0
Speaker Firms and Organization:
United States Department of Homeland Security
Carlos P. Kizzee
Deputy Director, Stakeholde...
June 19, 2014
2
Follow us on Twitter, that’s @Know_Group to receive updates for this event as well as other news and pert...
June 19, 2014
3
 About an hour or so after the event, you'll be sent a survey via email asking you for your feedback on y...
June 19, 2014
4
Welcome to the Knowledge Group Unlimited Subscription Programs. We have Two Options Available for You:
FRE...
June 19, 2014
5
Knowledge Group UNLIMITED PAID Subscription Programs Pricing:
Individual Subscription Fees: (2 Options)
Se...
Partner Firms:
June 19, 2014
6
BAE Systems Applied Intelligence delivers solutions, which help
clients to protect and enha...
Partner Firms:
June 19, 2014
7
Kane Russell Coleman & Logan PC is a full service law firm with
offices in Dallas and Houst...
Brief Speaker Bios:
Carlos P. Kizzee
Carlos P. Kizzee is the Deputy Director of the Department of Homeland Security’s Stak...
Brief Speaker Bios:
June 19, 2014
9
► For more information about the speakers, you can visit: http://theknowledgegroup.org...
In a two hour live webcast, a panel of thought leaders and practitioners assembled by The Knowledge
Group will discuss the...
Featured Speakers:
June 19, 2014
11
Paul Henninger
Global Product Director
BAE Systems Applied Intelligence
Kenneth Johnst...
Introduction
Paul has worked with a wide range of public sector, global financial and commercial institutions to manage
th...
June 19, 2014
13
Digital Crime Threats and Responses
Paul Henninger
Global Product Director
BAE Systems Applied Intelligen...
Simple Digital Crime
June 19, 2014
14
Paul Henninger
Global Product Director
BAE Systems Applied Intelligence
Simple Digital Crime
June 19, 2014
15
Once installed
1) Configuration-driven – attacks different banks in different ways
2...
The New Digital Crime
June 19, 2014
16
Fraud Challenge Cyber Challenge
Fraud attacks are attacks
against a business
proces...
Common Defences
June 19, 2014
17
Common Defenses
Fraud Defences Cyber Defences Comms Defences
Risk management and security...
June 19, 2014
18
Paul Henninger
Global Product Director
BAE Systems Applied Intelligence
Potential Impact – More Than Theft Of Funds
June 19, 2014
19
Paul Henninger
Global Product Director
BAE Systems Applied In...
Organizational Impact of Digital Crime
June 19, 2014
20
Detection Level
Investigation-level
Organisation-level
Information...
Case Study: Retail Bank
June 19, 2014
21
Network
penetration
and
surveillance
Identify high value
customer targets, profil...
Case Study: Insurance
June 19, 2014
22
Network
penetration
and
surveillance
Identify high value
customer targets, long
sta...
Introduction
Carlos P. Kizzee is the Deputy Director of the Department of Homeland Security’s Stakeholder Engagement and
C...
What is a “Best Case” Information Sharing Scenario?
The appropriate recipient timely receives actionable information of su...
Common Barriers to “Best Case” Information Sharing
The appropriate recipient timely receives actionable information of suf...
Threat Overload
Threat information timely shared in a volume that frustrates or impedes the Recipient’s ability to
success...
Threat Overload
Threat information timely shared in a volume that frustrates or impedes the Recipient’s ability to
success...
Threat Overload
Threat information timely shared in a volume that frustrates or impedes the Recipient’s ability to
success...
Threat Overload
The appropriate recipient timely receives actionable information of sufficient relevancy and in the most
o...
Introduction
Kenneth Johnston, a shareholder of Kane Russell Coleman & Logan PC, focuses his practice on class-action and ...
The Feds are Watching
• OCC’s Semiannual Risk Perspective
• Cyber attacks are more frequent and more
sophisticated
• Incre...
The Feds are Watching
• FFIEC’s recent webinar: High Level Goals
• Set the tone and build a security culture
• Identify, m...
The Feds are Watching
• Federal Reserve guidance: managing outsourcing risk
• Outsourcing of processing, information techn...
The Feds are Watching
• Securities Exchange Commission guidance
• 2011: SEC guidance requires disclosure of material infor...
The Feds are Watching
• Other Government actors:
• The White House 2013 Executive Order on cybersecurity encourages policy...
Detecting the Threats
• We will continue to see cyber threats and material data breaches.
June 19, 2014
36
Kenneth Johnsto...
Detecting the threats
• What will those threats look like in the financial services arena?
• An event that puts an individ...
Detecting the threats
• Who initiates cyber threats?
June 19, 2014
38
Kenneth Johnston
Shareholder
Kane Russell Coleman & ...
Detecting the threats
• Examples of threats
• Wrongdoers attack larger banks through Distributed Denial of Service (DDoS):...
Detecting the threats
• Understand the evolution of the threat environment—either
follow the technology or hunt the hunter...
Cyber-Attack Triage: Process Is Key
June 19, 2014
41
Kenneth Johnston
Shareholder
Kane Russell Coleman & Logan PC
This is ...
Cyber-Attack Triage: Process Is Key
June 19, 2014
42
Kenneth Johnston
Shareholder
Kane Russell Coleman & Logan PC
Cyber-Attack Triage: Process Is Key
• The First 24 Hours Checklist
Panicking won’t get you anywhere once you’ve discovered...
Cyber-Attack Triage: Process Is Key
• The First 24 Hours Checklist (continued)
 Interview those involved in discovering t...
Cyber-Attack Triage: Process Is Key
• Notification: When and how should you notify?
• Certain state laws and federal regul...
Cyber-Attack Triage: Process Is Key
What does the financial institution’s in-house legal team need to do before a breach o...
Introduction
Maria Z. Vathis has a broad range of experience defending corporate clients in complex business litigation ma...
Trends in Privacy & Security Class Actions
Shifting attack vectors, scanning for vulnerabilities and leveraging zero day e...
