Thriving in the face of cyberpublic.dhe.ibm.com/...the_face_of_cyber_uncertainty... · Thriving in...
Transcript of Thriving in the face of cyberpublic.dhe.ibm.com/...the_face_of_cyber_uncertainty... · Thriving in...
Thriving in the face of cyber uncertaintySecurity evolved to grow your business
Mike Kehoe
May 2019
WW Programme Director , Threat & Intelligence IBM Security
IBM Security Connect:https://www.ibm.com/security/intelligence-analysis/i2
IBM Security / © 2019 IBM Corporation 4
The Digital Economy is the digitization (or moving online) many of the traditional activities and offerings that historically were only available to customers when physically inside of a commercial entity
In relation to the banking sector this would have include: Money Deposits, Withdrawals & Transfers. Checking/Saving Account Management.
What digital Economy is delivering Business efficiency -Cost savings -Increased accuracy -Improved competitiveness –Enhanced security –
The Digital Economy continues to evolve but its not new to IBM !
The first modern ATM was an IBM 2984
IBM Security / © 2019 IBM Corporation 5
With new business growth opportunities comes new opportunities for financial crimes
1) Behind every threat vector is a threat actor
2 ) In a connected and online world every transaction has a digital foot print
3) There is no such thing as luck , successful attacks have a threat vector
4) Threat actors are smart ……….really smart !!!
The Digital Economy has a dark side
Old opportunities for financial crimes….. The Threat Surfaces
New opportunities for financial crimes….. The Threat Surfaces
Money launderingSyndetic IDS
Phishing Campaign / Account Take Over ( Internal / External )
Card Fraud:–ATM , Credit & Debit
Cyber AttacksMan in the Middle
Organized Crime RingsJackpotting
Back Ground Screening
Insider
Cyber Analysis
Insider Threats
System Abuse
System AbuseThreat Discovery
Stakeholder Protection
1
2
Cyber Threat Hunting
Insider Threat
3 Stakeholder Protection
4 Threat Discovery ( AML , ABC , EDD ) 6 Active Watch Lists
Aka Vetting , Sanctions
Stakeholder Protection
5 Combatting FraudAKA System Abuse
Threat Hunting
Most common threat vectors in the commercial space
Blue Light i2i
The Fundementals of Crimes has nit Changed ?
Financial crimes is carried out by individuals, corporations, or by organized crime groups to illegal obtain funds by deception, falsify documentation, or conceal illicit
activities as a means to abuse / exploit financial systems and its stakeholders .
Impacts are Financial in nature ( 3R’s )
Reputational
Regulatory
Revenue ( primary / secondary )
The 3R’s Impacts of Financial Crimes
Types of Fraud and Financial Crimes....... Transactional
Card / Payment Fraud Insurance Fraud Forgery & counterfeiting Insider Cyber Crime
• Credit / Debit Card
• ATM
• Fuel / Shopping cards
• Loyalty Programs
• Online payments
• Auto
• Health
• Property
• Pet
• Life
• Opportunistic
• Revenge
• Ideology
• Ignorance • Coerce
• Shipping / storage
• Withdrawals
• Tax evasion
• Shell Companies
• Returns
• Identity theft
• Man in the middle
• Phishing
• Embezzlement
Customers >>>> CISO / FIUs / SIUs / Fraud Investigators / Threat Managements / Risk Compliance
Types of Fraud and Financial Crimes....... Regulatory
Money Laundering Sanction Violation
Detection Anti Bribery and Corruption Due Diligence
• Gaming
• Goods returns
• Mule Accounts
• Ghost companies
• PEP (politically exposed person)
• Insider
• Watch listed
• Beneficial Ownership
• Degree of Separation
• Identity Resolution
• Synthetic ID
• Embargo trading
• Hedge funds
• Shell Company
Customers >>>> FIUs / SIUs / MLRO / CRO / Risk Compliance
Financial Crimes....... Use cases
MORE TO FOLLOW
IBM Security 2019 …….the Good Guys
IBM Security / © 2019 IBM Corporation 15
DigitalTrust
Threat Management
Strategyand Risk
Get Ahead of Risk and Compliance
Build Leadership and Culture
Detect and Stop Advanced Threats
Orchestrate Incident Response
Master Threat Hunting
Protect Critical Assets
Govern Users and Identities
Deliver Digital Identity Trust
Secure Hybrid Cloud
Unify Endpoint Management
The Threatscape has evolved , so have we.
