In an increasingly digital world, where players from virtually all sectors are racing to innovate, the risk of data theft is very real. The payment card industry has defined standards for protecting cardholder account data. But what about other data types? And what can be learned from payment card industry standards?...
Many organizations trying to secure privileged access for employees or vendors focus solely on the privileged credentials or identities. But that's only half the battle. Securing the access pathways is just as critical to protecting critical systems and data from cyber threats. This session outlines the six steps...
Fraud losses have reached staggering amounts - an estimated $20 billion last year. Moreover, this very lucrative crime is here to stay. How can businesses bounce back after being victimized? Sadly, many cannot. This makes prevention, identification and isolation imperative to business operations. This session focuses...
According to Javelin, in 2015 there were more than 1.5 million new account fraud victims who accounted for losses of $2.8 billion. This number increased by 40 percent in 2016. And with all the continued data breaches, there are no indications that this trend has slowed in 2017. The Equifax breach, which affected more...
We all know how fragile our digital identities are, and any business offering digital accounts knows about the risks of account takeover attacks. As more and more businesses undertake digital transformation strategies, account takeover becomes an increasingly lucrative attack option for fraudsters. With strategies...
Too many organizations continue to address breach response from a reactive mode - having a crude disaster-recovery plan in place in case something "does" happen, rather than accepting that something "will" happen and proactively preparing for it. In this session, a panel of legal, technical and law-enforcement experts...
In the last year, we've seen a significant increase in cyber activity, from propaganda through "information warfare" to mass-scale cybercrime. Increasing political tensions complicate an already complex international response. Differing approaches to cyber and privacy risk in Europe and the United States have caused...
Status check: With just several months to go until any organization that handles Europeans' personal data must comply with the EU's General Data Protection Regulation, or GPDR, how prepared are organizations? While the May 25, 2018, enforcement date is fast approaching, EU privacy watchdogs are continuing to issue...
In the wake of new cyber initiatives in the U.K., how should banks and other businesses be working with law enforcement? In this session, a panel of legal, technical and law-enforcement experts will discuss what well-prepared organizations are doing right, when it comes to proactive interaction with law enforcement,...
In the wake of the $81 million SWIFT transaction cyberheist from the Bank of Bangladesh - the first in a cascade of SWIFT-related heists - regulators and bankers throughout the world have stopped, taken a step back, and reviewed how interbank transactions and payments are managed and operated. The SWIFT attacks have...
Business email compromise (BEC) attacks that impersonate executives and business partners to trick employees comprise the biggest cyberthreat organizations face today. This is not news. But what may come as a surprise is that the vast majority of BEC attacks are preventable. According to Gartner, Secure Email Gateways...
Data breaches feed the market for fraudsters to steal identities, which challenges traditional approaches to identifying the genuine from the fraudster. We hear that knowledge-based authentication is dead. But trust in any single defense is flawed. No single route to "trust" should be applied. We should never lose...
Insider threats are fast becoming one of the greatest concerns to organizations. Whether it be a malicious insider wanting to cause harm, or unintentional insider making an error or being unknowingly coerced by an outsider, mitigating insider threats must be a priority for organizations of all shape and size.
This...
This session will review ransomware, exploring why it continues, how to battle it and what the future portends. Using real-world examples, Ralph Smith of the Financial Services Information Sharing and Analysis Center will walk through some recent ransomware campaigns that have been waged against FS-ISAC members, and...
This session will review a cyber-attack and subsequent data breach from beginning to end. What happens during an attack and how does it result in fraud? This session will dissect an attack, looking at real-world incidents, such as the attack waged against Bangladesh Bank that resulted in the theft of $81 million, and...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.