Additional Litigation Statistics
• Complaints against Target accounted for more than 50% of all data security-related fili...
Bryan Cave Data Breach Hotline
Hackers don't stop working at 5:00... and neither do we. Data breaches can and do occur at ...
June 19, 2014
51
CLE PROCESSING
The Knowledge Group offers complete CLE processing solutions for your webcasts and land ev...
June 19, 2014
52
PRIVATE LABEL PROGRAM & INTERNAL TRAINING
The Knowledge Group provides complete private label webcasts an...
June 19, 2014
53
RESEARCH & BUSINESS PROCESS OUTSOURCING
The Knowledge Group specializes in highly focused and intelligent...
► You may ask a question at anytime throughout the presentation today. Simply click on the question mark icon located on t...
June 19, 2014
55
Welcome to the Knowledge Group Unlimited Subscription Programs. We have Two Options Available for You:
FR...
June 19, 2014
56
Knowledge Group UNLIMITED PAID Subscription Programs Pricing:
Individual Subscription Fees: (2 Options)
S...
June 19, 2014
57
ABOUT THE KNOWLEDGE GROUP, LLC.
The Knowledge Group, LLC is an organization that produces live webcasts w...
Upcoming SlideShare
Loading in...5
×

Hot Topics in Dealing with Banking Cyber Security LIVE Webcast

778

Published on

In a two hour live webcast, a panel of thought leaders and practitioners assembled by The Knowledge Group will discuss the significant and latest issues with respect to Hot Topics in Dealing with Banking Cyber Security.

Key topics include:

Digital Crime
Threat Overload
Case Studies
Heightened Regulatory Oversight
Threat Detection
Cyber-Attack Triage
Recent regulatory issues and updates

To view the webcast go to this link: http://youtu.be/Igr7zAcKndE


To learn more about the webcast please visit our website: http://theknowledgegroup.org

Published in: Education, Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
778
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
32
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Transcript of "Hot Topics in Dealing with Banking Cyber Security LIVE Webcast"

  1. 1. Speaker Firms and Organization: United States Department of Homeland Security Carlos P. Kizzee Deputy Director, Stakeholder Engagement & Cyber Infrastructure Resilience Thank you for logging into today’s event. Please note we are in standby mode. All Microphones will be muted until the event starts. We will be back with speaker instructions @ 11:55am. Any Questions? Please email: Info@knowledgecongress.org Group Registration Policy Please note ALL participants must be registered or they will not be able to access the event. If you have more than one person from your company attending, you must fill out the group registration form. We reserve the right to disconnect any unauthorized users from this event and to deny violators admission to future events. To obtain a group registration please send a note to info@knowledgecongress.org or call 646.202.9344. Presented By: June 19, 2014 1 Partner Firms: Kane Russell Coleman & Logan PC Kenneth Johnston Shareholder BAE Systems Paul Henninger Global Product Director Bryan Cave LLP Maria Z. Vathis Of Counsel United States Department of Homeland Security
  2. 2. June 19, 2014 2 Follow us on Twitter, that’s @Know_Group to receive updates for this event as well as other news and pertinent info.  If you experience any technical difficulties during today’s WebEx session, please contact our Technical Support @ 866-779-3239.  You may ask a question at anytime throughout the presentation today via the chat window on the lower right hand side of your screen. Questions will be aggregated and addressed during the Q&A segment.  Please note, this call is being recorded for playback purposes.  If anyone was unable to log in to the online webcast and needs to download a copy of the PowerPoint presentation for today’s event, please send an email to: info@knowledgecongress.org. If you’re already logged in to the online webcast, we will post a link to download the files shortly.  If you are listening on a laptop, you may need to use headphones as some laptops speakers are not sufficiently amplified enough to hear the presentations. If you do not have headphones and cannot hear the webcast send an email to info@knowledgecongress.org and we will send you the dial in phone number.
  3. 3. June 19, 2014 3  About an hour or so after the event, you'll be sent a survey via email asking you for your feedback on your experience with this event today - it's designed to take less than two minutes to complete, and it helps us to understand how to wisely invest your time in future events. Your feedback is greatly appreciated. If you are applying for continuing education credit, completions of the surveys are mandatory as per your state boards and bars. 6 secret words (3 for each credit hour) will be given throughout the presentation. We will ask you to fill these words into the survey as proof of your attendance. Please stay tuned for the secret word.  Speakers, I will be giving out the secret words at randomly selected times. I may have to break into your presentation briefly to read the secret word. Pardon the interruption.
  4. 4. June 19, 2014 4 Welcome to the Knowledge Group Unlimited Subscription Programs. We have Two Options Available for You: FREE UNLIMITED: This program is free of charge with no further costs or obligations. It includes:  Unlimited access to over 15,000 pages of course material from all Knowledge Group Webcasts.  Subscribers to this program can download any slides, white papers, or supplemental material covered during all live webcasts.  50% discount for purchase of all Live webcasts and downloaded recordings. PAID UNLIMITED: Our most comprehensive and cost-effective plan, for a one-time fee:  Access to all LIVE Webcasts (Normally $199 to $349 for each event without a subscription). Including: Bring-a-Friend – Invite a client or associate outside your firm to attend for FREE. Sign up for as many webcasts as you wish.  Access to all of Recorded/Archived Events & Course Material includes 1,500+ hours of audio material (Normally $299 for each event without a subscription).  Free CLE/CPE/CE Processing (Normally $49 Per Course without a subscription).  Access to over 15,000 pages of course material from Knowledge Group Webcasts.  Ability to invite a guest of your choice to attend any live webcast Free of charge (Exclusive benefit only available for PAID UNLIMITED subscribers).  6 Month Subscription is $299 with No Additional Fees Other options are available.  Special Offer: Sign up today and add 2 of your colleagues to your plan for free Check the “Triple Play” box on the sign-up sheet contained in the link below. https://gkc.memberclicks.net/index.php?option=com_mc&view=mc&mcid=form_157964
  5. 5. June 19, 2014 5 Knowledge Group UNLIMITED PAID Subscription Programs Pricing: Individual Subscription Fees: (2 Options) Semi-Annual: $299 one-time fee for a 6 month subscription with unlimited access to all webcasts, recordings, and materials. Annual: $499 one-time fee for a 12 month unlimited subscription with unlimited access to all webcasts, recordings, and materials. Group plans are available. See the registration form for details. Best ways to sign up: 1. Fill out the sign up form attached to the post conference survey email. 2. Sign up online by clicking the link contained in the post conference survey email. 3. Click the link below or the one we just posted in the chat window to the right. https://gkc.memberclicks.net/index.php?option=com_mc&view=mc&mcid=form_157964 Discounts: Enroll today and you will be eligible for the “Triple Play” program and 3% off if you pay by credit card. Also we will waive the $49 CLE/CPE processing fee for today’s conference. See the form attached to the post conference survey email for details. Questions: Send an email to: info@knowledgecongress.org with “Unlimited” in the subject.
