6. • 83M records taken from JPMorgan in
2014.
• Included 76M individuals, 7M businesses.
• Suspected Russian hackers.
• Data used for phishing scams.
7. • Phishing tricks people for info or
malware.
• Cybercriminals use email, social
media.
• Hackers found JPMorgan security gaps.
• Used malware, escalated privileges.
• Accessed lots of customer data.
9. • Advance Perimeter Security
• Secure Access and Authentication
• Security Awareness and Training
• Continuous Monitoring and
Improvement
• Collaboration with Law and Industry
10. • - Keeping customer info safe (GLBA)
• - Strong controls for financial reporting (SOX)
• - Securing credit card data (PCI DSS)
• - Following guidelines for safe banking (FFIEC)
• - Meeting security standards for government work
(FedRAMP)
• - Adhering to global banking rules (Basel III)