SlideShare a Scribd company logo

An Inside-Out Approach to Security in Financial Services

Forcepoint LLC
Forcepoint LLC

This presentation addresses the following: - Key challenges in Financial Services - Requirements for Building an Insider Threat Program - The Forcepoint Approach

Technology
1 of 46
Copyright © 2017 Forcepoint. All rights reserved. An Inside-Out Approach to Security in Financial Services Brandon Swafford Bob Slocum
Copyright © 2017 Forcepoint. All rights reserved. | 2 PANELISTS Brandon Swafford Chief Technology Officer, Data & Insider Threat Forcepoint Bob Slocum Director, Data & Insider Threat Strategy Forcepoint
Copyright © 2017 Forcepoint. All rights reserved. | 3 AGENDA • Key challenges in Financial Services • Requirements for Building an Insider Threat Program • The Forcepoint Approach
Copyright © 2017 Forcepoint. All rights reserved. | 4 Key Challenges in Financial Services
Copyright © 2017 Forcepoint. All rights reserved. | 5 KEY CHALLENGES IN FINANCIAL SERVICES REGULATORY & INDUSTRY COMPLIANCE CYBER CRIME CONSTANT BARRAGE OF ATTACKS BUSINESS TRANSFORMATION FREQUENT M&A
Copyright © 2017 Forcepoint. All rights reserved. | 6 TECHNOLOGY-CENTRIC APPROACH: IS IT WORKING? Up 5% to 81B in spending that failed to protect Enterprise data / IP Security Spend $81B 45 of Fortune 500 rank their Insider Threat program as effective Companies 45 9%5%
FRAUD SABOTAGE WORKPLACE VIOLENCE HARASSMENT PRIVILEGED ACCESS DATA EXFILTRATION PROCESS & CHANGE MANAGEMENT INVESTIGATIONS
Fined $1M when a departing EMPLOYEE stole data on 730,000 client accounts Over 10,000 records outside company control as EMPLOYEES leave or retire with data on personal devices Vendor EMPLOYEE has credentials stolen, exposing 56M credit cards ACCIDENTAL INSIDER MALICIOUS INSIDER COMPROMISED INSIDER 22% 10%68%
Copyright © 2017 Forcepoint. All rights reserved. | 14 Requirements for Building an Insider Threat Program
Copyright © 2017 Forcepoint. All rights reserved. | 15 REQUIREMENTS FOR BUILDING AN INSIDER THREAT PROGRAM DETECT which individuals are behaving in ways that pose the greatest potential risk RAPIDLY and thoroughly understand that user’s potentially risky behavior and the context around it
Copyright © 2017 Forcepoint. All rights reserved. | 16 WHAT DOES AN INSIDER THREAT PROGRAM LOOK LIKE? PEOPLE • Identify problem • Build Legal/HR coalition • Information Security policy & strategy review TECHNOLOGY • Define requirements for observation • Collect Data PROCESS • Learn normal behaviour • Identifier outliers • Risk scoring – threat vs. asset PEOPLE • Offer education • Share metrics by dept. & enlist volunteers • Enforcement • Set actions on objective for tactical wins • Manage risk TECHNOLOGY
Copyright © 2017 Forcepoint. All rights reserved. | 17 WHO ARE THE STAKEHOLDERS FOR AN INSIDER THREAT PROGRAM? Security IT Legal/HR Other Stakeholders
Copyright © 2017 Forcepoint. All rights reserved. | 18 DAY-IN-THE-LIFE: WHAT TO LOOK OUT FOR Accidental/Compromised • Poor training • Poor controls • General laziness/ignorance Malicious • Sabotage • Theft • Precursor behavior – downward trend • Leaving the company • Anger/sadness Human Intelligence Triage POI Monitoring Tech Alert Triage Investigations
Copyright © 2017 Forcepoint. All rights reserved. | 19Copyright © 2017 Forcepoint. All rights reserved. | 19 The Forcepoint Approach
Copyright © 2017 Forcepoint. All rights reserved. | 20 Where critical data and IP are most valuable – and most vulnerable PROTECTING THE HUMAN POINT
Copyright © 2017 Forcepoint. All rights reserved. | 21 + FORCEPOINT INSIDER THREAT FORCEPOINT DLP USERS CRITICAL DATA User Activity Data Movement+ Risk Adaptive Protection
Copyright © 2017 Forcepoint. All rights reserved. | 22 Forcepoint Insider Threat
Copyright © 2017 Forcepoint. All rights reserved. | 23
Copyright © 2017 Forcepoint. All rights reserved. | 24
Copyright © 2017 Forcepoint. All rights reserved. | 25
Copyright © 2017 Forcepoint. All rights reserved. | 26
Copyright © 2017 Forcepoint. All rights reserved. | 27
Copyright © 2017 Forcepoint. All rights reserved. | 28
Copyright © 2017 Forcepoint. All rights reserved. | 29
Copyright © 2017 Forcepoint. All rights reserved. | 30
Copyright © 2017 Forcepoint. All rights reserved. | 31
Copyright © 2017 Forcepoint. All rights reserved. | 32
Copyright © 2017 Forcepoint. All rights reserved. | 33
Copyright © 2017 Forcepoint. All rights reserved. | 34
Copyright © 2017 Forcepoint. All rights reserved. | 35
Copyright © 2017 Forcepoint. All rights reserved. | 36
Copyright © 2017 Forcepoint. All rights reserved. | 37
Copyright © 2017 Forcepoint. All rights reserved. | 38 MARKET-LEADING FORCEPOINT INSIDER THREAT  Proven effective, scalable & stable  Trusted  Supported  Every challenge met RetailManufacturingEnergy Financial Government Government & Fortune 500 customers Developed by information protection experts Designed from the ground up as an insider threat solution Over 1 Million endpoints protected
Copyright © 2017 Forcepoint. All rights reserved. | 39 FRAUD SABOTAGE WORKPLACE VIOLENCE HARASSMENT PRIVILEGED ACCESS DATA EXFILTRATION PROCESS & CHANGE MANAGEMENT INVESTIGATIONS
Copyright © 2017 Forcepoint. All rights reserved. | 40 Forcepoint DLP
Copyright © 2017 Forcepoint. All rights reserved. | 41 DLP INNOVATION LEADER 2003 2010 2015 Data Fingerprints Pre-defined IP and Compliance Policies Endpoint fingerprints OCR and Cumulative (DRIP) DLP Mac OS X DLP endpoint SureView® Insider Threat Insider Threat DLP Detection Security Analytics
Copyright © 2017 Forcepoint. All rights reserved. | 42 SECURITY ANALYTICS – INCIDENT RISK RANKING
Copyright © 2017 Forcepoint. All rights reserved. | 43 No bullet single column slide
Copyright © 2017 Forcepoint. All rights reserved. | 44 FORCEPOINT DATA AND INSIDER THREAT • DLP identifies risky data behaviors and then users needing investigation • Insider Threat identifies risky users and then data protection controls needed DLP Stop data from leaving INSIDER THREAT Context into the users’ behavior+
Copyright © 2017 Forcepoint. All rights reserved. | 45 CONCLUSION • Technologies change. People are the constant • People, processes, AND technology are essential to building an insider threat program • Take a top-down approach • Get other departments involved early (HR, Legal, others as necessary) • Data security and user privacy balance • Use forensic tools
Copyright © 2017 Forcepoint. All rights reserved. | 46 Thank you! Bob Slocum rslocum@forcepoint.com Brandon Swafford brandon.Swafford@forcepoint.com forcepoint.com 800-723-1166