  6. 6. Partner Firms: June 19, 2014 6 BAE Systems Applied Intelligence delivers solutions, which help clients to protect and enhance their critical assets in the intelligence age. Its intelligent protection solutions combine large-scale data exploitation, ‘intelligence-grade’ security and complex services and solutions integration. The company operates in four key domains of expertise: cyber security, financial crime, communications intelligence and digital transformation. Leading enterprises and government departments use the solutions to protect and enhance physical infrastructure, mission-critical systems, valuable intellectual property, corporate information, reputation and customer relationships, competitive advantage and financial success. For more information, please visit www.baesystems.com/ai. United States Department of Homeland Security
  7. 7. Partner Firms: June 19, 2014 7 Kane Russell Coleman & Logan PC is a full service law firm with offices in Dallas and Houston. Formed in 1992 with five lawyers, today KRCL has more than 80 attorneys. The firm provides professional services for clients ranging from Fortune 500 companies to medium- sized public and private companies to entrepreneurs. KRCL handles transactional, litigation and bankruptcy matters throughout the U.S. and China.
  8. 8. Brief Speaker Bios: Carlos P. Kizzee Carlos P. Kizzee is the Deputy Director of the Department of Homeland Security’s Stakeholder Engagement and Cyber Infrastructure Resilience Division within the U.S. Department of Homeland Security’s Office of Cyber Security and Communications. Mr. Kizzee has extensive experience in advising and conducting operational coordination, information sharing, and collaboration among government and private sector. In his position as Deputy Director, he oversees four branches of public-private cyber engagement encompassing Cyber Education and Outreach Awareness, Federal and State Government Engagement, Industry Cyber Engagement, and Critical Infrastructure Stakeholder Risk Assessments and Mitigations. June 19, 2014 8 Paul Henninger Paul has worked with a wide range of public sector, global financial and commercial institutions to manage the fraud, compliance and security risks that have evolved rapidly over the last 10 years. He specializes in practical, innovative approaches to building and using technology to solve the real challenges faced by these organizations who are dealing with systematic attacks on their customers, data assets, and infrastructure. Paul specializes in digital crime and financial crime threats and is a frequent media and analyst commentator on digital criminality, security, technology and risk management. He advises financial institutions and government agencies around the world.
  9. 9. Brief Speaker Bios: June 19, 2014 9 ► For more information about the speakers, you can visit: http://theknowledgegroup.org/event_name/hot-topics-in-dealing-with-banking-cyber-security-live-webcast/ Kenneth Johnston Kenneth Johnston, a shareholder of Kane Russell Coleman & Logan PC, focuses his practice on class-action and general commercial litigation with an emphasis on financial services, insolvency and creditor rights. He routinely represents financial institutions in a variety of matters including data breach issues, general bank operations, insolvency, material defensive litigation, and credit risk management. Kenneth was recently named as one of the Best Lawyers in Dallas in Banking and Finance by D Magazine and has been ranked as one of the top banking attorneys in Texas by Super Lawyers magazine since 2006. Maria Z. Vathis Maria Z. Vathis has a broad range of experience defending corporate clients in complex business litigation matters, insurance coverage, and class actions involving alleged violations of federal statutes, including the Telephone Consumer Protection Act. Ms. Vathis has represented financial institutions, loan servicers, investment firms, law firms, brokers, attorneys and other professionals. She handles matters nationwide in federal and state courts. Her practice also includes monitoring litigation for international insurers, advising on risk management, evaluating existing insurance coverage, drafting insurance policy language and analyzing insurance coverage under professional liability, cyber and first-party property insurance policies.
