire’ but would keep the dialogue option open.
Analysis
• While the Government exhibited flexibility in continuing with
talks amidst violence and releases of prisoners (19) , the TTP
insisted on their demands of ‘demilitarized peace zone’ and
release of more prisoners.
• Although the talks were in progress under announced ceasefire
yet the security matrix of the country did not really improve. We
saw two deadly attacks in Rawalpindi and one train put on fire
near Sibi, among other bombings.
5. Security Assessment
Analysis
• The TTP has little or no control over a wide range of militant
factions or splinter groups and therefore cannot influence them
effectively to reign in their attacks.
• Some analysts opine that withdrawl of ceasefire is perhaps a
way to put more pressure on a government, as the militants
have kept the negotiations option open.’
• Clashes among major splinter groups of militants have
surfaced. Mehsud and Khurasani groups oppose peace talks
and may have influenced TTP shura to roll back ceasefire.
6. Militancy
• Due to truncated leadership, reduced capacity and split among
militants, we are likely to see reduced militant attacks in mid to
long terms while the current situation is likely to remain fluid in
coming days where periodic spike in attacks shall remain a
possibility.
• While the militants shall look to launch a big attack to exert their
writ, it is expected that most of these attacks shall be low in
intensity as well as frequency. However, most of their attacks are
likely to be directed against LEAs and soft targets.
• Balochistan continues to experience low intensity conflict with
occasional spike. The main issues centre around sectarian
killings, kidnappings and attack against Gas Pipelines / Trains
by insurgent.
Security Assessment
12. Terrorism
Bomb Threat
Bomb Attack
Armed Robbery
Hostage Situation
Asset Loss
Reputation Loss
Cash Snatching
Cash Swindling
Law and Order
Vandalism
Arson
Burglary
Threat Matrix
13. Evaluation of
• Threat of Terrorism
• Branch/Office Location
• Local Political Dynamics
• Crime Rate and Category of Crime
• Pressure Groups/Gangs in the Area
• Vandalism Record/Past History
• Follow up Actions
Share with Stakeholders
Periodic Review
Threat / Risk Assessment
18. Robberies- Analysis
• Selection and scrutiny of Guarding / Alarming Company
• Untrained and under verified guards
• Placement of guards
• Inadequate Floor Management
• Insufficient training to staff
• Casualness in Critical timings
• No consideration for critical branches(Bunkers, vantage points)
• Indolent QRF and Response
24. Guards
Quality and Strength of Guards During Day
Remove Night Guards
Placement of Sentries on Upper Floor/Vantage Point/Roof Tops
Smart and Trained Vigilance Staff
QRF
Efficient Floor Management
Efficient Night Patrolling
Proactive Control Room Team
Physical Measures
27. Technological Measures
Establishment of Effective Control Room (s)
Effective Remote CCTV Monitoring of All Branches
Simultaneous Display of Vault Doors and ATM’s
Effective Alarm System Backed by Efficient Response
PIR Devices/Motion Detectors
Vibration Sensors
Bolt Locks
Integrated System
Pop up Alerts for Branch Arming Disarming, Fire Alarms, DVR Faults, Camera
Faults etc.
Sufficient and Uninterrupted Power Backup.
28. Ensure
uninterrupted
power supply
Ensure security
of Data.
DVR Bolting
Ensure
operational
status of DVR
Vaults/ATM
during silent
hours
External view at
Opening/closing
Placement of CCTV
cameras(Vault, ATM
,banking Hall etc)
Surveillance
30. 30
30
What do skimming devices look like?
Spot the difference….. Can you tell now?
Top photo shows an unadulterated ATM
fascia. The flashing FDI indicator is easily
observed.
A skimming device has been fitted
over the card reader slot. Although
the device has been given the
appearance of being a standard part
of the terminal it is in fact an
additional fitted piece & clearly is
different from the above photo.
Note: No flashing lead-through light
can be seen and the shape of the
bezel is also clearly different.
Facts - ATM Skimming Attacks
32. 32
Upon closer inspection of the merchandising unit, you can clearly see the pin
hole camera installed on the bottom side, capturing an image of the keypad and
subsequently, the customers PIN
PIN Capturing Devices
34. Criminals tend to attach skimming devices either late at night or early in the
morning and during periods of low traffic
Despite this skimming devices generally only take a few minutes to install and
therefore can be attached at any time
Skimming devices are usually attached for a few hours only
Criminals install equipment on at least 2 regions of an ATM to steal both the ATM
card number and the PIN
Inspect the front of the ATM closely for unusual or non standard
appearance/items. Scratches, marks, adhesive or tape residues could be
indictors of tampering.
Familiarize yourself with the look and feel of your ATM fascia. Particularly pay
attention to all of the touch and action points. (keypad, card entry slot, etc.)
Report any unusual issues immediately
By being vigilant you can play a part in reducing the risk of a skimming attack!
Facts On ATM Skimming Attacks
35. Training & Awareness
• Situational Training
• Guards OJTs
• Anti Robbery, Bomb and Evacuation Drills
• Online Training
• E-Learning Module
• Security Awareness weeks
• Interaction with senior LEA’s
• Security Publications.
• Regular Staff Awareness
Travel Advisories
Fortnightly Security Updates
On Occurrence Security Advice
37. • Be proactive rather than reactive
• Adequate reliance on Technology
• Quality of Manpower & Timely response
• Vertical and Horizontal Staff awareness
Essence of Security Management