SlideShare a Scribd company logo

NTXISSACSC3 - EMV and the Future of Payments by Branden Williams

North Texas Chapter of the ISSA
North Texas Chapter of the ISSA

This document discusses EMV and the future of payments. It summarizes that EMV was designed to facilitate offline transactions and minimize card-present fraud over time. While EMV adoption in the US allows for chip and signature transactions, chip and PIN transactions are more secure. The document also notes that fraud has significantly decreased in the UK since EMV adoption. However, fraudsters will likely shift tactics to target card-not-present and other attacks. Looking ahead, online payments and mobile wallets present new opportunities for criminals, highlighting the need for continued security improvements.

1 of 25
Download to read offline
@NTXISSA #NTXISSACSC3 EMV and the Future of Payments Dr. Branden Williams @BrandenWilliams http://www.brandenwilliams.com/ 2 October 2015
@NTXISSA #NTXISSACSC3 The Threat Landscape 2
@NTXISSA #NTXISSACSC3 How many states currently have data breach legislation on the books?
@NTXISSA #NTXISSACSC3 How many questions are asked to Siri in any given minute?
@NTXISSA #NTXISSACSC3 According to the National Association of Federal Credit Unions, what was the average amount spent by member institutions on merchant data breaches in 2014?
@NTXISSA #NTXISSACSC3 FUN STUFF GOES HERE Sorry, had to be present! 6
@NTXISSA #NTXISSACSC3 The Results of a Data Breach Cause Significant Impacts Across Business Operations 7 Reputational Risk Damage  Negative Impact to Your Brand AND Investigation of Breach Fines/Liability Loss of Confidential Business Information Remediation of Breach
@NTXISSA #NTXISSACSC3 The Cost of a Data Breach is Staggering •Since 2013, many major retailers experienced data breaches: 8 Reject cost-per-record estimates, just understand it’s expensive.
@NTXISSA #NTXISSACSC3 Four Key Cyber Assets Targeted by Criminals 9 POS Environments • 49% of POS intrusions account for 40% of all assets targets. • If a POS is attacked, it is most likely the business will be US based. Credit Cards • 49% of breach investigations involved Personally Identifiable Information (PII) and cardholder data. • Attackers shifted focus back to payment card from non- payment card. eCommerce • Accounted for 42% of all investigations in 2014. • 64% of retail industry breaches were eCommerce • “Password1” was still the most commonly used password. Mobile Apps • 95% of mobile applications are vulnerable. • 35% of mobile apps had critical issues • 45% of mobile apps had high-risk issues. • 6: Median number of vulnerabilities per mobile app. SOURCE: 2015 TrustWave Global Security Report.
@NTXISSA #NTXISSACSC3 POS Malware Poses an Insidious Threat 10 • POS malware is extremely lucrative for criminals and extraordinarily difficult to detect. • In 60% of cases, attackers are able to compromise an organization within minutes. • POS breaches account for nearly one-third of all types of breaches. Nine Main Types of Breaches SOURCE: Verizon 2015 Data Breach Investigations Report.
@NTXISSA #NTXISSACSC3 Data Protection is Top of Mind for Today’s Executives 11 Preserve Stakeholder Value Avoid Costs Due to Remediation and a Negative Brand Image. Secure POS Systems Protect Your Customers’ Data During and After the Transaction Process. End-to-End Protection Minimal Operation and Systems Impact. Benefits of Data Protection
@NTXISSA #NTXISSACSC3 Or is it? 12
@NTXISSA #NTXISSACSC3 Really Guys? </Cartman> Oxford University and the UK’s Centre for the Protection of the National Infrastructure survey results: “Concern for cybersecurity was significantly lower among managers inside the C-suite than among managers outside it.” 13 Winnefeld Jr, P. A. S., Kirchhoff, C., & Upton, D. M. (2015). Cybersecurity's human factor: Lessons from the pentagon. Harvard Business Review, 93(9), 87-95.
@NTXISSA #NTXISSACSC3 So how does EMV help? NTX ISSA Cyber Security Conference – October 2-3, 2015 14
@NTXISSA #NTXISSACSC3 EMV Highlights •Widely adopted 1990s technology •Designed to facilitate offline transactions & minimize card-present fraud (over time) •The US implemented a Chip & Choice version (not exclusively Chip & PIN) •PIN transactions will occur, but likely remain debit-focused •Most will do Chip & Sign, or just Chip •Modern implementations are surprisingly effective 15
@NTXISSA #NTXISSACSC3 Fraud in the UK 16Figures from Fraud the Facts, 2015. UK Payments Administration.
@NTXISSA #NTXISSACSC3 Fraud in the UK 17Figures from Fraud the Facts, 2015. UK Payments Administration.
@NTXISSA #NTXISSACSC3 Targets will change •Fraudsters will move away from magstripe to focus on card- not-present, and other types of attacks to gain funds •But attack mechanisms have not changed much •Malware •Vishing •Large-scale hacks •What EMV considers routing data, we consider sensitive data: •Vishers may not call to ask for PIN, but instead CVV2 •Some merchants may accept transactions without CVV2 18
@NTXISSA #NTXISSACSC3 What does this mean for online retail? •Online merchants traditionally do not want to get in the way of a transaction: •First iteration of 3DSecure was awful •Merchants hate it due to abandoned carts •Rather take the risk on a transaction •Think about how IT works today vs. ten years ago… 19
@NTXISSA #NTXISSACSC3 Chargeback Process 20Image from Willows Consulting
@NTXISSA #NTXISSACSC3 Who should deploy EMV? •Card present merchants with high chargeback rates •Especially those that sell gift cards! •Where will fraud shift in the CNP space? •Digital Goods •High value items •Anything that can be easily fenced or converted to cash 21
@NTXISSA #NTXISSACSC3 What’s Next? •Pervasiveness of technology expands attack surface •Where are payments moving? •Mobile (expected to eclipse PCs for CNP transactions in 2015) •Platforms with users explore financial exchange (Twitter, Facebook) •What is attractive for criminals? •Any of the e-wallet options such as Samsung Pay or Apple Pay •Pre-paid cards (targets the under-banked) •Weakly secured accounts 22
@NTXISSA #NTXISSACSC3 A few thoughts about how payments can morph… 23
@NTXISSA #NTXISSACSC3 Questions / Discussion Dr. Branden Williams @BrandenWilliams http://www.brandenwilliams.com/ 24
@NTXISSA #NTXISSACSC3@NTXISSA #NTXISSACSC3 The Collin College Engineering Department Collin College Student Chapter of the North Texas ISSA North Texas ISSA (Information Systems Security Association) NTX ISSA Cyber Security Conference – October 2-3, 2015 25 Thank you