  10. 10. In a two hour live webcast, a panel of thought leaders and practitioners assembled by The Knowledge Group will discuss the significant and latest issues with respect to Hot Topics in Dealing with Banking Cyber Security. Key topics include: • Digital Crime • Threat Overload • Case Studies • Heightened Regulatory Oversight • Threat Detection • Cyber-Attack Triage • Recent regulatory issues and updates June 19, 2014 10
  11. 11. Featured Speakers: June 19, 2014 11 Paul Henninger Global Product Director BAE Systems Applied Intelligence Kenneth Johnston Shareholder Kane Russell Coleman & Logan PC Maria Z. Vathis Of Counsel Bryan Cave LLP Carlos P. Kizzee Deputy Director, Stakeholder Engagement & Cyber Infrastructure Resilience United States Department of Homeland Security
  12. 12. Introduction Paul has worked with a wide range of public sector, global financial and commercial institutions to manage the fraud, compliance and security risks that have evolved rapidly over the last 10 years. He specializes in practical, innovative approaches to building and using technology to solve the real challenges faced by these organizations who are dealing with systematic attacks on their customers, data assets, and infrastructure. Paul specializes in digital crime and financial crime threats and is a frequent media and analyst commentator on digital criminality, security, technology and risk management. He advises financial institutions and government agencies around the world. June 19, 2014 12 Paul Henninger Global Product Director BAE Systems Applied Intelligence
  13. 13. June 19, 2014 13 Digital Crime Threats and Responses Paul Henninger Global Product Director BAE Systems Applied Intelligence
  14. 14. Simple Digital Crime June 19, 2014 14 Paul Henninger Global Product Director BAE Systems Applied Intelligence
  15. 15. Simple Digital Crime June 19, 2014 15 Once installed 1) Configuration-driven – attacks different banks in different ways 2) Enables tailored attacks which are aware of withdrawal limits and other factors 3) Can perform internal transfers and external payments 4) Downloadable mule IBAN – evade IBAN blacklists 5) Hijacks one-time tokens 6) Delay customer recognition of fraud – fake balance screens Paul Henninger Global Product Director BAE Systems Applied Intelligence
  16. 16. The New Digital Crime June 19, 2014 16 Fraud Challenge Cyber Challenge Fraud attacks are attacks against a business process Cyber attacks are against information technology infrastructure Comms Challenge Comms attacks are unauthorized or illegal use of communications technology Criminals seek to create or manipulate transactions. Criminals seek to steal data or control/disrupt systems. Criminals seek to use or manipulate comms systems to plan or facilitate crime. Financial Gain Information Theft Political / Economic Espionage Denial of Service / Sabotage Facilitate Crime Promote Ideology National Security Advantage DefinitionMethod Threat ActorGoal Paul Henninger Global Product Director BAE Systems Applied Intelligence
  17. 17. Common Defences June 19, 2014 17 Common Defenses Fraud Defences Cyber Defences Comms Defences Risk management and security can be enhanced by combining cyber, fraud and comms intelligence and correlating sources of threats to enable better detection and faster, more efficient investigation Shared intelligence on the threat Shared intelligence on the threat Shared intelligence on the threat Augmentation with other risk sources Augmentation with other risk sources Augmentation with other risk sources Intel. Sharing X-function enrichment Integrated investigation tools Integrated investigation tools Integrated investigation tools Operations Paul Henninger Global Product Director BAE Systems Applied Intelligence
  18. 18. June 19, 2014 18 Paul Henninger Global Product Director BAE Systems Applied Intelligence
  19. 19. Potential Impact – More Than Theft Of Funds June 19, 2014 19 Paul Henninger Global Product Director BAE Systems Applied Intelligence
  20. 20. Organizational Impact of Digital Crime June 19, 2014 20 Detection Level Investigation-level Organisation-level Information sharing; incident logging; multi-skilled operations teams; Org structure changes; risk management framework Automated integration of intelligence data; device reputation; endpoint hardening; Detection systems integration Paul Henninger Global Product Director BAE Systems Applied Intelligence
  21. 21. Case Study: Retail Bank June 19, 2014 21 Network penetration and surveillance Identify high value customer targets, profile their behaviour and formulate attack plan Surveillance - Identify security procedures & protocols by attacking attack email accounts of staff who work in fraud, risk & security Attack the existing control systems e.g. change or remove limits on debit cards or for international funds transfer Exfiltration of account data to enable account compromise Account Compromise Quietly compromise accounts – set up mules to receive transactions from compromised accounts Massive DDOS attack on website and phone systems - distraction Cash Out Rapid movement of funds from target accounts to mule accounts Mule accounts move money offshore to multiple locations Funds withdrawn as cash at ATMs in multiple offshore locations Crypto/Ransomware left as threat to stop any legal pursuit / theft of sensitive data / blackmail of senior staff Paul Henninger Global Product Director BAE Systems Applied Intelligence
  22. 22. Case Study: Insurance June 19, 2014 22 Network penetration and surveillance Identify high value customer targets, long standing customers with no claims, high value vehicles, property Surveillance - Identify security procedures & protocols by attacking email accounts of staff who work in fraud, risk & security Attack the existing control systems e.g. change or remove limits on payouts Exfiltration of policy holder data for account takeover Account Compromise Cash Out Claim against high value policies Funnel money through mule accounts to offshore locations and extract as ATM withdrawals Crypto/Ransomware left as threat to stop any legal pursuit / theft of sensitive data / blackmail of senior staff Massive DDOS attack on website and phone systems - distraction Paul Henninger Global Product Director BAE Systems Applied Intelligence
  23. 23. Introduction Carlos P. Kizzee is the Deputy Director of the Department of Homeland Security’s Stakeholder Engagement and Cyber Infrastructure Resilience Division within the U.S. Department of Homeland Security’s Office of Cyber Security and Communications. Mr. Kizzee has extensive experience in advising and conducting operational coordination, information sharing, and collaboration among government and private sector. In his position as Deputy Director, he oversees four branches of public-private cyber engagement encompassing Cyber Education and Outreach Awareness, Federal and State Government Engagement, Industry Cyber Engagement, and Critical Infrastructure Stakeholder Risk Assessments and Mitigations. Mr. Kizzee also serves as the Program Manager of a Joint Program Office implementing key operational information sharing and information sharing support program activities associated with Public-Private Threat Information Sharing, Enhanced Cyber Security Services for Critical Infrastructure, and Implementing Trusted and Secure Automation among public-private cyber data sharing. A graduate of the United States Naval Academy, Mr. Kizzee has a Bachelor of Science degree in Mathematics, a Juris Doctor degree from the Georgetown University Law Center, and a Master of Laws from the Judge Advocate General’s School of the Army at the University of Virginia’s School of Law. In addition to being a retired Marine Corps Judge Advocate, Mr. Kizzee is a career Federal civil servant with over ten years of Federal service. June 19, 2014 23 Carlos P. Kizzee Deputy Director, Stakeholder Engagement & Cyber Infrastructure Resilience United States Department of Homeland Security