Recommended

Cloudy with a Chance of...Visibility, Accountability & Security
Cloudy with a Chance of...Visibility, Accountability & SecurityCloudy with a Chance of...Visibility, Accountability & Security
Cloudy with a Chance of...Visibility, Accountability & SecurityForcepoint LLC
 
Maintaining Visibility and Control as Workers and Apps Scatter
Maintaining Visibility and Control as Workers and Apps ScatterMaintaining Visibility and Control as Workers and Apps Scatter
Maintaining Visibility and Control as Workers and Apps ScatterForcepoint LLC
 
Addressing Future Risks and Legal Challenges of Insider Threats
Addressing Future Risks and Legal Challenges of Insider ThreatsAddressing Future Risks and Legal Challenges of Insider Threats
Addressing Future Risks and Legal Challenges of Insider ThreatsForcepoint LLC
 
Security Insights for Mission-Critical Networks
Security Insights for Mission-Critical NetworksSecurity Insights for Mission-Critical Networks
Security Insights for Mission-Critical NetworksForcepoint LLC
 
SEB Forcepoint Corporate Overview
SEB Forcepoint Corporate OverviewSEB Forcepoint Corporate Overview
SEB Forcepoint Corporate OverviewStephen Bates
 
Embracing the Millennial Tsunami
Embracing the Millennial TsunamiEmbracing the Millennial Tsunami
Embracing the Millennial TsunamiForcepoint LLC
 
Combatting Insider Threats Presentation
Combatting Insider Threats PresentationCombatting Insider Threats Presentation
Combatting Insider Threats PresentationSara Thomason
 
Forcepoint: Technická opatření pro ochranu osobních údajů (a citlivých dat) z...
Forcepoint: Technická opatření pro ochranu osobních údajů (a citlivých dat) z...Forcepoint: Technická opatření pro ochranu osobních údajů (a citlivých dat) z...
Forcepoint: Technická opatření pro ochranu osobních údajů (a citlivých dat) z...MarketingArrowECS_CZ
 

Recommended

Cloudy with a Chance of...Visibility, Accountability & Security
Cloudy with a Chance of...Visibility, Accountability & SecurityCloudy with a Chance of...Visibility, Accountability & Security
Cloudy with a Chance of...Visibility, Accountability & SecurityForcepoint LLC
 
Maintaining Visibility and Control as Workers and Apps Scatter
Maintaining Visibility and Control as Workers and Apps ScatterMaintaining Visibility and Control as Workers and Apps Scatter
Maintaining Visibility and Control as Workers and Apps ScatterForcepoint LLC
 
Addressing Future Risks and Legal Challenges of Insider Threats
Addressing Future Risks and Legal Challenges of Insider ThreatsAddressing Future Risks and Legal Challenges of Insider Threats
Addressing Future Risks and Legal Challenges of Insider ThreatsForcepoint LLC
 
Security Insights for Mission-Critical Networks
Security Insights for Mission-Critical NetworksSecurity Insights for Mission-Critical Networks
Security Insights for Mission-Critical NetworksForcepoint LLC
 
SEB Forcepoint Corporate Overview
SEB Forcepoint Corporate OverviewSEB Forcepoint Corporate Overview
SEB Forcepoint Corporate OverviewStephen Bates
 
Embracing the Millennial Tsunami
Embracing the Millennial TsunamiEmbracing the Millennial Tsunami
Embracing the Millennial TsunamiForcepoint LLC
 
Combatting Insider Threats Presentation
Combatting Insider Threats PresentationCombatting Insider Threats Presentation
Combatting Insider Threats PresentationSara Thomason
 
Forcepoint: Technická opatření pro ochranu osobních údajů (a citlivých dat) z...
Forcepoint: Technická opatření pro ochranu osobních údajů (a citlivých dat) z...Forcepoint: Technická opatření pro ochranu osobních údajů (a citlivých dat) z...
Forcepoint: Technická opatření pro ochranu osobních údajů (a citlivých dat) z...MarketingArrowECS_CZ
 
Debunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityDebunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityCentrify Corporation
 
Cisco Connect 2018 Malaysia - Cisco incident response services-strengthen you...
Cisco Connect 2018 Malaysia - Cisco incident response services-strengthen you...Cisco Connect 2018 Malaysia - Cisco incident response services-strengthen you...
Cisco Connect 2018 Malaysia - Cisco incident response services-strengthen you...NetworkCollaborators
 
Darren Rawlinson - Dealing with Cyber Threats in an Enterprise Mobile World
Darren Rawlinson - Dealing with Cyber Threats in an Enterprise Mobile WorldDarren Rawlinson - Dealing with Cyber Threats in an Enterprise Mobile World
Darren Rawlinson - Dealing with Cyber Threats in an Enterprise Mobile WorldPro Mrkt
 
GDPR aneb jak umí Veritas pomoci být v souladu s tímto nařízením
GDPR aneb jak umí Veritas pomoci být v souladu s tímto nařízenímGDPR aneb jak umí Veritas pomoci být v souladu s tímto nařízením
GDPR aneb jak umí Veritas pomoci být v souladu s tímto nařízenímMarketingArrowECS_CZ
 
Strengthen Cloud Security
Strengthen Cloud SecurityStrengthen Cloud Security
Strengthen Cloud SecurityLora O'Haver
 
