Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence,...
Transcript of Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence,...
![Page 1: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/1.jpg)
Cybersecurity Intelligence, Resilience, and Management Atlanta Region Banker Call
April 21, 2016
![Page 2: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/2.jpg)
Objectives
Data Security Evolution Risk Management Programs
People and Patches Threat Environment
Third-Party Management Resilience
Incident Management Program
2
![Page 3: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/3.jpg)
Evolution of Data Security
3
![Page 4: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/4.jpg)
Definition
“The process of protecting information by preventing,
detecting, and responding to attacks.”
4
![Page 5: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/5.jpg)
Risk Management
Emerging
ATM
5
![Page 6: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/6.jpg)
Risk Management - Governance
Strategic Planning and Budgeting Accountability Framework Audit Plan Board Reporting
6
![Page 7: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/7.jpg)
Risk Management - Governance
Oversee Senior Leadership
Promote Appropriate Corporate Culture
Align Performance Reviews
7
![Page 8: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/8.jpg)
Risk Management - Governance
Set Appropriate
Risk Appetite
Be Accountable
for Risk Framework
Establish Metrics for
Board
8
![Page 9: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/9.jpg)
Appendix B to Part 364
II. Standards for Information Security Ensure the security and confidentiality of customer
information Protect against any anticipated threats or hazards to the
security or integrity of such information Protect against unauthorized access to or use of such
information that could result in substantial harm or inconvenience to any customer
Ensure the proper disposal of customer information and consumer information 9
![Page 10: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/10.jpg)
People and Patches
10
Source: Verizon 2015 Data Breach Investigations Report
Stats
“…a campaign of just ten e-mails yields a greater than 90% chance that at least one person will become the criminal’s prey…”
“…11% of recipients of phishing messages click on attachments.”
![Page 11: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/11.jpg)
Threat Environment
11
Growing Vulnerabilities Interconnected systems New delivery channels Legacy products Emerging/Unknown
Increasing Threats Number/types of actors Nature/volume of attacks Level of sophistication Emerging/Unknown
![Page 12: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/12.jpg)
Threat Environment - General Defenses
12
Vulnerability Assessment and Penetration Test
Web Application Stress Test and Code Review
Social Engineering Test Enterprise Security Risk Assessment Third-Party Management BCP/DR
![Page 13: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/13.jpg)
Information Security Program
13
Information Security Program
Governance Structure and
Policies
Threat Intelligence
Audit Program
Third-Party Management
Risk Assessment and Control Structure
Incident Response
Business Continuity/ Disaster Recovery
Resilience/ Restoration
![Page 14: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/14.jpg)
People and Patches - Training
Security Awareness Training
Enterprise-wide
Role-specific
Customers/Merchants Third Parties Cybersecurity
Culture
14
![Page 15: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/15.jpg)
People and Patches - Success
1. Get Executive Buy-In. Early and Often.
2. Culture, Context, & Continuity are Essential.
3. Be Clear. Use Real-World Scenarios & Applications.
4. Try to Avoid A Long Boring List of “Don’ts”.
5. Give Good Reasons. Explain Security Guidelines.
6. Consider Role-Specific, Risk-Based Security Training.
7. Be Creative. Include Multiple Channels and Formats. 15
![Page 16: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/16.jpg)
Control Structure - Change Management
Formal Written Policy and Procedures Develop system for identifying, prioritizing, applying, and testing
patches Create/maintain asset inventories Timely updates Integrate threat intelligence Mitigate risk from unsupported operating systems and
applications Report to board and senior management
Audit Should Validate Program
16
![Page 17: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/17.jpg)
Information Security Program
17
Information Security Program
Governance Structure and
Policies
Threat Intelligence
Audit Program
Third-Party Management
Risk Assessment and Control Structure
Incident Response
Business Continuity/ Disaster Recovery
Resilience/ Restoration
![Page 18: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/18.jpg)
Cybersecurity Threat and Vulnerability Monitoring and Sharing Statement “Financial institution management is expected to monitor and maintain sufficient
awareness of cybersecurity threats and vulnerability information so they may evaluate risk and respond accordingly.”