  24. 24. What is a “Best Case” Information Sharing Scenario? The appropriate recipient timely receives actionable information of sufficient relevancy and in the most optimal and manageable form and quantity of ingest required to inform their necessary decision or action; with no resulting harm to the source, the recipient, or any reasonably foreseeable third party as a result of the transaction. Character of Data • Relevant to Recipient interests • No “noise” • No redundancy • Actionable by Recipient • Informs/defines decision/action of value to the Recipient (including additional analysis) • Timely transmitted to Recipient • Recipient decision/action can be taken in time to be of maximum value to the Recipient • Trustworthy • Data and/or Source is of suitable credibility for decision/action Nature of Impacts • Recipient’s capture of data causes no harm to Source Nature of transaction • Transmission and capture involves minimal resource and delay (automated) June 19, 2014 24 Carlos P. Kizzee Deputy Director, Stakeholder Engagement & Cyber Infrastructure Resilience United States Department of Homeland Security
  25. 25. Common Barriers to “Best Case” Information Sharing The appropriate recipient timely receives actionable information of sufficient relevancy and in the most optimal and manageable form and quantity of ingest required to inform their necessary decision or action; with no resulting harm to the source, the recipient, or any reasonably foreseeable third party as a result of the transaction. Data Insufficiency • Insufficient data to inform decision/action • Lack of awareness or appreciation of relevance of data Poor data flow mapping • Right data goes to the wrong Recipient • Wrong data goes to the right Recipient Trust • Fear of harm chills Source sharing • Recipient actions cause Source or others harm “Threat Overload” June 19, 2014 25 Carlos P. Kizzee Deputy Director, Stakeholder Engagement & Cyber Infrastructure Resilience United States Department of Homeland Security
  26. 26. Threat Overload Threat information timely shared in a volume that frustrates or impedes the Recipient’s ability to successfully ingest, parse, and inform their necessary decision or action. 1. Too much data 2. Too much relevant data June 19, 2014 26 Carlos P. Kizzee Deputy Director, Stakeholder Engagement & Cyber Infrastructure Resilience United States Department of Homeland Security
  27. 27. Threat Overload Threat information timely shared in a volume that frustrates or impedes the Recipient’s ability to successfully ingest, parse, and inform their necessary decision or action. Too much shared data • “One-size” threat data does not “fit-all” of a non-uniform Recipient base • Segmentation of recipients by their data requirements • Map generated data against the relevant segmented requirements of recipients • “I out source all of my IT.” • “I conduct basic system administration of my network.” • “I research, analyze, and develop mitigations for threats to my enterprise infrastructure.” • “I develop and provide services and products to mitigate threats to networks and systems.” • Data flow follows the map of generated data to the relevant recipient • “Information Sharing” defined by recipient requirements segmentation and data flow mapping. June 19, 2014 27 Carlos P. Kizzee Deputy Director, Stakeholder Engagement & Cyber Infrastructure Resilience United States Department of Homeland Security
  28. 28. Threat Overload Threat information timely shared in a volume that frustrates or impedes the Recipient’s ability to successfully ingest, parse, and inform their necessary decision or action. Too much relevant shared data • A good problem to have is still a problem • Enhance the quality of analysis • Tools • Tradecraft and skills • Enhance capacity • Analytical collaboration • Tailored analytics • Trust, credibility, and scoring of data and source • Standard, structured data sharing profiles to enable auto ingest and parsing • “Information Sharing” made scalable and sustainable by partnership, process, and coordination. June 19, 2014 28 Carlos P. Kizzee Deputy Director, Stakeholder Engagement & Cyber Infrastructure Resilience United States Department of Homeland Security
  29. 29. Threat Overload The appropriate recipient timely receives actionable information of sufficient relevancy and in the most optimal and manageable form and quantity of ingest required to inform their necessary decision or action; with no resulting harm to the source, the recipient, or any reasonably foreseeable third party as a result of the transaction. • So what should I do differently? • “Information Sharing” isn’t just sharing information, it is a data flow: • defined by recipient requirements segmentation and data flow mapping, and • made scalable and sustainable by partnership, processes, and coordination in the data flow. Governance matters: • What data is required? • To whom? • For what purpose(s)? • Under what conditions? • What uses will cause harm and are not permitted? Information sharing arrangements and marriage? June 19, 2014 29 Carlos P. Kizzee Deputy Director, Stakeholder Engagement & Cyber Infrastructure Resilience United States Department of Homeland Security
  30. 30. Introduction Kenneth Johnston, a shareholder of Kane Russell Coleman & Logan PC, focuses his practice on class-action and general commercial litigation with an emphasis on financial services, insolvency and creditor rights. He routinely represents financial institutions in a variety of matters including data breach issues, general bank operations, insolvency, material defensive litigation, and credit risk management. Kenneth was recently named as one of the Best Lawyers in Dallas in Banking and Finance by D Magazine and has been ranked as one of the top banking attorneys in Texas by Super Lawyers magazine since 2006. June 19, 2014 30 Kenneth Johnston Shareholder Kane Russell Coleman & Logan PC
  31. 31. The Feds are Watching • OCC’s Semiannual Risk Perspective • Cyber attacks are more frequent and more sophisticated • Increasingly targeting smaller institutions • Leads banks to implement new technologies, rely on third-party providers • May adversely affect bank’s ability to identify and control risks • Agencies have provided guidance focusing on corporate governance tools June 19, 2014 31 Kenneth Johnston Shareholder Kane Russell Coleman & Logan PC
  32. 32. The Feds are Watching • FFIEC’s recent webinar: High Level Goals • Set the tone and build a security culture • Identify, measure, mitigate, and monitor risks • Develop risk management processes scaled to risks and complexity of institution • Align cybersecurity strategy with business strategy • Create a governance process that ensures ongoing awareness and accountability • Timely report cyber-vulnerabilities to senior management • FFIEC will announced vulnerability and risk-mitigation assessments, late 2014 June 19, 2014 32 Kenneth Johnston Shareholder Kane Russell Coleman & Logan PC
  33. 33. The Feds are Watching • Federal Reserve guidance: managing outsourcing risk • Outsourcing of processing, information technology services, and operational activities creates risk • Carefully evaluate what information to provide to vendor: consider financial information, customer information, and CSI • Ensure vendor compliance with privacy laws and regulations June 19, 2014 33 Kenneth Johnston Shareholder Kane Russell Coleman & Logan PC