David Tweedale - The Evolving Threat Landscape #midscybersecurity18
David Tweedale - The Evolving Threat Landscape #midscybersecurity18David Tweedale - The Evolving Threat Landscape #midscybersecurity18
David Tweedale - The Evolving Threat Landscape #midscybersecurity18Pro Mrkt
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgEric Vanderburg
 
Adam Maskatiya - Redefining Security in an Era of Digital Transformation #mid...
Adam Maskatiya - Redefining Security in an Era of Digital Transformation #mid...Adam Maskatiya - Redefining Security in an Era of Digital Transformation #mid...
Adam Maskatiya - Redefining Security in an Era of Digital Transformation #mid...Pro Mrkt
 
Forcepoint SD-WAN and NGFW + IPS
Forcepoint SD-WAN and NGFW + IPSForcepoint SD-WAN and NGFW + IPS
Forcepoint SD-WAN and NGFW + IPSLarry Austin
 
GDPR is Here. Now What?
GDPR is Here. Now What?GDPR is Here. Now What?
GDPR is Here. Now What?Forcepoint LLC
 
Windstream Managed Network Security Infographic
Windstream Managed Network Security InfographicWindstream Managed Network Security Infographic
Windstream Managed Network Security InfographicIdeba
 
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...centralohioissa
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec
 
Windstream Managed Network Security Ebook
Windstream Managed Network Security EbookWindstream Managed Network Security Ebook
Windstream Managed Network Security EbookIdeba
 
GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumEric Vanderburg
 
Tripwire University: Cyberwar Boot Camp – Introduction and Overview
Tripwire University: Cyberwar Boot Camp – Introduction and OverviewTripwire University: Cyberwar Boot Camp – Introduction and Overview
Tripwire University: Cyberwar Boot Camp – Introduction and OverviewTripwire
 
Alex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile World
Alex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile WorldAlex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile World
Alex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile WorldPro Mrkt
 
Protecting What Matters Most – Data
Protecting What Matters Most – DataProtecting What Matters Most – Data
Protecting What Matters Most – DataFujitsu Middle East
 
Forcepoint Advanced Malware Detection
Forcepoint Advanced Malware DetectionForcepoint Advanced Malware Detection
Forcepoint Advanced Malware DetectionForcepoint LLC
 
What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017Doug Copley
 
Forcepoint - Analýza chování uživatelů
Forcepoint - Analýza chování uživatelůForcepoint - Analýza chování uživatelů
Forcepoint - Analýza chování uživatelůMarketingArrowECS_CZ
 

More Related Content

What's hot

Debunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityDebunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityCentrify Corporation
 
Cisco Connect 2018 Malaysia - Cisco incident response services-strengthen you...
Cisco Connect 2018 Malaysia - Cisco incident response services-strengthen you...Cisco Connect 2018 Malaysia - Cisco incident response services-strengthen you...
Cisco Connect 2018 Malaysia - Cisco incident response services-strengthen you...NetworkCollaborators
 
Darren Rawlinson - Dealing with Cyber Threats in an Enterprise Mobile World
Darren Rawlinson - Dealing with Cyber Threats in an Enterprise Mobile WorldDarren Rawlinson - Dealing with Cyber Threats in an Enterprise Mobile World
Darren Rawlinson - Dealing with Cyber Threats in an Enterprise Mobile WorldPro Mrkt
 
GDPR aneb jak umí Veritas pomoci být v souladu s tímto nařízením
GDPR aneb jak umí Veritas pomoci být v souladu s tímto nařízenímGDPR aneb jak umí Veritas pomoci být v souladu s tímto nařízením
GDPR aneb jak umí Veritas pomoci být v souladu s tímto nařízenímMarketingArrowECS_CZ
 
Strengthen Cloud Security
Strengthen Cloud SecurityStrengthen Cloud Security
Strengthen Cloud SecurityLora O'Haver
 
David Tweedale - The Evolving Threat Landscape #midscybersecurity18
David Tweedale - The Evolving Threat Landscape #midscybersecurity18David Tweedale - The Evolving Threat Landscape #midscybersecurity18
David Tweedale - The Evolving Threat Landscape #midscybersecurity18Pro Mrkt
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgEric Vanderburg
 
Adam Maskatiya - Redefining Security in an Era of Digital Transformation #mid...
Adam Maskatiya - Redefining Security in an Era of Digital Transformation #mid...Adam Maskatiya - Redefining Security in an Era of Digital Transformation #mid...
Adam Maskatiya - Redefining Security in an Era of Digital Transformation #mid...Pro Mrkt
 
Forcepoint SD-WAN and NGFW + IPS
Forcepoint SD-WAN and NGFW + IPSForcepoint SD-WAN and NGFW + IPS
Forcepoint SD-WAN and NGFW + IPSLarry Austin
 
GDPR is Here. Now What?
GDPR is Here. Now What?GDPR is Here. Now What?
GDPR is Here. Now What?Forcepoint LLC
 
Windstream Managed Network Security Infographic
Windstream Managed Network Security InfographicWindstream Managed Network Security Infographic
Windstream Managed Network Security InfographicIdeba
 
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...centralohioissa
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec
 
Windstream Managed Network Security Ebook
Windstream Managed Network Security EbookWindstream Managed Network Security Ebook
Windstream Managed Network Security EbookIdeba
 
GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumEric Vanderburg
 
Tripwire University: Cyberwar Boot Camp – Introduction and Overview
Tripwire University: Cyberwar Boot Camp – Introduction and OverviewTripwire University: Cyberwar Boot Camp – Introduction and Overview
Tripwire University: Cyberwar Boot Camp – Introduction and OverviewTripwire
 
Alex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile World
Alex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile WorldAlex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile World
Alex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile WorldPro Mrkt
 
Protecting What Matters Most – Data
Protecting What Matters Most – DataProtecting What Matters Most – Data
Protecting What Matters Most – DataFujitsu Middle East
 
Forcepoint Advanced Malware Detection
Forcepoint Advanced Malware DetectionForcepoint Advanced Malware Detection
Forcepoint Advanced Malware DetectionForcepoint LLC
 

What's hot (20)

Debunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityDebunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust Security
 
Cisco Connect 2018 Malaysia - Cisco incident response services-strengthen you...
Cisco Connect 2018 Malaysia - Cisco incident response services-strengthen you...Cisco Connect 2018 Malaysia - Cisco incident response services-strengthen you...
Cisco Connect 2018 Malaysia - Cisco incident response services-strengthen you...
 