IBM Security / © 2019 IBM Corporation 16
2019+Connected security,at the “speed of cloud”
2011-2018Security intelligenceacross the enterprise
Before 2011Bolt-on security for IT projects
SECURITYINTELLIGENCE
APPS
MOBILE
ENDPOINT
THREATINTEL
NETWORK
ADVANCEDFRAUD
IDENTITY& ACCESS
DATA
Beyond…AI, quantum, IoT, blockchain security
IBM helps across the entire Security Spectrum
IBM Security / © 2019 IBM Corporation 17
Get Ahead of Risk and Compliance• Strategy and Planning • Risk Assessments• Advisory Services
Build Leadership and Culture• X-Force Cyber Range• Cyber Tactical Operations Center
Detect and Stop Advanced Threats• Security Operations Consulting• X-Force Threat Mgmt. Services• X-Force Red• QRadar• Managed SIEM
Orchestrate Incident Response• Resilient • X-Force IRIS
Master Threat Hunting• i2 Intelligence Analysis• QRadar Advisor with Watson
Protect Critical Assets• SDLC Consulting• Data Protection Services• AppScan• Guardium• Data Risk Manager• Multi-cloud Encryption• Key Lifecycle Manager
Govern Users and Identities• Identity Mgmt. Services• Identity Governance• Cloud Identity• Access Manager
Deliver Digital Identity Trust• Trusteer• Cloud Identity
Secure Hybrid Cloud• Infrastructure and
Endpoint Services• Hybrid Cloud
Security Services• QRadar Cloud Analytics• Cloud Identity• Guardium for Cloud
Unify Endpoint Management• Endpoint Mgmt. Services• MaaS360• BigFix
IBM Security / © 2019 IBM Corporation
18
Strategyand Risk
FSS Cyber Range War Games
Mobile Command Center
Red Team pend testing
WW experts and partners covering the full security spectrum
Considerations for Digital Banking
IBM Security / © 2019 IBM Corporation
Threat ManagementConsiderations for Digital Banking
Security Operations Center
Products
Process
People
IBM Security / © 2019 IBM Corporation
Threat ManagementConsiderations for Digital Banking
Move Faster then the speed of threat
Tier O ne Tier Tw o Tier Three
Progression from transactional to sophisticated
Intelligence & Investigation Transactional R ules Correlation R ules
A utom ated D etection ExploratoryEvents C onnections
Continual Process Im provem ent
IBM Security / © 2019 IBM Corporation
DigitalTrust IAM
PrivilegedAccess
Management
Identity Governance & Administration
Access Management & AuthenticationConsiderations for Digital Banking
Access Management
Stop threats in real time at the transaction
IBM Security / © 2019 IBM Corporation 22
Connected ecosystem
Operational simplicity
Global-scale AI and analytics
Experts on-demand
The only open, cloud-based security platformthat doesn’t demand migrating your data
IBM Security Connect
The future of security is connected
IBM Security / © 2019 IBM Corporation
A Threat is,
A Threat is,
A Threat
Cyber Analysis
Insider Threats
System Abuse
System Abuse Adaptive Watch Lists Threat Discovery
Stakeholder Protection
1
2
Cyber Threat Hunting
Insider Threat
3 Stakeholder Protection
4 Threat Discovery6 Active Watch Lists
Aka Vetting
Stakeholder Protection
5 Combatting FraudAKA System Abuse
Most common threat vectors in the commercial space
FSSThreat vectors
ibm.com/security
securityintelligence.com
xforce.ibmcloud.com
@ibmsecurity
youtube/user/ibmsecuritysolutions
© Copyright IBM Corporation 2019. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.
FOLLOW US ON:
THANK YOU
ibm.com/security/community
Cybersecurity is a universal challenge
IBM Security / © 2019 IBM Corporation 26
5 billionpersonal data records stolen
20.8 billion things we needto secure
$6 trillionlost to cybercrime over the next 2 years
What’s at stake…
Organizations are using
too manytools from too many vendors
Too many tools
GDPR fines can cost
billionsfor large global companies
Compliance updates
By 2022, CISOs will face
1.8 million unfulfilled cybersecurity jobs
Skills shortageWhat we face…