  34. 34. The Feds are Watching • Securities Exchange Commission guidance • 2011: SEC guidance requires disclosure of material information regarding cybersecurity risks • SEC’s Recent Roundtable • Cybersecurity is SEC’s “number one global threat” • SEC says it must play a role, but the nature of that role is still emerging June 19, 2014 34 Kenneth Johnston Shareholder Kane Russell Coleman & Logan PC
  35. 35. The Feds are Watching • Other Government actors: • The White House 2013 Executive Order on cybersecurity encourages policy coordination and information sharing among federal agencies • FBI says that resources devoted to cyber threats will soon eclipse resources devoted to terrorism • FDIC statement: banks must be aware of threats and use government-sponsored resources June 19, 2014 35 Kenneth Johnston Shareholder Kane Russell Coleman & Logan PC
  36. 36. Detecting the Threats • We will continue to see cyber threats and material data breaches. June 19, 2014 36 Kenneth Johnston Shareholder Kane Russell Coleman & Logan PC
  37. 37. Detecting the threats • What will those threats look like in the financial services arena? • An event that puts an individual’s name plus social security number, financial record, or debit card at risk—whether in digital or paper format • An event that puts a company and its deposits at risk—wire fraud • Data breaches may occur from malicious criminal attacks, system glitches, or human error • Breaches may include atypical catastrophic or mega data breaches running into the millions of records—e.g., TJ MAXX or Target • A breach may be more typical, ranging from as few as a single compromised record to 100,000 compromised records June 19, 2014 37 Kenneth Johnston Shareholder Kane Russell Coleman & Logan PC
  38. 38. Detecting the threats • Who initiates cyber threats? June 19, 2014 38 Kenneth Johnston Shareholder Kane Russell Coleman & Logan PC
  39. 39. Detecting the threats • Examples of threats • Wrongdoers attack larger banks through Distributed Denial of Service (DDoS): o These attacks interrupt the ability to do business o Some allege that Iran took an active role in a recent DDoS attack • Both large and small banks experience phishing and malware attacks targeting consumers o Criminals install malware on a victim’s computer to access passwords and other critical information o They drain deposit accounts • Corporate accounts provide lucrative opportunities for phishing and malware attacks o Deposits typically exceed consumer accounts o Not so much a bank security issue than a customer security issue o Criminals issue unauthorized wires (not uncommon to see six-figure problems) • Hactivists unlawfully access systems to make an example or to prove points June 19, 2014 39 Kenneth Johnston Shareholder Kane Russell Coleman & Logan PC
  40. 40. Detecting the threats • Understand the evolution of the threat environment—either follow the technology or hunt the hunter • 1950s and 60s saw an increase in paper check fraud that continues today (more reliance on machines) • ATM Machines (increased access points) • Internet Banking (increased access points and outsourcing) • Mobile Banking (continuing to increase access points and tapping into the unbanked market) • Mobile Payment Systems (uncharted territory) June 19, 2014 40 Kenneth Johnston Shareholder Kane Russell Coleman & Logan PC
  41. 41. Cyber-Attack Triage: Process Is Key June 19, 2014 41 Kenneth Johnston Shareholder Kane Russell Coleman & Logan PC This is a fine metaphor, but it’s not the right way to think about cyber attacks. Fixing leaks is losing the battle.
  42. 42. Cyber-Attack Triage: Process Is Key June 19, 2014 42 Kenneth Johnston Shareholder Kane Russell Coleman & Logan PC
  43. 43. Cyber-Attack Triage: Process Is Key • The First 24 Hours Checklist Panicking won’t get you anywhere once you’ve discovered a data breach. Accept that it’s happened and immediately contact your legal counsel for guidance on initiating these 10 critical steps:  Record the date and time when the breach was discovered, as well as the current date and time when response efforts begin, i.e. when someone on the response team is alerted to the breach.  Alert and activate everyone on the response team, including external resources, to begin executing your preparedness plan.  Secure the premises around the area where the data breach occurred to help preserve evidence.  Stop additional data loss. Take affected machines offline but do not turn them off or start probing into the computer until your forensics team arrives.  Document everything known thus far about the breach: Who discovered it, who reported it, to whom was it reported, who else knows about it, what type of breach occurred, what was stolen, how was it stolen, what systems are affected, what devices are missing, etc. June 19, 2014 43 Kenneth Johnston Shareholder Kane Russell Coleman & Logan PC
  44. 44. Cyber-Attack Triage: Process Is Key • The First 24 Hours Checklist (continued)  Interview those involved in discovering the breach and anyone else who may know about it. Document your investigation.  Review protocols regarding disseminating information about the breach for everyone involved in this early stage.  Assess priorities and risks based on what you know about the breach.  Bring in your forensics firm to begin an in-depth investigation.  Notify law enforcement, if needed, after consulting with legal counsel and upper management. June 19, 2014 44 Kenneth Johnston Shareholder Kane Russell Coleman & Logan PC
  45. 45. Cyber-Attack Triage: Process Is Key • Notification: When and how should you notify? • Certain state laws and federal regulations shrink the timeline to 30 or 45 days. • Some states mandate specific content for you to include in customer notification letters. This can include toll-free numbers and addresses for the three major credit bureaus, the FTC and a state’s attorney general. • Contact with law enforcement is important. Notification may be delayed if law enforcement believes it would interfere with an ongoing investigation. • Multiple state laws may apply to one data breach. • If some affected individuals live in a state that mandates notification and others live in a state that doesn’t, you may need to notify everyone. • Some recipients will think the notification letter itself is a scam. June 19, 2014 45 Kenneth Johnston Shareholder Kane Russell Coleman & Logan PC
  46. 46. Cyber-Attack Triage: Process Is Key What does the financial institution’s in-house legal team need to do before a breach occurs? • Establish relationships with any necessary external counsel now – not after the breach. • Review and stay up to date on state and federal laws governing data breaches in the financial institutions sector. • Direct the creation of a concrete, written, and fully vetted response policy. Then, when a breach occurs, counsel can quickly determine whether it is necessary to notify affected individuals, the media, law enforcement, government agencies and other third parties, such as card holder issuers. June 19, 2014 46 Kenneth Johnston Shareholder Kane Russell Coleman & Logan PC
