Collecting security- and fraud-related data from multiple sources can often just result in creating a very large pool of unrelated facts. But begin to add context to that data and you now have information. Triangulate multiple pieces of information together and you can create intelligence, indicative of a real and active threat. This session will answer questions such as:
How can I create actionable intelligence from data feeds?
How will emerging threat information exchange specifications such as TAXII/STIX affect our ability to collect and share standardized threat information with the broader community?
How do I best select and combine internal context and event information with the various open source and commercial external threat intelligence feeds available?
Part II: Visualization of Big Data Analytics for Proactive Fraud Detection
Big Data - everyone is talking about it, but what are organizations actually doing with it to detect and prevent fraud? Despite the hype, there are many powerful, targeted applications for the analysis of large amounts of gathered data. In this session, we will look at findings from a massive scale real life global network activity and transaction monitoring.
Additional Summit Insight: Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.
Background
Part1: Creating Actionable Intelligence, the Advances in Threat Information Exchange
How do we define threat intelligence? The Hoover Commission definition from the Cold War states - "Intelligence deals with all the things which should be known in advance of initiating a course of action." The NSA definition states "Information doesn't become intelligence until it is useful to someone." Lastly, the Bank of England says "Information that provides relevant and sufficient understanding for mitigating the impact of a potentially harmful event."
In this session Marco Morana defines threat intelligence and describes how organizations can make that information actionable. He will discuss:
What we mean by cyber-threat intelligence and how cyber-attacks can be described and analyzed
How threat intelligence information can be actionable for responding to cyber-attacks, detect instances of malware compromises, prevent online fraud and build resilient applications
How emerging threat information exchange specifications such as TAXII/STIX affect our ability to collect and share standardized threat information with the broader community and proactively respond to cyber-attacks
Part II: Visualization of Big Data Analytics for Proactive Fraud Detection
Traditionally, big data, analytics and visualization tools have been used after the fact to analyze fraud and security breaches. In this session, we will demonstrate the proactive use of these technologies to help prevent these attacks from occurring in the first place.
Leveraging findings from massive scale real life global network activity and transaction monitoring, we will discuss:
How big data analytic modeling can be used to visualize the scope of both device and online persona threats;
How to generate sophisticated transaction risk assessments by analyzing the context and patterns of prior visitor behavior;
How to create indicators of cyber fraud activity by detecting malware infections, VPN and Proxy masking, MitB and phishing detection and bot detection.
This session was recorded during the 2014 Fraud Summit London. Additional recordings include:
Faulkner is a technology entrepreneur who has nearly two decades of experience building products and delivering mission-critical technologies that are run by the world's most trusted brands. Faulkner is a noted industry expert in issues relating to online fraud, cybercrime, identity theft, information security and networking technology. As chief products officer and co-founder at ThreatMetrix, he is responsible for product management and strategy. Prior to ThreatMetrix, Faulkner was a founder and head of products and business development for NetPriva, a leading network performance software provider, acquired by Expand Networks, now Riverbed. Prior to NetPriva, he was a senior consultant at Accenture in their e-commerce practice.
Marco Morana
SVP, UK Financial Institution, Citi, Minded Security
In his current professional role, Morana works as SVP at a large financial institution in London, where he's responsible for the architecture risk analysis program. He was previously VP and technology information security officer with the same FI in North America. In his distinguished 15+ year career in application security, Morana held roles in different companies as security consultant, application security architect, professional trainer and program manager. As cybersecurity technologist, Morana's most important contribution to cybersecurity is the invention of the first secure email plug-in using the S/MIME protocol that was patented for NASA in 1996.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.