Recommended

Detecting Wire Fraud in Real-Time
Detecting Wire Fraud in Real-TimeDetecting Wire Fraud in Real-Time
Detecting Wire Fraud in Real-Time
Laurent Pacalin
 
Cryptocurrency Scams | How Do You Protect Yourself?
Cryptocurrency Scams | How Do You Protect Yourself?Cryptocurrency Scams | How Do You Protect Yourself?
Cryptocurrency Scams | How Do You Protect Yourself?
Money 2Conf
 
What Lurks in the Shadow
What Lurks in the Shadow What Lurks in the Shadow
What Lurks in the Shadow
Cheryl Biswas
 
Protect your confidential information while improving services
Protect your confidential information while improving servicesProtect your confidential information while improving services
Protect your confidential information while improving services
CloudMask inc.
 
Cybersecurity statistics sheet
Cybersecurity statistics sheetCybersecurity statistics sheet
Cybersecurity statistics sheet
Globizzcon
 
The evolution of state monitoring systems Earle G. Hall
The evolution of state monitoring systems Earle G. HallThe evolution of state monitoring systems Earle G. Hall
The evolution of state monitoring systems Earle G. Hall
UIFuture
 
Ai and machine learning help detect, predict and prevent fraud - IBM Watson ...
Ai and machine learning help detect, predict and prevent fraud - IBM Watson ...Ai and machine learning help detect, predict and prevent fraud - IBM Watson ...
Ai and machine learning help detect, predict and prevent fraud - IBM Watson ...
Institute of Contemporary Sciences
 
A Look Back at 2016: The Most Memorable Cyber Moments
A Look Back at 2016: The Most Memorable Cyber MomentsA Look Back at 2016: The Most Memorable Cyber Moments
A Look Back at 2016: The Most Memorable Cyber Moments
Tripwire
 

Recommended

Detecting Wire Fraud in Real-Time
Detecting Wire Fraud in Real-TimeDetecting Wire Fraud in Real-Time
Detecting Wire Fraud in Real-Time
Laurent Pacalin
 
Cryptocurrency Scams | How Do You Protect Yourself?
Cryptocurrency Scams | How Do You Protect Yourself?Cryptocurrency Scams | How Do You Protect Yourself?
Cryptocurrency Scams | How Do You Protect Yourself?
Money 2Conf
 
What Lurks in the Shadow
What Lurks in the Shadow What Lurks in the Shadow
What Lurks in the Shadow
Cheryl Biswas
 
Protect your confidential information while improving services
Protect your confidential information while improving servicesProtect your confidential information while improving services
Protect your confidential information while improving services
CloudMask inc.
 