Darren Rawlinson - Dealing with Cyber Threats in an Enterprise Mobile World
Darren Rawlinson - Dealing with Cyber Threats in an Enterprise Mobile WorldDarren Rawlinson - Dealing with Cyber Threats in an Enterprise Mobile World
Darren Rawlinson - Dealing with Cyber Threats in an Enterprise Mobile World
 
GDPR aneb jak umí Veritas pomoci být v souladu s tímto nařízením
GDPR aneb jak umí Veritas pomoci být v souladu s tímto nařízenímGDPR aneb jak umí Veritas pomoci být v souladu s tímto nařízením
GDPR aneb jak umí Veritas pomoci být v souladu s tímto nařízením
 
Strengthen Cloud Security
Strengthen Cloud SecurityStrengthen Cloud Security
Strengthen Cloud Security
 
David Tweedale - The Evolving Threat Landscape #midscybersecurity18
David Tweedale - The Evolving Threat Landscape #midscybersecurity18David Tweedale - The Evolving Threat Landscape #midscybersecurity18
David Tweedale - The Evolving Threat Landscape #midscybersecurity18
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
 
Adam Maskatiya - Redefining Security in an Era of Digital Transformation #mid...
Adam Maskatiya - Redefining Security in an Era of Digital Transformation #mid...Adam Maskatiya - Redefining Security in an Era of Digital Transformation #mid...
Adam Maskatiya - Redefining Security in an Era of Digital Transformation #mid...
 
Forcepoint SD-WAN and NGFW + IPS
Forcepoint SD-WAN and NGFW + IPSForcepoint SD-WAN and NGFW + IPS
Forcepoint SD-WAN and NGFW + IPS
 
GDPR is Here. Now What?
GDPR is Here. Now What?GDPR is Here. Now What?
GDPR is Here. Now What?
 
Windstream Managed Network Security Infographic
Windstream Managed Network Security InfographicWindstream Managed Network Security Infographic
Windstream Managed Network Security Infographic
 
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
 
Windstream Managed Network Security Ebook
Windstream Managed Network Security EbookWindstream Managed Network Security Ebook
Windstream Managed Network Security Ebook
 
GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
 
Tripwire University: Cyberwar Boot Camp – Introduction and Overview
Tripwire University: Cyberwar Boot Camp – Introduction and OverviewTripwire University: Cyberwar Boot Camp – Introduction and Overview
Tripwire University: Cyberwar Boot Camp – Introduction and Overview
 
Alex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile World
Alex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile WorldAlex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile World
Alex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile World
 
Protecting What Matters Most – Data
Protecting What Matters Most – DataProtecting What Matters Most – Data
Protecting What Matters Most – Data
 
Forcepoint Advanced Malware Detection
Forcepoint Advanced Malware DetectionForcepoint Advanced Malware Detection
Forcepoint Advanced Malware Detection
 

Similar to An Inside-Out Approach to Security in Financial Services

What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017Doug Copley
 
Forcepoint - Analýza chování uživatelů
Forcepoint - Analýza chování uživatelůForcepoint - Analýza chování uživatelů
Forcepoint - Analýza chování uživatelůMarketingArrowECS_CZ
 
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Puneet Kukreja
 
Information Security vs IT - Key Roles & Responsibilities
Information Security vs IT - Key Roles & ResponsibilitiesInformation Security vs IT - Key Roles & Responsibilities
Information Security vs IT - Key Roles & ResponsibilitiesKroll
 
Symantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec
 
Using Digital Threat Intelligence Management (DTIM) to Combat Threats
Using Digital Threat Intelligence Management (DTIM) to Combat ThreatsUsing Digital Threat Intelligence Management (DTIM) to Combat Threats
Using Digital Threat Intelligence Management (DTIM) to Combat ThreatsEnterprise Management Associates
 
Splunk Financial Services Forum Boston June, 2017
Splunk Financial Services Forum Boston June, 2017Splunk Financial Services Forum Boston June, 2017
Splunk Financial Services Forum Boston June, 2017Splunk
 
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...SolarWinds
 
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...Enterprise Management Associates
 
Webinar - Bitglass and CyberEdge - Hidden Security Threats
Webinar - Bitglass and CyberEdge - Hidden Security ThreatsWebinar - Bitglass and CyberEdge - Hidden Security Threats
Webinar - Bitglass and CyberEdge - Hidden Security ThreatsBitglass
 
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...Core Security
 
IT Sales Opportunities at the VA - Everything you Need to Know but Were Afrai...
IT Sales Opportunities at the VA - Everything you Need to Know but Were Afrai...IT Sales Opportunities at the VA - Everything you Need to Know but Were Afrai...
IT Sales Opportunities at the VA - Everything you Need to Know but Were Afrai...immixGroup
 
Reducing Attack Surface in Budget Constrained Environments
Reducing Attack Surface in Budget Constrained EnvironmentsReducing Attack Surface in Budget Constrained Environments
Reducing Attack Surface in Budget Constrained EnvironmentsDenim Group
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Eric Vanderburg
 
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT1
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT1Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT1
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT1Splunk
 
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...Enterprise Management Associates
 
The 2018 Threatscape
The 2018 ThreatscapeThe 2018 Threatscape
The 2018 ThreatscapePeter Wood
 
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec
 
Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...
Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...
Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...NetworkCollaborators
 
Velocity and Volatility: Culture and Strategy in the Digital Age
Velocity and Volatility: Culture and Strategy in the Digital AgeVelocity and Volatility: Culture and Strategy in the Digital Age
Velocity and Volatility: Culture and Strategy in the Digital AgeEthan Pack
 

Similar to An Inside-Out Approach to Security in Financial Services (20)

What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017
 
Forcepoint - Analýza chování uživatelů
Forcepoint - Analýza chování uživatelůForcepoint - Analýza chování uživatelů
Forcepoint - Analýza chování uživatelů
 
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
 
Information Security vs IT - Key Roles & Responsibilities
Information Security vs IT - Key Roles & ResponsibilitiesInformation Security vs IT - Key Roles & Responsibilities
Information Security vs IT - Key Roles & Responsibilities
 
Symantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
 
Using Digital Threat Intelligence Management (DTIM) to Combat Threats
Using Digital Threat Intelligence Management (DTIM) to Combat ThreatsUsing Digital Threat Intelligence Management (DTIM) to Combat Threats
Using Digital Threat Intelligence Management (DTIM) to Combat Threats
 
Splunk Financial Services Forum Boston June, 2017
Splunk Financial Services Forum Boston June, 2017Splunk Financial Services Forum Boston June, 2017
Splunk Financial Services Forum Boston June, 2017
 
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
 
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
 
Webinar - Bitglass and CyberEdge - Hidden Security Threats
Webinar - Bitglass and CyberEdge - Hidden Security ThreatsWebinar - Bitglass and CyberEdge - Hidden Security Threats
Webinar - Bitglass and CyberEdge - Hidden Security Threats
 
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
 
IT Sales Opportunities at the VA - Everything you Need to Know but Were Afrai...
IT Sales Opportunities at the VA - Everything you Need to Know but Were Afrai...IT Sales Opportunities at the VA - Everything you Need to Know but Were Afrai...
IT Sales Opportunities at the VA - Everything you Need to Know but Were Afrai...
 