  47. 47. Introduction Maria Z. Vathis has a broad range of experience defending corporate clients in complex business litigation matters, insurance coverage, and class actions involving alleged violations of federal statutes, including the Telephone Consumer Protection Act. Ms. Vathis has represented financial institutions, loan servicers, investment firms, law firms, brokers, attorneys and other professionals. She handles matters nationwide in federal and state courts. Her practice also includes monitoring litigation for international insurers, advising on risk management, evaluating existing insurance coverage, drafting insurance policy language and analyzing insurance coverage under professional liability, cyber and first-party property insurance policies. Phone: (312) 602-5127 Email: maria.vathis@bryancave.com June 19, 2014 47 Maria Z. Vathis Of Counsel Bryan Cave LLP
  48. 48. Trends in Privacy & Security Class Actions Shifting attack vectors, scanning for vulnerabilities and leveraging zero day exploits – these terms describe the plaintiffs’ class action bar just as easily as they do hackers. This quarter’s analysis of the types of complaints filed by the Plaintiffs’ bar, and the ways in which those complaints have been structured, shows an increase in class action filing and an ongoing evolution by the plaintiffs’ bar to identify the “right” strategy for obtaining damages or leveraging settlement value. The following are key findings concerning data-related complaints filed by the plaintiffs’ bar over the most recently reported quarter (2014 – Q1): • A total of 178 data-related class action complaints were filed. • Despite overwhelming media attention on payment card related data security breaches, the majority of complaints (77%) involve data privacy (collection, use and sharing) as opposed to data security (safeguarding and breach) (23%). As a result, while data security litigation is on the rise when compared to previous quarter, it remains a minority of overall litigation. June 19, 2014 48 Maria Z. Vathis Of Counsel Bryan Cave LLP * Source: Shahin Rothermel and David Zetoony, “Shifting Trends: Privacy & Security Class Action Litigation,” Bryan Cave Data Privacy & Security Bulletin, June 2014.
  49. 49. Additional Litigation Statistics • Complaints against Target accounted for more than 50% of all data security-related filings. • Telemarketing remained the most common primary legal theory alleged (64%). • The U.S. District Court for the Central District of California (25%) replaced the Northern District of Illinois (15%) as the most popular federal forum for filing. • In terms of industry sectors, retail (21%), debt collection (16%), financial services (7%), and marketing (7%) received the largest number of complaints. • 96% of complaints filed in federal courts in the first quarter alleged putative national classes. • Consumers’ mobile phone numbers were the leading type of data at issue (44%), followed by credit and debit card information (18%) and fax numbers (17%). • Over 100 plaintiffs’ firms were involved in data-related litigation. The vast majority of firms filed less than four complaints. June 19, 2014 49 Maria Z. Vathis Of Counsel Bryan Cave LLP
  50. 50. Bryan Cave Data Breach Hotline Hackers don't stop working at 5:00... and neither do we. Data breaches can and do occur at any time, day or night. When a security breach occurs, preventing liability often means analyzing facts, identifying legal obligations, and taking steps to prevent or mitigate harm within the first minutes and hours of becoming aware of a breach. That's why an attorney from our global Bryan Cave Data Privacy and Security Practice is on-call for clients whenever and wherever a breach occurs: 24 hours a day, 7 days a week. June 19, 2014 50 Maria Z. Vathis Of Counsel Bryan Cave LLP
  51. 51. June 19, 2014 51 CLE PROCESSING The Knowledge Group offers complete CLE processing solutions for your webcasts and land events. This comprehensive service includes everything you need to offer CLE credit at your conference:  Complete end-to-end CLE credit Solutions  Setting up your marketing collateral properly.  Completing and filing all of the applications to the state bar.  Guidance on how to structure content meet course material requirements for the state Bars.  Sign up forms to be used to check & confirm attendance at your event.  Issuing official Certificates of Attendance for credit to attendees. Obtaining CLE credit varies from state to state and the rules can be complex. The Knowledge Group will help you navigate the complexities via complete cost effective CLE solutions for your conferences. Most CLE processing plans are just $499 plus filing fees and postage. To learn more email us at info@knowledgecongress.org or CALL 646-202-9344
  52. 52. June 19, 2014 52 PRIVATE LABEL PROGRAM & INTERNAL TRAINING The Knowledge Group provides complete private label webcasts and in-house training solutions. Developing and executing webcasts can be a huge logistical nightmare. There are a lot of moving parts and devolving a program that is executed smoothly and cost effectively can prove to be a significant challenge for companies who do not produce events on a regular basis. Live events require a high level of proficiency in order to execute proficiently. Our producers will plan and develop your webcast for you and our webcast technicians will execute your live event with expert precision. We have produced over 1000 live webcasts. Put our vast expertise to work for you. Let us develop a professional webcast for your firm that will impress all your clients and internal stakeholders. Private Label Programs Include:  Complete Project Management  Topic Development  Recruitment of Speakers (Or you can use your own)  Marketing Material Design  PR Campaign  Marketing Campaign  Event Webpage Design  Slides: Design and Content Development  Speaker coordination: Arranging & Executing Calls, Coordinating Slides & Content  Attendee Registration  Complete LIVE Event Management for Speaker and Attendees including: o Technical Support o Event Moderator o Running the Live event (All Aspects) o Multiple Technical Back-ups & Redundancies to Ensure a Perfect Live Event o Webcast Recording (MP3 Audio & MP4 Video) o Post Webcast Performance Survey  CLE and CPE Processing Private Label Programs Start at just $999
  53. 53. June 19, 2014 53 RESEARCH & BUSINESS PROCESS OUTSOURCING The Knowledge Group specializes in highly focused and intelligent market and topic research. Outsource your research projects and business processes to our team of experts. Normally we can run programs for less than 50% of what it would cost you to do it in-house. Here are some ideal uses for our services:  Market Research and Production o List Research (Prospects, Clients, Market Evaluation, Sales Lists, Surveys) o Design of Electronic Marketing Collateral o Executing Online Marketing Campaigns (Direct Email, PR Campaigns) o Website Design o Social Media  Analysis & Research o Research Companies & Produce Reports o Research for Cases o Specialized Research Projects  eSales (Electronic Inside Sales – Email and Online) o Sales Leads Development o eSales Campaigns  Inside Sales people will prospect for leased, contact them and coordinate with your sales team to follow up.  Our Inside eSales reps specialize in developing leads for big-ticket enterprise level products and services. o Electronic Database Building – Comprehensive service which includes development of sales leads, contacting clients, scoring leads, adding notes and transferring the entire data set to you for your internal sales reps.  eCustomer Service (Electronic Inside Sales – Email and Online) o Real-Time Customer Service for Your clients  Online Chat  Email o Follow-Up Customer Service  Responds to emails  Conducts Research  Replies Back to Your Customer Please note these are just a few ways our experts can help with your Business Process Outsourcing needs. If you have a project not specifically listed above please contact us to see if we can help.