Cybersecurity statistics sheet
Cybersecurity statistics sheetCybersecurity statistics sheet
Cybersecurity statistics sheet
Globizzcon
 
The evolution of state monitoring systems Earle G. Hall
The evolution of state monitoring systems Earle G. HallThe evolution of state monitoring systems Earle G. Hall
The evolution of state monitoring systems Earle G. Hall
UIFuture
 
Ai and machine learning help detect, predict and prevent fraud - IBM Watson ...
Ai and machine learning help detect, predict and prevent fraud - IBM Watson ...Ai and machine learning help detect, predict and prevent fraud - IBM Watson ...
Ai and machine learning help detect, predict and prevent fraud - IBM Watson ...
Institute of Contemporary Sciences
 
A Look Back at 2016: The Most Memorable Cyber Moments
A Look Back at 2016: The Most Memorable Cyber MomentsA Look Back at 2016: The Most Memorable Cyber Moments
A Look Back at 2016: The Most Memorable Cyber Moments
Tripwire
 
Five mobile security challenges facing the enterprise
Five mobile security challenges facing the enterpriseFive mobile security challenges facing the enterprise
Five mobile security challenges facing the enterprise
NowSecure
 
Protect Your SMB from Payment Security Breaches
Protect Your SMB from Payment Security BreachesProtect Your SMB from Payment Security Breaches
Protect Your SMB from Payment Security Breaches
Verifone
 
Eight Months of EMV: Early Fraud Shifts and Trajectory
Eight Months of EMV: Early Fraud Shifts and TrajectoryEight Months of EMV: Early Fraud Shifts and Trajectory
Eight Months of EMV: Early Fraud Shifts and Trajectory
TransUnion
 
7 Ways to Make EMV Easier / Webinar
7 Ways to Make EMV Easier / Webinar7 Ways to Make EMV Easier / Webinar
7 Ways to Make EMV Easier / Webinar
Ingenico Group
 
2016_07_22_can_you_protect_my_cc_data
2016_07_22_can_you_protect_my_cc_data2016_07_22_can_you_protect_my_cc_data
2016_07_22_can_you_protect_my_cc_data
Kelvin Medina, CISSP, PA-QSA, QSA, GCIH, CISA, ITIL
 
PCI at the POS / What’s New, What’s Next, and What Merchants Can Do to Simpl...
PCI at the POS / What’s New, What’s Next, and What Merchants Can Do to Simpl...PCI at the POS / What’s New, What’s Next, and What Merchants Can Do to Simpl...
PCI at the POS / What’s New, What’s Next, and What Merchants Can Do to Simpl...
Ingenico Group
 
Hacking Point of Sale
Hacking Point of SaleHacking Point of Sale
Hacking Point of Sale
Tripwire
 
CRS Company Overview -Feb 6 2017
CRS Company Overview -Feb 6 2017CRS Company Overview -Feb 6 2017
CRS Company Overview -Feb 6 2017Joseph John
 
ISACA State of Cyber Security 2017
ISACA State of Cyber Security 2017ISACA State of Cyber Security 2017
ISACA State of Cyber Security 2017
ISACA
 
Cyber security threats for 2017
Cyber security threats for 2017Cyber security threats for 2017
Cyber security threats for 2017
Ramiro Cid
 
The Future of Retail 2017: Trends Shaping the Digital Experience
The Future of Retail 2017: Trends Shaping the Digital ExperienceThe Future of Retail 2017: Trends Shaping the Digital Experience
The Future of Retail 2017: Trends Shaping the Digital Experience
National Retail Federation
 
Modern Retail Guide to EPOS
Modern Retail Guide to EPOSModern Retail Guide to EPOS
Modern Retail Guide to EPOS
ModernRetailUK
 
Digital marketing Trends 2017
Digital marketing Trends 2017Digital marketing Trends 2017
Digital marketing Trends 2017
Infocrest
 
What retailers want you to know about data security
What retailers want you to know about data securityWhat retailers want you to know about data security
What retailers want you to know about data security
National Retail Federation
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsBen Graybar
 
Emerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyEmerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyChukwunonso Okoro, CFE, CAMS, CRISC
 
cyber terrorism
cyber terrorismcyber terrorism
cyber terrorism
Accenture
 
cyber terrorism
cyber terrorism cyber terrorism
cyber terrorism
Accenture
 
Who is the next target proactive approaches to data security
Who is the next target proactive approaches to data securityWho is the next target proactive approaches to data security
Who is the next target proactive approaches to data security
Ulf Mattsson
 
Cases for Financial Market
Cases for Financial MarketCases for Financial Market
Cases for Financial Market
Karina Matos
 
The good, the bad and the ugly of the target data breach
The good, the bad and the ugly of the target data breachThe good, the bad and the ugly of the target data breach
The good, the bad and the ugly of the target data breach
Ulf Mattsson
 
Touchpoints and security
Touchpoints and securityTouchpoints and security
Touchpoints and security
Mohan Datar
 

More Related Content

Viewers also liked

Five mobile security challenges facing the enterprise
Five mobile security challenges facing the enterpriseFive mobile security challenges facing the enterprise
Five mobile security challenges facing the enterprise
NowSecure
 
Protect Your SMB from Payment Security Breaches
Protect Your SMB from Payment Security BreachesProtect Your SMB from Payment Security Breaches
Protect Your SMB from Payment Security Breaches
Verifone
 