Reducing Attack Surface in Budget Constrained Environments
Reducing Attack Surface in Budget Constrained EnvironmentsReducing Attack Surface in Budget Constrained Environments
Reducing Attack Surface in Budget Constrained Environments
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
 
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT1
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT1Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT1
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT1
 
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
 
The 2018 Threatscape
The 2018 ThreatscapeThe 2018 Threatscape
The 2018 Threatscape
 
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
 
Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...
Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...
Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...
 
Velocity and Volatility: Culture and Strategy in the Digital Age
Velocity and Volatility: Culture and Strategy in the Digital AgeVelocity and Volatility: Culture and Strategy in the Digital Age
Velocity and Volatility: Culture and Strategy in the Digital Age
 

More from Forcepoint LLC

Rethinking the concept of trust (DoDIIS 2019 presentation)
Rethinking the concept of trust (DoDIIS 2019 presentation)Rethinking the concept of trust (DoDIIS 2019 presentation)
Rethinking the concept of trust (DoDIIS 2019 presentation)Forcepoint LLC
 
Sparking Curiosity to Change Security Behaviors
Sparking Curiosity to Change Security BehaviorsSparking Curiosity to Change Security Behaviors
Sparking Curiosity to Change Security BehaviorsForcepoint LLC
 
Understanding the "Intelligence" in AI
Understanding the "Intelligence" in AIUnderstanding the "Intelligence" in AI
Understanding the "Intelligence" in AIForcepoint LLC
 
Weary Warriors: Reducing the Impact of Wishful Thinking & Fatigue on Informat...
Weary Warriors: Reducing the Impact of Wishful Thinking & Fatigue on Informat...Weary Warriors: Reducing the Impact of Wishful Thinking & Fatigue on Informat...
Weary Warriors: Reducing the Impact of Wishful Thinking & Fatigue on Informat...Forcepoint LLC
 
AI and ML in Cybersecurity
AI and ML in CybersecurityAI and ML in Cybersecurity
AI and ML in CybersecurityForcepoint LLC
 
Using Language Modeling to Verify User Identities
Using Language Modeling to Verify User IdentitiesUsing Language Modeling to Verify User Identities
Using Language Modeling to Verify User IdentitiesForcepoint LLC
 
Driving the successful adoption of Microsoft Office 365
Driving the successful adoption of Microsoft Office 365Driving the successful adoption of Microsoft Office 365
Driving the successful adoption of Microsoft Office 365Forcepoint LLC
 
Securing Beyond the Cloud Generation
Securing Beyond the Cloud GenerationSecuring Beyond the Cloud Generation
Securing Beyond the Cloud GenerationForcepoint LLC
 
Top 5 Information Security Lessons Learned from Transitioning to the Cloud
Top 5 Information Security Lessons Learned from Transitioning to the CloudTop 5 Information Security Lessons Learned from Transitioning to the Cloud
Top 5 Information Security Lessons Learned from Transitioning to the CloudForcepoint LLC
 
CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applicationsForcepoint LLC
 
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...Forcepoint LLC
 
A Predictive “Precrime” Approach Requires a Human Focus
A Predictive “Precrime” Approach Requires a Human FocusA Predictive “Precrime” Approach Requires a Human Focus
A Predictive “Precrime” Approach Requires a Human FocusForcepoint LLC
 
Cyber Convergence, Warfare and You
Cyber Convergence, Warfare and YouCyber Convergence, Warfare and You
Cyber Convergence, Warfare and YouForcepoint LLC
 
Securing the Global Mission: Enabling Effective Information Sharing (DoD MPE-IS)
Securing the Global Mission: Enabling Effective Information Sharing (DoD MPE-IS)Securing the Global Mission: Enabling Effective Information Sharing (DoD MPE-IS)
Securing the Global Mission: Enabling Effective Information Sharing (DoD MPE-IS)Forcepoint LLC
 
Revolutionary, Not Evolutionary
Revolutionary, Not EvolutionaryRevolutionary, Not Evolutionary
Revolutionary, Not EvolutionaryForcepoint LLC
 
Cybersecurity and the Human Psyche
Cybersecurity and the Human PsycheCybersecurity and the Human Psyche
Cybersecurity and the Human PsycheForcepoint LLC
 

More from Forcepoint LLC (18)

Rethinking the concept of trust (DoDIIS 2019 presentation)
Rethinking the concept of trust (DoDIIS 2019 presentation)Rethinking the concept of trust (DoDIIS 2019 presentation)
Rethinking the concept of trust (DoDIIS 2019 presentation)
 
Sparking Curiosity to Change Security Behaviors
Sparking Curiosity to Change Security BehaviorsSparking Curiosity to Change Security Behaviors
Sparking Curiosity to Change Security Behaviors
 
Understanding the "Intelligence" in AI
Understanding the "Intelligence" in AIUnderstanding the "Intelligence" in AI
Understanding the "Intelligence" in AI
 
Weary Warriors: Reducing the Impact of Wishful Thinking & Fatigue on Informat...
Weary Warriors: Reducing the Impact of Wishful Thinking & Fatigue on Informat...Weary Warriors: Reducing the Impact of Wishful Thinking & Fatigue on Informat...
Weary Warriors: Reducing the Impact of Wishful Thinking & Fatigue on Informat...
 