FFIEC Business Continuity Planning Handbook, Appendix J – Strengthening the Resilience of Outsourced Technology Services
18
Information Security Program - Enhanced
![Page 19: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/19.jpg)
Threat Intelligence
19
Information Security Program
Governance Structure and
Policies
Threat Intelligence
Audit Program
Third-Party Management
Risk Assessment and Control Structure
Incident Response
Business Continuity/ Disaster Recovery
Resilience/ Restoration
![Page 20: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/20.jpg)
Threat Intelligence - FS-ISAC
• iSight Partners • Secunia
• Wapack Labs
• NC4 Phy Sec
• MSA Phy Sec
Priv
ate
Sour
ces
20
Information Security
Fraud Investigation
Payments/ Risk
Physical Security
BCP/DR
![Page 21: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/21.jpg)
Third-Party Management
Core Transactional Internet Banking
Mobile Banking
Managed Network Security
21
![Page 22: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/22.jpg)
Appendix J - Third-Party Management
Relationship Management Due Diligence Contracts Ongoing Monitoring
Resiliency and Testing Mission Critical Services Capacity Service Provider Continuity Scenarios Gap Analysis Service Provider Alternatives
22
![Page 23: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/23.jpg)
Appendix J - Resilience
Data backup architecture and technology Data integrity controls Independent, secondary communication providers Layered security strategies Enhanced planning for the possibility of simultaneous
attacks Increased awareness of insider threats Prearranged third-party forensic and incident
management services
23
![Page 24: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/24.jpg)
Appendix J - Incident Management
Test against foreseeable cyber threats Integrate service provider
considerations “Final Guidance on Response Programs
for Unauthorized Access to Customer Information and Customer Notice”
24
![Page 25: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/25.jpg)
Incident Response - Pillars
25
Key
Met
rics
Exec
utiv
e Sp
onso
r
Empo
wer
men
t
![Page 26: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/26.jpg)
Incident Response - Team
26
Align Resources
Investigate and Analyze
Communicate
Train and Educate
![Page 27: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/27.jpg)
Cybersecurity Assessment Tool
Identifies factors affecting cyber risk Assesses cybersecurity preparedness Evaluates cybersecurity preparedness
and risk alignment Performs gap analysis Identifies risk management strategies
27
![Page 28: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/28.jpg)
Summary
ISP = Cybersecurity Threat Environment Change Management Gap Analysis Cybersecurity Assessment Tool Risk Management Program Resilience
28
![Page 30: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/30.jpg)
Financial Services-Information Sharing and Analysis Center (FS-ISAC) www.fsisac.com/
United States Computer Emergency Readiness Team (US-CERT) www.us-cert.gov/
InfraGard www.infragard.org/
U.S. Secret Service Electronic Crimes Task Force www.secretservice.gov/ectf.shtml
The Top Cyber Threat Intelligence Feeds www.thecyberthreat.com/cyber-threat-intelligence-feeds/
30
Resources
![Page 31: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/31.jpg)
Resources (Cont.)
FFIEC IT Handbooks http://ithandbook.ffiec.gov
FFIEC Cybersecurity Awareness http://ffiec.gov/cybersecurity.htm
Financial Stability Oversight Council 2015 Annual Report http://www.treasury.gov/initiatives/fsoc/studies-reports/Pages/2015-Annual-Report.aspx
Financial Institution Letters
www.fdic.gov/regulations/resources/director/risk/it-security.htm
31
![Page 32: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/32.jpg)
Cybersecurity Assessment Tool
Questions regarding the Cybersecurity Assessment Tool can be submitted through:
https://fdicsurveys.co1.qualtrics.com/jfe/form/SV_4JgpIWXWB9Gjps1
32
![Page 33: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/33.jpg)
Director’s Resource Center
www.fdic.gov/regulations/resources/director/
Technical Assistance Video Program Information Technology (IT) Corporate Governance Third-Party Risk Vendor Management Cybersecurity Awareness Cyber Challenge: A Community Bank Cyber Exercise
• Vignette 1: Item processing failure • Vignette 2: Customer account takeover • Vignette 3: Phishing and malware problem • Vignette 4: Technology service provider problem • Vignette 5: Ransomware • Vignette 6: ATM Malware • Vignette 7: DDoS as a Smokescreen
33
![Page 34: Cybersecurity Intelligence, Resilience, and Management · PDF fileCybersecurity Intelligence, Resilience, and Management ... Develop system for identifying, ... Cybersecurity Intelligence,](https://reader031.fdocuments.in/reader031/viewer/2022022003/5a9e40a77f8b9a0d7f8c3882/html5/thumbnails/34.jpg)
Regional Contacts
Atlanta Region Richard Snitzer – [email protected] Lenna Escosa – [email protected]
34