Eight Months of EMV: Early Fraud Shifts and Trajectory
Eight Months of EMV: Early Fraud Shifts and TrajectoryEight Months of EMV: Early Fraud Shifts and Trajectory
Eight Months of EMV: Early Fraud Shifts and Trajectory
TransUnion
 
7 Ways to Make EMV Easier / Webinar
7 Ways to Make EMV Easier / Webinar7 Ways to Make EMV Easier / Webinar
7 Ways to Make EMV Easier / Webinar
Ingenico Group
 
2016_07_22_can_you_protect_my_cc_data
2016_07_22_can_you_protect_my_cc_data2016_07_22_can_you_protect_my_cc_data
2016_07_22_can_you_protect_my_cc_data
Kelvin Medina, CISSP, PA-QSA, QSA, GCIH, CISA, ITIL
 
PCI at the POS / What’s New, What’s Next, and What Merchants Can Do to Simpl...
PCI at the POS / What’s New, What’s Next, and What Merchants Can Do to Simpl...PCI at the POS / What’s New, What’s Next, and What Merchants Can Do to Simpl...
PCI at the POS / What’s New, What’s Next, and What Merchants Can Do to Simpl...
Ingenico Group
 
Hacking Point of Sale
Hacking Point of SaleHacking Point of Sale
Hacking Point of Sale
Tripwire
 
CRS Company Overview -Feb 6 2017
CRS Company Overview -Feb 6 2017CRS Company Overview -Feb 6 2017
CRS Company Overview -Feb 6 2017Joseph John
 
ISACA State of Cyber Security 2017
ISACA State of Cyber Security 2017ISACA State of Cyber Security 2017
ISACA State of Cyber Security 2017
ISACA
 
Cyber security threats for 2017
Cyber security threats for 2017Cyber security threats for 2017
Cyber security threats for 2017
Ramiro Cid
 
The Future of Retail 2017: Trends Shaping the Digital Experience
The Future of Retail 2017: Trends Shaping the Digital ExperienceThe Future of Retail 2017: Trends Shaping the Digital Experience
The Future of Retail 2017: Trends Shaping the Digital Experience
National Retail Federation
 
Modern Retail Guide to EPOS
Modern Retail Guide to EPOSModern Retail Guide to EPOS
Modern Retail Guide to EPOS
ModernRetailUK
 
Digital marketing Trends 2017
Digital marketing Trends 2017Digital marketing Trends 2017
Digital marketing Trends 2017
Infocrest
 
What retailers want you to know about data security
What retailers want you to know about data securityWhat retailers want you to know about data security
What retailers want you to know about data security
National Retail Federation
 

Viewers also liked (14)

Five mobile security challenges facing the enterprise
Five mobile security challenges facing the enterpriseFive mobile security challenges facing the enterprise
Five mobile security challenges facing the enterprise
 
Protect Your SMB from Payment Security Breaches
Protect Your SMB from Payment Security BreachesProtect Your SMB from Payment Security Breaches
Protect Your SMB from Payment Security Breaches
 
Eight Months of EMV: Early Fraud Shifts and Trajectory
Eight Months of EMV: Early Fraud Shifts and TrajectoryEight Months of EMV: Early Fraud Shifts and Trajectory
Eight Months of EMV: Early Fraud Shifts and Trajectory
 
7 Ways to Make EMV Easier / Webinar
7 Ways to Make EMV Easier / Webinar7 Ways to Make EMV Easier / Webinar
7 Ways to Make EMV Easier / Webinar
 
2016_07_22_can_you_protect_my_cc_data
2016_07_22_can_you_protect_my_cc_data2016_07_22_can_you_protect_my_cc_data
2016_07_22_can_you_protect_my_cc_data
 
PCI at the POS / What’s New, What’s Next, and What Merchants Can Do to Simpl...
PCI at the POS / What’s New, What’s Next, and What Merchants Can Do to Simpl...PCI at the POS / What’s New, What’s Next, and What Merchants Can Do to Simpl...
PCI at the POS / What’s New, What’s Next, and What Merchants Can Do to Simpl...
 
Hacking Point of Sale
Hacking Point of SaleHacking Point of Sale
Hacking Point of Sale
 
CRS Company Overview -Feb 6 2017
CRS Company Overview -Feb 6 2017CRS Company Overview -Feb 6 2017
CRS Company Overview -Feb 6 2017
 
ISACA State of Cyber Security 2017
ISACA State of Cyber Security 2017ISACA State of Cyber Security 2017
ISACA State of Cyber Security 2017
 
Cyber security threats for 2017
Cyber security threats for 2017Cyber security threats for 2017
Cyber security threats for 2017
 
The Future of Retail 2017: Trends Shaping the Digital Experience
The Future of Retail 2017: Trends Shaping the Digital ExperienceThe Future of Retail 2017: Trends Shaping the Digital Experience
The Future of Retail 2017: Trends Shaping the Digital Experience
 