AI and ML in Cybersecurity
AI and ML in CybersecurityAI and ML in Cybersecurity
AI and ML in Cybersecurity
 
Using Language Modeling to Verify User Identities
Using Language Modeling to Verify User IdentitiesUsing Language Modeling to Verify User Identities
Using Language Modeling to Verify User Identities
 
Driving the successful adoption of Microsoft Office 365
Driving the successful adoption of Microsoft Office 365Driving the successful adoption of Microsoft Office 365
Driving the successful adoption of Microsoft Office 365
 
Securing Beyond the Cloud Generation
Securing Beyond the Cloud GenerationSecuring Beyond the Cloud Generation
Securing Beyond the Cloud Generation
 
Top 5 Information Security Lessons Learned from Transitioning to the Cloud
Top 5 Information Security Lessons Learned from Transitioning to the CloudTop 5 Information Security Lessons Learned from Transitioning to the Cloud
Top 5 Information Security Lessons Learned from Transitioning to the Cloud
 
CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applications
 
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
 
A Predictive “Precrime” Approach Requires a Human Focus
A Predictive “Precrime” Approach Requires a Human FocusA Predictive “Precrime” Approach Requires a Human Focus
A Predictive “Precrime” Approach Requires a Human Focus
 
Cyber Convergence, Warfare and You
Cyber Convergence, Warfare and YouCyber Convergence, Warfare and You
Cyber Convergence, Warfare and You
 
Securing the Global Mission: Enabling Effective Information Sharing (DoD MPE-IS)
Securing the Global Mission: Enabling Effective Information Sharing (DoD MPE-IS)Securing the Global Mission: Enabling Effective Information Sharing (DoD MPE-IS)
Securing the Global Mission: Enabling Effective Information Sharing (DoD MPE-IS)
 
Shift the Burden
Shift the BurdenShift the Burden
Shift the Burden
 
Revolutionary, Not Evolutionary
Revolutionary, Not EvolutionaryRevolutionary, Not Evolutionary
Revolutionary, Not Evolutionary
 
Cybersecurity and the Human Psyche
Cybersecurity and the Human PsycheCybersecurity and the Human Psyche
Cybersecurity and the Human Psyche
 
The Human Point
The Human PointThe Human Point
The Human Point
 

Recently uploaded

SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfjimielynbastida
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 

Recently uploaded (20)

SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 

An Inside-Out Approach to Security in Financial Services

  • 1. Copyright © 2017 Forcepoint. All rights reserved. An Inside-Out Approach to Security in Financial Services Brandon Swafford Bob Slocum
  • 2. Copyright © 2017 Forcepoint. All rights reserved. | 2 PANELISTS Brandon Swafford Chief Technology Officer, Data & Insider Threat Forcepoint Bob Slocum Director, Data & Insider Threat Strategy Forcepoint
  • 3. Copyright © 2017 Forcepoint. All rights reserved. | 3 AGENDA • Key challenges in Financial Services • Requirements for Building an Insider Threat Program • The Forcepoint Approach
  • 4. Copyright © 2017 Forcepoint. All rights reserved. | 4 Key Challenges in Financial Services
  • 5. Copyright © 2017 Forcepoint. All rights reserved. | 5 KEY CHALLENGES IN FINANCIAL SERVICES REGULATORY & INDUSTRY COMPLIANCE CYBER CRIME CONSTANT BARRAGE OF ATTACKS BUSINESS TRANSFORMATION FREQUENT M&A
  • 6. Copyright © 2017 Forcepoint. All rights reserved. | 6 TECHNOLOGY-CENTRIC APPROACH: IS IT WORKING? Up 5% to 81B in spending that failed to protect Enterprise data / IP Security Spend $81B 45 of Fortune 500 rank their Insider Threat program as effective Companies 45 9%5%
  • 7.
  • 8.
  • 9.
  • 10. FRAUD SABOTAGE WORKPLACE VIOLENCE HARASSMENT PRIVILEGED ACCESS DATA EXFILTRATION PROCESS & CHANGE MANAGEMENT INVESTIGATIONS
  • 11.
  • 12. Fined $1M when a departing EMPLOYEE stole data on 730,000 client accounts Over 10,000 records outside company control as EMPLOYEES leave or retire with data on personal devices Vendor EMPLOYEE has credentials stolen, exposing 56M credit cards ACCIDENTAL INSIDER MALICIOUS INSIDER COMPROMISED INSIDER 22% 10%68%
  • 13.
  • 14. Copyright © 2017 Forcepoint. All rights reserved. | 14 Requirements for Building an Insider Threat Program
  • 15. Copyright © 2017 Forcepoint. All rights reserved. | 15 REQUIREMENTS FOR BUILDING AN INSIDER THREAT PROGRAM DETECT which individuals are behaving in ways that pose the greatest potential risk RAPIDLY and thoroughly understand that user’s potentially risky behavior and the context around it