  54. 54. ► You may ask a question at anytime throughout the presentation today. Simply click on the question mark icon located on the floating tool bar on the bottom right side of your screen. Type your question in the box that appears and click send. ► Questions will be answered in the order they are received. Q&A: June 19, 2014 54 Paul Henninger Global Product Director BAE Systems Applied Intelligence paul.henninger@baesystems.com Kenneth Johnston Shareholder Kane Russell Coleman & Logan PC kjohnston@krcl.com Maria Z. Vathis Of Counsel Bryan Cave LLP maria.vathis@bryancave.com Carlos P. Kizzee Deputy Director, Stakeholder Engagement & Cyber Infrastructure Resilience United States Department of Homeland Security carlos.kizzee@HQ.DHS.GOV
  55. 55. June 19, 2014 55 Welcome to the Knowledge Group Unlimited Subscription Programs. We have Two Options Available for You: FREE UNLIMITED: This program is free of charge with no further costs or obligations. It includes:  Unlimited access to over 15,000 pages of course material from all Knowledge Group Webcasts.  Subscribers to this program can download any slides, white papers, or supplemental material covered during all live webcasts.  50% discount for purchase of all Live webcasts and downloaded recordings. PAID UNLIMITED: Our most comprehensive and cost-effective plan, for a one-time fee:  Access to all LIVE Webcasts (Normally $199 to $349 for each event without a subscription). Including: Bring-a-Friend – Invite a client or associate outside your firm to attend for FREE. Sign up for as many webcasts as you wish.  Access to all of Recorded/Archived Events & Course Material includes 1,500+ hours of audio material (Normally $299 for each event without a subscription).  Free CLE/CPE/CE Processing3 (Normally $49 Per Course without a subscription).  Access to over 15,000 pages of course material from Knowledge Group Webcasts.  Ability to invite a guest of your choice to attend any live webcast Free of charge. (Exclusive benefit only available for PAID UNLIMITED subscribers.)  6 Month Subscription is $299 with No Additional Fees. Other options are available.  Special Offer: Sign up today and add 2 of your colleagues to your plan for free. Check the “Triple Play” box on the sign- up sheet contained in the link below. https://gkc.memberclicks.net/index.php?option=com_mc&view=mc&mcid=form_157964
  56. 56. June 19, 2014 56 Knowledge Group UNLIMITED PAID Subscription Programs Pricing: Individual Subscription Fees: (2 Options) Semi-Annual: $299 one-time fee for a 6 month subscription with unlimited access to all webcasts, recordings, and materials. Annual: $499 one-time fee for a 12 month unlimited subscription with unlimited access to all webcasts, recordings, and materials. Group plans are available. See the registration form for details. Best ways to sign up: 1. Fill out the sign up form attached to the post conference survey email. 2. Sign up online by clicking the link contained in the post conference survey email. 3. Click the link below or the one we just posted in the chat window to the right. https://gkc.memberclicks.net/index.php?option=com_mc&view=mc&mcid=form_157964 Discounts: Enroll today and you will be eligible for the “Triple Play” program and 3% off if you pay by credit card. Also we will waive the $49 CLE/CPE processing fee for today’s conference. See the form attached to the post conference survey email for details. Questions: Send an email to: info@knowledgecongress.org with “Unlimited” in the subject.
  57. 57. June 19, 2014 57 ABOUT THE KNOWLEDGE GROUP, LLC. The Knowledge Group, LLC is an organization that produces live webcasts which examine regulatory changes and their impacts across a variety of industries. “We bring together the world's leading authorities and industry participants through informative two-hour webcasts to study the impact of changing regulations.” If you would like to be informed of other upcoming events, please click here. Disclaimer: The Knowledge Group, LLC is producing this event for information purposes only. We do not intend to provide or offer business advice. The contents of this event are based upon the opinions of our speakers. The Knowledge Congress does not warrant their accuracy and completeness. The statements made by them are based on their independent opinions and does not necessarily reflect that of The Knowledge Congress' views. In no event shall The Knowledge Congress be liable to any person or business entity for any special, direct, indirect, punitive, incidental or consequential damages as a result of any information gathered from this webcast. Certain images and/or photos on this page are the copyrighted property of 123RF Limited, their Contributors or Licensed Partners and are being used with permission under license. These images and/or photos may not be copied or downloaded without permission from 123RF Limited
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×