Modern Retail Guide to EPOS
Modern Retail Guide to EPOSModern Retail Guide to EPOS
Modern Retail Guide to EPOS
 
Digital marketing Trends 2017
Digital marketing Trends 2017Digital marketing Trends 2017
Digital marketing Trends 2017
 
What retailers want you to know about data security
What retailers want you to know about data securityWhat retailers want you to know about data security
What retailers want you to know about data security
 

Similar to NTXISSACSC3 - EMV and the Future of Payments by Branden Williams

Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsBen Graybar
 
cyber terrorism
cyber terrorismcyber terrorism
cyber terrorism
Accenture
 
cyber terrorism
cyber terrorism cyber terrorism
cyber terrorism
Accenture
 
Who is the next target proactive approaches to data security
Who is the next target proactive approaches to data securityWho is the next target proactive approaches to data security
Who is the next target proactive approaches to data security
Ulf Mattsson
 
Cases for Financial Market
Cases for Financial MarketCases for Financial Market
Cases for Financial Market
Karina Matos
 
The good, the bad and the ugly of the target data breach
The good, the bad and the ugly of the target data breachThe good, the bad and the ugly of the target data breach
The good, the bad and the ugly of the target data breach
Ulf Mattsson
 
Touchpoints and security
Touchpoints and securityTouchpoints and security
Touchpoints and security
Mohan Datar
 
The State of Data Security
The State of Data SecurityThe State of Data Security
The State of Data Security
Razor Technology
 
cisco_edge_whitepaper.pdf
cisco_edge_whitepaper.pdfcisco_edge_whitepaper.pdf
cisco_edge_whitepaper.pdf
RaymondKoh23
 
2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)
2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)
2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)
Kate Dalakova
 
ghostsinthemachine2
ghostsinthemachine2ghostsinthemachine2
ghostsinthemachine2Shane Kite
 
GraphTalks Italy - Using graphs to fight financial fraud
GraphTalks Italy - Using graphs to fight financial fraudGraphTalks Italy - Using graphs to fight financial fraud
GraphTalks Italy - Using graphs to fight financial fraud
Neo4j
 
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
North Texas Chapter of the ISSA
 
Target data breach case study
Target data breach case studyTarget data breach case study
Target data breach case study
Abhilash vijayan
 
Cyber Crime is Wreaking Havoc
Cyber Crime is Wreaking HavocCyber Crime is Wreaking Havoc
Cyber Crime is Wreaking Havoc
Hewlett Packard Enterprise Business Value Exchange
 
GraphTalks Frankfurt - Leveraging Graph-Technology to fight financial fraud
GraphTalks Frankfurt - Leveraging Graph-Technology to fight financial fraudGraphTalks Frankfurt - Leveraging Graph-Technology to fight financial fraud
GraphTalks Frankfurt - Leveraging Graph-Technology to fight financial fraud
Neo4j
 
Verizon 2014 data breach investigation report and the target breach
Verizon 2014 data breach investigation report and the target breachVerizon 2014 data breach investigation report and the target breach
Verizon 2014 data breach investigation report and the target breach
Ulf Mattsson
 
Cybersecurity During the COVID Era
Cybersecurity During the COVID EraCybersecurity During the COVID Era
Cybersecurity During the COVID Era
Citrin Cooperman
 
The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)
theijes
 

Similar to NTXISSACSC3 - EMV and the Future of Payments by Branden Williams (20)

Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools Tactics
 
Emerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyEmerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business Ready
 
cyber terrorism
cyber terrorismcyber terrorism
cyber terrorism
 
cyber terrorism
cyber terrorism cyber terrorism
cyber terrorism
 
Who is the next target proactive approaches to data security
Who is the next target proactive approaches to data securityWho is the next target proactive approaches to data security
Who is the next target proactive approaches to data security
 
Cases for Financial Market
Cases for Financial MarketCases for Financial Market
Cases for Financial Market
 
The good, the bad and the ugly of the target data breach
The good, the bad and the ugly of the target data breachThe good, the bad and the ugly of the target data breach
The good, the bad and the ugly of the target data breach
 
Touchpoints and security
Touchpoints and securityTouchpoints and security
Touchpoints and security
 
The State of Data Security
The State of Data SecurityThe State of Data Security
The State of Data Security
 
cisco_edge_whitepaper.pdf
cisco_edge_whitepaper.pdfcisco_edge_whitepaper.pdf
cisco_edge_whitepaper.pdf
 
2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)
2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)
2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)
 
ghostsinthemachine2
ghostsinthemachine2ghostsinthemachine2
ghostsinthemachine2
 
GraphTalks Italy - Using graphs to fight financial fraud
GraphTalks Italy - Using graphs to fight financial fraudGraphTalks Italy - Using graphs to fight financial fraud
GraphTalks Italy - Using graphs to fight financial fraud
 