  • 16. Copyright © 2017 Forcepoint. All rights reserved. | 16 WHAT DOES AN INSIDER THREAT PROGRAM LOOK LIKE? PEOPLE • Identify problem • Build Legal/HR coalition • Information Security policy & strategy review TECHNOLOGY • Define requirements for observation • Collect Data PROCESS • Learn normal behaviour • Identifier outliers • Risk scoring – threat vs. asset PEOPLE • Offer education • Share metrics by dept. & enlist volunteers • Enforcement • Set actions on objective for tactical wins • Manage risk TECHNOLOGY
  • 17. Copyright © 2017 Forcepoint. All rights reserved. | 17 WHO ARE THE STAKEHOLDERS FOR AN INSIDER THREAT PROGRAM? Security IT Legal/HR Other Stakeholders
  • 18. Copyright © 2017 Forcepoint. All rights reserved. | 18 DAY-IN-THE-LIFE: WHAT TO LOOK OUT FOR Accidental/Compromised • Poor training • Poor controls • General laziness/ignorance Malicious • Sabotage • Theft • Precursor behavior – downward trend • Leaving the company • Anger/sadness Human Intelligence Triage POI Monitoring Tech Alert Triage Investigations
  • 19. Copyright © 2017 Forcepoint. All rights reserved. | 19Copyright © 2017 Forcepoint. All rights reserved. | 19 The Forcepoint Approach
  • 20. Copyright © 2017 Forcepoint. All rights reserved. | 20 Where critical data and IP are most valuable – and most vulnerable PROTECTING THE HUMAN POINT
  • 21. Copyright © 2017 Forcepoint. All rights reserved. | 21 + FORCEPOINT INSIDER THREAT FORCEPOINT DLP USERS CRITICAL DATA User Activity Data Movement+ Risk Adaptive Protection
  • 22. Copyright © 2017 Forcepoint. All rights reserved. | 22 Forcepoint Insider Threat
  • 23. Copyright © 2017 Forcepoint. All rights reserved. | 23
  • 24. Copyright © 2017 Forcepoint. All rights reserved. | 24
  • 25. Copyright © 2017 Forcepoint. All rights reserved. | 25
  • 26. Copyright © 2017 Forcepoint. All rights reserved. | 26
  • 27. Copyright © 2017 Forcepoint. All rights reserved. | 27
  • 28. Copyright © 2017 Forcepoint. All rights reserved. | 28
  • 29. Copyright © 2017 Forcepoint. All rights reserved. | 29
  • 30. Copyright © 2017 Forcepoint. All rights reserved. | 30
  • 31. Copyright © 2017 Forcepoint. All rights reserved. | 31
  • 32. Copyright © 2017 Forcepoint. All rights reserved. | 32
  • 33. Copyright © 2017 Forcepoint. All rights reserved. | 33
  • 34. Copyright © 2017 Forcepoint. All rights reserved. | 34
  • 35. Copyright © 2017 Forcepoint. All rights reserved. | 35
  • 36. Copyright © 2017 Forcepoint. All rights reserved. | 36
  • 37. Copyright © 2017 Forcepoint. All rights reserved. | 37
  • 38. Copyright © 2017 Forcepoint. All rights reserved. | 38 MARKET-LEADING FORCEPOINT INSIDER THREAT  Proven effective, scalable & stable  Trusted  Supported  Every challenge met RetailManufacturingEnergy Financial Government Government & Fortune 500 customers Developed by information protection experts Designed from the ground up as an insider threat solution Over 1 Million endpoints protected
  • 39. Copyright © 2017 Forcepoint. All rights reserved. | 39 FRAUD SABOTAGE WORKPLACE VIOLENCE HARASSMENT PRIVILEGED ACCESS DATA EXFILTRATION PROCESS & CHANGE MANAGEMENT INVESTIGATIONS
  • 40. Copyright © 2017 Forcepoint. All rights reserved. | 40 Forcepoint DLP
  • 41. Copyright © 2017 Forcepoint. All rights reserved. | 41 DLP INNOVATION LEADER 2003 2010 2015 Data Fingerprints Pre-defined IP and Compliance Policies Endpoint fingerprints OCR and Cumulative (DRIP) DLP Mac OS X DLP endpoint SureView® Insider Threat Insider Threat DLP Detection Security Analytics
  • 42. Copyright © 2017 Forcepoint. All rights reserved. | 42 SECURITY ANALYTICS – INCIDENT RISK RANKING
  • 43. Copyright © 2017 Forcepoint. All rights reserved. | 43 No bullet single column slide
  • 44. Copyright © 2017 Forcepoint. All rights reserved. | 44 FORCEPOINT DATA AND INSIDER THREAT • DLP identifies risky data behaviors and then users needing investigation • Insider Threat identifies risky users and then data protection controls needed DLP Stop data from leaving INSIDER THREAT Context into the users’ behavior+
  • 45. Copyright © 2017 Forcepoint. All rights reserved. | 45 CONCLUSION • Technologies change. People are the constant • People, processes, AND technology are essential to building an insider threat program • Take a top-down approach • Get other departments involved early (HR, Legal, others as necessary) • Data security and user privacy balance • Use forensic tools
  • 46. Copyright © 2017 Forcepoint. All rights reserved. | 46 Thank you! Bob Slocum rslocum@forcepoint.com Brandon Swafford brandon.Swafford@forcepoint.com forcepoint.com 800-723-1166