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
 
Target data breach case study
Target data breach case studyTarget data breach case study
Target data breach case study
 
Cyber Crime is Wreaking Havoc
Cyber Crime is Wreaking HavocCyber Crime is Wreaking Havoc
Cyber Crime is Wreaking Havoc
 
GraphTalks Frankfurt - Leveraging Graph-Technology to fight financial fraud
GraphTalks Frankfurt - Leveraging Graph-Technology to fight financial fraudGraphTalks Frankfurt - Leveraging Graph-Technology to fight financial fraud
GraphTalks Frankfurt - Leveraging Graph-Technology to fight financial fraud
 
Verizon 2014 data breach investigation report and the target breach
Verizon 2014 data breach investigation report and the target breachVerizon 2014 data breach investigation report and the target breach
Verizon 2014 data breach investigation report and the target breach
 
Cybersecurity During the COVID Era
Cybersecurity During the COVID EraCybersecurity During the COVID Era
Cybersecurity During the COVID Era
 
The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)
 

More from North Texas Chapter of the ISSA

Purple seven-ntxissacsc5 walcutt
Purple seven-ntxissacsc5 walcuttPurple seven-ntxissacsc5 walcutt
Purple seven-ntxissacsc5 walcutt
North Texas Chapter of the ISSA
 
Ntxissacsc5 yellow 7 protecting the cloud with cep
Ntxissacsc5 yellow 7 protecting the cloud with cepNtxissacsc5 yellow 7 protecting the cloud with cep
Ntxissacsc5 yellow 7 protecting the cloud with cep
North Texas Chapter of the ISSA
 
Ntxissacsc5 gold 4 beyond detection and prevension remediation
Ntxissacsc5 gold 4 beyond detection and prevension remediationNtxissacsc5 gold 4 beyond detection and prevension remediation
Ntxissacsc5 gold 4 beyond detection and prevension remediation
North Texas Chapter of the ISSA
 
Ntxissacsc5 gold 1 mimecast e mail resiliency
Ntxissacsc5 gold 1 mimecast e mail resiliencyNtxissacsc5 gold 1 mimecast e mail resiliency
Ntxissacsc5 gold 1 mimecast e mail resiliency
North Texas Chapter of the ISSA
 
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
North Texas Chapter of the ISSA
 
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
North Texas Chapter of the ISSA
 
Ntxissacsc5 yellow 1-beginnerslinux bill-petersen
Ntxissacsc5 yellow 1-beginnerslinux bill-petersenNtxissacsc5 yellow 1-beginnerslinux bill-petersen
Ntxissacsc5 yellow 1-beginnerslinux bill-petersen
North Texas Chapter of the ISSA
 
Ntxissacsc5 red 6-diy-pentest-lab dustin-dykes
Ntxissacsc5 red 6-diy-pentest-lab dustin-dykesNtxissacsc5 red 6-diy-pentest-lab dustin-dykes
Ntxissacsc5 red 6-diy-pentest-lab dustin-dykes
North Texas Chapter of the ISSA
 
Ntxissacsc5 red 1 &amp; 2 basic hacking tools ncc group
Ntxissacsc5 red 1 &amp; 2 basic hacking tools ncc groupNtxissacsc5 red 1 &amp; 2 basic hacking tools ncc group
Ntxissacsc5 red 1 &amp; 2 basic hacking tools ncc group
North Texas Chapter of the ISSA
 
Ntxissacsc5 purple 5-insider threat-_andy_thompson
Ntxissacsc5 purple 5-insider threat-_andy_thompsonNtxissacsc5 purple 5-insider threat-_andy_thompson
Ntxissacsc5 purple 5-insider threat-_andy_thompson
North Texas Chapter of the ISSA
 
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczulNtxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
North Texas Chapter of the ISSA
 
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptxNtxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
North Texas Chapter of the ISSA
 
Ntxissacsc5 purple 1-eu-gdpr_patrick_florer
Ntxissacsc5 purple 1-eu-gdpr_patrick_florerNtxissacsc5 purple 1-eu-gdpr_patrick_florer
Ntxissacsc5 purple 1-eu-gdpr_patrick_florer
North Texas Chapter of the ISSA
 
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowiczNtxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
North Texas Chapter of the ISSA
 
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higginsNtxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
North Texas Chapter of the ISSA
 
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghan
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghanNtxissacsc5 blue 6-securityawareness-laurianna_callaghan
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghan
North Texas Chapter of the ISSA
 
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeqNtxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
North Texas Chapter of the ISSA
 
Ntxissacsc5 blue 3-shifting from incident to continuous response bill white
Ntxissacsc5 blue 3-shifting from incident to continuous response bill whiteNtxissacsc5 blue 3-shifting from incident to continuous response bill white
Ntxissacsc5 blue 3-shifting from incident to continuous response bill white
North Texas Chapter of the ISSA
 
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_muellerNtxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
North Texas Chapter of the ISSA
 
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomey
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomeyNtxissacsc5 blue 2-herding cats and security tools-harold_toomey
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomey
North Texas Chapter of the ISSA
 

More from North Texas Chapter of the ISSA (20)

Purple seven-ntxissacsc5 walcutt
Purple seven-ntxissacsc5 walcuttPurple seven-ntxissacsc5 walcutt
Purple seven-ntxissacsc5 walcutt
 
Ntxissacsc5 yellow 7 protecting the cloud with cep
Ntxissacsc5 yellow 7 protecting the cloud with cepNtxissacsc5 yellow 7 protecting the cloud with cep
Ntxissacsc5 yellow 7 protecting the cloud with cep
 
Ntxissacsc5 gold 4 beyond detection and prevension remediation
Ntxissacsc5 gold 4 beyond detection and prevension remediationNtxissacsc5 gold 4 beyond detection and prevension remediation
Ntxissacsc5 gold 4 beyond detection and prevension remediation
 
Ntxissacsc5 gold 1 mimecast e mail resiliency
Ntxissacsc5 gold 1 mimecast e mail resiliencyNtxissacsc5 gold 1 mimecast e mail resiliency
Ntxissacsc5 gold 1 mimecast e mail resiliency
 
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
 
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
 
Ntxissacsc5 yellow 1-beginnerslinux bill-petersen
Ntxissacsc5 yellow 1-beginnerslinux bill-petersenNtxissacsc5 yellow 1-beginnerslinux bill-petersen
Ntxissacsc5 yellow 1-beginnerslinux bill-petersen
 
Ntxissacsc5 red 6-diy-pentest-lab dustin-dykes
Ntxissacsc5 red 6-diy-pentest-lab dustin-dykesNtxissacsc5 red 6-diy-pentest-lab dustin-dykes
Ntxissacsc5 red 6-diy-pentest-lab dustin-dykes
 
Ntxissacsc5 red 1 &amp; 2 basic hacking tools ncc group
Ntxissacsc5 red 1 &amp; 2 basic hacking tools ncc groupNtxissacsc5 red 1 &amp; 2 basic hacking tools ncc group
Ntxissacsc5 red 1 &amp; 2 basic hacking tools ncc group
 
Ntxissacsc5 purple 5-insider threat-_andy_thompson
Ntxissacsc5 purple 5-insider threat-_andy_thompsonNtxissacsc5 purple 5-insider threat-_andy_thompson
Ntxissacsc5 purple 5-insider threat-_andy_thompson
 
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczulNtxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
 
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptxNtxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
 
Ntxissacsc5 purple 1-eu-gdpr_patrick_florer
Ntxissacsc5 purple 1-eu-gdpr_patrick_florerNtxissacsc5 purple 1-eu-gdpr_patrick_florer
Ntxissacsc5 purple 1-eu-gdpr_patrick_florer
 
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowiczNtxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
 
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higginsNtxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
 
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghan
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghanNtxissacsc5 blue 6-securityawareness-laurianna_callaghan
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghan
 
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeqNtxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
 
Ntxissacsc5 blue 3-shifting from incident to continuous response bill white
Ntxissacsc5 blue 3-shifting from incident to continuous response bill whiteNtxissacsc5 blue 3-shifting from incident to continuous response bill white
Ntxissacsc5 blue 3-shifting from incident to continuous response bill white
 
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_muellerNtxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
 
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomey
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomeyNtxissacsc5 blue 2-herding cats and security tools-harold_toomey
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomey
 

Recently uploaded

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
Abida Shariff
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
Bhaskar Mitra
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
CatarinaPereira64715
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 

Recently uploaded (20)