Editor's Notes

  1. D. - 5 MIN BEFORE START Hello and welcome to today’s webcast, An Inside-Out Approach to Security in Financial Services. The discussion will begin in 5 minutes. If you need assistance, please use the Ask a Question function in your window. We will begin shortly, thank you. 2 MINUTES BEFORE START Hello and welcome to today’s webcast, An Inside-Out Approach to Security in Financial Services. The discussion will begin in 2 minutes. If you need assistance, please use the Ask a Question function in your window. We will begin in 2 minutes, thank you! START Welcome everyone, and thank you for joining us for today’s webcast, An Inside-Out Approach to Security in Financial Services Before we get started, let’s cover a few quick logistical details. [CLICK]
  2. Brandon’s Bio Brandon Swafford is Chief Technology Officer for Data & Insider Threat at Forcepoint and has more than 12 years of experience in legal investigations and security. He has worked in hedge funds building security technology. Prior to that, he worked with the U.S Intelligence Community as a Cyber Counterintelligence consultant and analyst across several agencies residing in the classified space, working closely with the National Insider Threat Task Force and the National Counterintelligence Executive. While working with the Intelligence Community, Brandon also provided insider threat analysis and investigation consulting to the International Monetary Fund in Washington D.C. Welcome Brandon! Bob’s Bio Bob Slocum is the Director of Data & Insider Threat Strategy and has more than 18 years experience in the technology industry, specializing in data theft prevention and endpoint security. He has worked at companies including Barracuda Networks and Dell, where he helped to create and take to market Dell’s Connected Security and Enterprise Mobility Management solutions. Bob is a subject matter expert on data theft and data loss prevention strategies, lending his expertise to countless speaking engagements. Welcome Bob! My name is Diana Peña, and I’ll be your moderator today. Here’s what we’ll be covering in our discussion [CLICK]
  3. Transformation: User and Data more distributed: Cloud adoption & Rapid IT delivery - Leading to Shadow IT Compliance: Privacy laws – breach notification, higher penalties, Personal data ownership Infrastructure scope Cybercrime: Targeting users & their access to data Fraud Critical Infrastructure
  4. Technology alone does not equal business outcomes. You have invested in more tools resulting in more alerts and more security spend, but you are not seeing better security outcomes such as preventing the data breach from the compromised insider, stopping the malicious insider, or blocking the accidental data loss. At the same time, you need to allow your employees to do their jobs – “free the good”. Supporting data points: •      Number of technologies & vendors The average number of security tools used by medium-sized and large companies is 70, with the largest companies reporting 100 tools or more (The Research Board – a think tank owned by Gartner in 2015) IDC is tracking 2,200 individual security vendors in its revenue database Exhibitors at RSA conference grew from 361 in 2013 to 558 last year (55%, 1.5x) (RSA Conference Websites) •      Number of alerts Some large Gartner clients receive from 500,000 to one million alerts a day across multiple security monitoring systems, such as SIEM and DLP. (Gartner, Dec. 2016) •      Amount of security spend Worldwide spending on information security products and services will reach $81.6 billion in 2016, an increase of 7.9 percent over 2015 (Gartner, Aug. 2016) Worldwide [security] revenues will grow from $73.7 billion in 2016 to $101.6 billion in 2020.  That works out to a compound annual growth rate of 8.3%, which is more than twice the rate of spending in IT overall. (IDC, Oct. 2016)
  5. Let’s focus on the one constant in the noise: people. First, your company’s sensitive data and IP must always be protected. How does it get lost or stolen? It simply starts with people who may lose the data accidently, maliciously, or through compromise.
  6. Let’s focus on the one constant in the noise: people. First, your company’s sensitive data and IP must always be protected. How does it get lost or stolen? It simply starts with people who may lose the data accidently, maliciously, or through compromise.
  7. Accidental (FDIC, Snapchat, Heartland, IRS) FDIC CALLS ‘MAJOR’ DATA BREACHES ACCIDENTAL (http://www.nextgov.com/security/2016/05/fdic-calls-major-data-breaches-accidents/128280/) Heartland Payment Systems Suffers Data Breach (http://www.forbes.com/sites/davelewis/2015/05/31/heartland-payment-systems-suffers-data-breach/#53821e122985) IRS exposed 'tens of thousands' of Social Security numbers in online slip-up (http://www.nydailynews.com/news/politics/scandal-irs-exposed-tens-thousands-social-security-numbers-online-slip-up-article-1.1393129) Snapchat Employee Data Leaks Out (https://techcrunch.com/2016/02/29/snapchat-employee-data-leaks-out-following-phishing-attack/) Malicious (Morgan Stanley, DuPont, Children’s Medical Clinics of Texas) Morgan Stanley pays $1 million SEC fine over stolen customer data (http://www.reuters.com/article/us-morgan-stanley-sec-idUSKCN0YU27J) Former DuPont Chemist Sentenced to 14 Months in Prison for Stealing DuPont Trade Secrets (https://archives.fbi.gov/archives/baltimore/press-releases/2010/ba102110a.htm) Children’s Medical Clinics of East Texas Reports Data Breach of 16K Pediatric Patient Records (http://www.healthcare-informatics.com/news-item/children-s-medical-clinics-east-texas-reports-data-breach-16k-children) Compromised (Home Depot, Target, Anthem, Premera Blue Cross) Target Breach (https://krebsonsecurity.com/2014/02/target-hackers-broke-in-via-hvac-company/) Anthem: How does a breach like this happen? 5 technical users compromised (http://www.csoonline.com/article/2881532/business-continuity/anthem-how-does-a-breach-like-this-happen.html) Premera Blue Cross Breach Exposes Financial, Medical Records - trick Wellpoint employees into downloading malicious software with pernnera.com site (https://krebsonsecurity.com/2015/03/premera-blue-cross-breach-exposes-financial-medical-records/)
  8. Here are just a few examples of how people are at the center of data / IP breaches. Accidental (FDIC, Snapchat, Heartland, IRS) FDIC CALLS ‘MAJOR’ DATA BREACHES ACCIDENTAL (http://www.nextgov.com/security/2016/05/fdic-calls-major-data-breaches-accidents/128280/) Heartland Payment Systems Suffers Data Breach (http://www.forbes.com/sites/davelewis/2015/05/31/heartland-payment-systems-suffers-data-breach/#53821e122985) IRS exposed 'tens of thousands' of Social Security numbers in online slip-up (http://www.nydailynews.com/news/politics/scandal-irs-exposed-tens-thousands-social-security-numbers-online-slip-up-article-1.1393129) Snapchat Employee Data Leaks Out (https://techcrunch.com/2016/02/29/snapchat-employee-data-leaks-out-following-phishing-attack/) Malicious (Morgan Stanley, DuPont, Children’s Medical Clinics of Texas) Morgan Stanley pays $1 million SEC fine over stolen customer data (http://www.reuters.com/article/us-morgan-stanley-sec-idUSKCN0YU27J) Former DuPont Chemist Sentenced to 14 Months in Prison for Stealing DuPont Trade Secrets (https://archives.fbi.gov/archives/baltimore/press-releases/2010/ba102110a.htm) Children’s Medical Clinics of East Texas Reports Data Breach of 16K Pediatric Patient Records (http://www.healthcare-informatics.com/news-item/children-s-medical-clinics-east-texas-reports-data-breach-16k-children) Compromised (Home Depot, Target, Anthem, Premera Blue Cross) Target Breach (https://krebsonsecurity.com/2014/02/target-hackers-broke-in-via-hvac-company/) Anthem: How does a breach like this happen? 5 technical users compromised (http://www.csoonline.com/article/2881532/business-continuity/anthem-how-does-a-breach-like-this-happen.html) Premera Blue Cross Breach Exposes Financial, Medical Records - trick Wellpoint employees into downloading malicious software with pernnera.com site (https://krebsonsecurity.com/2015/03/premera-blue-cross-breach-exposes-financial-medical-records/)
  9. The challenge is getting exponentially worse. Users are everywhere. Sensitive data can be anywhere. Behaviors can range from legitimate to not. Supporting data points:
  10. Understanding the human point is an entirely new security paradigm. No company today is able to get to the heart of the matter – understanding the intent behind an employee’s actions. This is essential for security that stops bad cyber behaviors – the malicious examples we’ve already discussed. And this is even more essential for delivering security that allows good employee behaviors – security that helps business run more efficiently.
  11. Surrounding all of this is GRC, patching regime etc.. (Better Prep) Where are Users? – What Are their Behaviours? Suppliers, customers, remote, hotel, home, airport.. Happy, tired etc. Where is the data?
  12. Drive this point home: Product built from the ground up as an insider threat product, not re-marketing an existing product to chase after the red hot insider threat market SureView Insider Threat was designed as an insider threat tool, starting back in 2001 built by people who’s job is security it is not something that, like many solutions, has been repackaged and marketed to meet the latest trend. Whether the incident is accidental or deliberate, or somewhere in between, SureView Insider Threat gives you complete visibility and quickly identifies the riskiest users in your organization, all while preserving employee privacy guidelines. Secures some of the most critical networks from internal leaks, compromise, and malicious attacks Protects Fortune 100/500 banking, technology, manufacturing and other critical commercial infrastructure companies. 1 million endpoints protected Proven Scalable Stable Trusted
  13. Let’s focus on the one constant in the noise: people. First, your company’s sensitive data and IP must always be protected. How does it get lost or stolen? It simply starts with people who may lose the data accidently, maliciously, or through compromise.