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 

NTXISSACSC3 - EMV and the Future of Payments by Branden Williams

  • 1. @NTXISSA #NTXISSACSC3 EMV and the Future of Payments Dr. Branden Williams @BrandenWilliams http://www.brandenwilliams.com/ 2 October 2015
  • 3. @NTXISSA #NTXISSACSC3 How many states currently have data breach legislation on the books?
  • 4. @NTXISSA #NTXISSACSC3 How many questions are asked to Siri in any given minute?
  • 5. @NTXISSA #NTXISSACSC3 According to the National Association of Federal Credit Unions, what was the average amount spent by member institutions on merchant data breaches in 2014?
  • 6. @NTXISSA #NTXISSACSC3 FUN STUFF GOES HERE Sorry, had to be present! 6
  • 7. @NTXISSA #NTXISSACSC3 The Results of a Data Breach Cause Significant Impacts Across Business Operations 7 Reputational Risk Damage  Negative Impact to Your Brand AND Investigation of Breach Fines/Liability Loss of Confidential Business Information Remediation of Breach
  • 8. @NTXISSA #NTXISSACSC3 The Cost of a Data Breach is Staggering •Since 2013, many major retailers experienced data breaches: 8 Reject cost-per-record estimates, just understand it’s expensive.
  • 9. @NTXISSA #NTXISSACSC3 Four Key Cyber Assets Targeted by Criminals 9 POS Environments • 49% of POS intrusions account for 40% of all assets targets. • If a POS is attacked, it is most likely the business will be US based. Credit Cards • 49% of breach investigations involved Personally Identifiable Information (PII) and cardholder data. • Attackers shifted focus back to payment card from non- payment card. eCommerce • Accounted for 42% of all investigations in 2014. • 64% of retail industry breaches were eCommerce • “Password1” was still the most commonly used password. Mobile Apps • 95% of mobile applications are vulnerable. • 35% of mobile apps had critical issues • 45% of mobile apps had high-risk issues. • 6: Median number of vulnerabilities per mobile app. SOURCE: 2015 TrustWave Global Security Report.
  • 10. @NTXISSA #NTXISSACSC3 POS Malware Poses an Insidious Threat 10 • POS malware is extremely lucrative for criminals and extraordinarily difficult to detect. • In 60% of cases, attackers are able to compromise an organization within minutes. • POS breaches account for nearly one-third of all types of breaches. Nine Main Types of Breaches SOURCE: Verizon 2015 Data Breach Investigations Report.
  • 11. @NTXISSA #NTXISSACSC3 Data Protection is Top of Mind for Today’s Executives 11 Preserve Stakeholder Value Avoid Costs Due to Remediation and a Negative Brand Image. Secure POS Systems Protect Your Customers’ Data During and After the Transaction Process. End-to-End Protection Minimal Operation and Systems Impact. Benefits of Data Protection
  • 13. @NTXISSA #NTXISSACSC3 Really Guys? </Cartman> Oxford University and the UK’s Centre for the Protection of the National Infrastructure survey results: “Concern for cybersecurity was significantly lower among managers inside the C-suite than among managers outside it.” 13 Winnefeld Jr, P. A. S., Kirchhoff, C., & Upton, D. M. (2015). Cybersecurity's human factor: Lessons from the pentagon. Harvard Business Review, 93(9), 87-95.
  • 14. @NTXISSA #NTXISSACSC3 So how does EMV help? NTX ISSA Cyber Security Conference – October 2-3, 2015 14
  • 15. @NTXISSA #NTXISSACSC3 EMV Highlights •Widely adopted 1990s technology •Designed to facilitate offline transactions & minimize card-present fraud (over time) •The US implemented a Chip & Choice version (not exclusively Chip & PIN) •PIN transactions will occur, but likely remain debit-focused •Most will do Chip & Sign, or just Chip •Modern implementations are surprisingly effective 15
  • 16. @NTXISSA #NTXISSACSC3 Fraud in the UK 16Figures from Fraud the Facts, 2015. UK Payments Administration.
  • 17. @NTXISSA #NTXISSACSC3 Fraud in the UK 17Figures from Fraud the Facts, 2015. UK Payments Administration.
  • 18. @NTXISSA #NTXISSACSC3 Targets will change •Fraudsters will move away from magstripe to focus on card- not-present, and other types of attacks to gain funds •But attack mechanisms have not changed much •Malware •Vishing •Large-scale hacks •What EMV considers routing data, we consider sensitive data: •Vishers may not call to ask for PIN, but instead CVV2 •Some merchants may accept transactions without CVV2 18
  • 19. @NTXISSA #NTXISSACSC3 What does this mean for online retail? •Online merchants traditionally do not want to get in the way of a transaction: •First iteration of 3DSecure was awful •Merchants hate it due to abandoned carts •Rather take the risk on a transaction •Think about how IT works today vs. ten years ago… 19
  • 21. @NTXISSA #NTXISSACSC3 Who should deploy EMV? •Card present merchants with high chargeback rates •Especially those that sell gift cards! •Where will fraud shift in the CNP space? •Digital Goods •High value items •Anything that can be easily fenced or converted to cash 21
  • 22. @NTXISSA #NTXISSACSC3 What’s Next? •Pervasiveness of technology expands attack surface •Where are payments moving? •Mobile (expected to eclipse PCs for CNP transactions in 2015) •Platforms with users explore financial exchange (Twitter, Facebook) •What is attractive for criminals? •Any of the e-wallet options such as Samsung Pay or Apple Pay •Pre-paid cards (targets the under-banked) •Weakly secured accounts 22
  • 23. @NTXISSA #NTXISSACSC3 A few thoughts about how payments can morph… 23
  • 24. @NTXISSA #NTXISSACSC3 Questions / Discussion Dr. Branden Williams @BrandenWilliams http://www.brandenwilliams.com/ 24
  • 25. @NTXISSA #NTXISSACSC3@NTXISSA #NTXISSACSC3 The Collin College Engineering Department Collin College Student Chapter of the North Texas ISSA North Texas ISSA (Information Systems Security Association) NTX ISSA Cyber Security Conference – October 2-3, 2015 25 Thank you