Hi [[ session.user.profile.firstName ]]

Modern online-banking cybercrime

The presentation analyzes current context for cybersecurity in Banking focusing on cyber threats and countermeasures.
Recorded Oct 24 2013 36 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Pierluigi Paganini
Presentation preview: Modern online-banking cybercrime

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Transitioning from a Traditional Computing Environment to a Cloud Computing Envi Recorded: Oct 24 2013 24 mins
    Morris Cody
    Introduction to Cloud Computing
    IaaS
    SaaS
    PaaS
    Transition Process
    Cloud Infrastructure Planning
    Cloud Deployment
    Cloud Management
  • The Top 10 Threats to SME's in 2013 Recorded: Oct 24 2013 15 mins
    Richard Hollis
    The presentation details and explains the most popular methodologies used over the last year in attacking small to medium size businesses and outlines the most cost-effective methods for countering these threats based on real-life case studies.
  • z/OS Vulnerability Scanning and Management Recorded: Oct 24 2013 21 mins
    Ray Overby
    Everyone is aware that non-mainframe platforms have vulnerability issues. There are a multitude of ways to compromise these platforms as well as the data residing on these platforms. Corporation’s blissfully assume that the IBM mainframe is immune to similar cyber-attacks. While we believe z/OS is a secure platform, it is still susceptible to vulnerabilities that could allow your user community the ability to compromise your z/OS systems and data. This represents a serious flaw in your mainframe security implementation as well as reputational damage and compliance violations.

    Vulnerability scanning and penetration testing is stanchly done for non-mainframe platforms and networks. However it is not currently an accepted practice to perform similar audits on z/OS systems. That is starting to change, due in part to; Advanced Targeted Treats, Industrial Espionage, Zero-Day exploits and the creation of new compliance regulations by the United States and other governments..
    This presentation will provide a best-practices overview of the need for advanced z/OS Vulnerability Scanning and the related management issues which are required to fully maintain the system integrity and security of the z/OS platform.
  • Cyber Incident Response Recorded: Oct 24 2013 21 mins
    Leighton Johnson
    The constantly evolving nature of threats and vulnerabilities not only affects individual firms and their customers, but collectively the threats pose a persistent economic and national security challenge. The concepts and principles the security professionals and their managers need to know to conduct or participate in a Cyber incident response event investigation will be presented. Ensuring that proven policies and procedures are established and followed are manager level responsibilities, along with personnel certifications and levels of expertise. These will be discussed along with critical chains of evidence collection and custody in each investigation. The laws, ethics, regulations and boundaries (both technical and political) for investigations and the investigators are next presented to help clarify positions and policies. Finally, the needed relations for the Cyber response team manager are presented; these include technical, management, law enforcement and civil relationships with professionals and organizations. Some of the current tools, tactics and procedures for conducting these activities will be discussed.
  • Message to the Board: Why you are the reason for insider threats in your organiz Recorded: Oct 24 2013 21 mins
    Chuck Georgo
    No one comes to work for you on day-1 with the intent to do you and your organization harm. They don't show up on that first day to steal your intellectual property, to sabotage your operations, or to give away or sell your secrets to competitors or other nations. They in-fact, on that first day, want to save the world, help you make lots of money, or some other goal than screwing you over. This presentation will look at the leadership factors in private sector and government agencies that creates the environment for the creation of insider threats and will offer some specific mitigations you can use to a) determine if you are at risk, and b) to do something about reducing that risk.
  • “Is Active Defense Hack Back: A Decision Matrix for Companies to Defend Themsel Recorded: Oct 24 2013 23 mins
    David Wilson
    Active Defense has been making a lot of headlines lately. Unfortunately most equate it with hack back and jump to the conclusion that it is illegal. This is a shame since Active Defense can be a very useful tool/technique/process for companies that find themselves persistently attacked. Many companies are beginning to advertise active defense but unfortunately most of it is a glorified version of current defensive systems and techniques. Active Defense cannot be automated and requires the human element. The automation is to detect an attack, once you get into traceback, intell collection and analysis you need the human in the mix. This lecture will discuss what Active Defense really is, a process to help companies address persistent attacks or loss of proprietary data or IP. A decision matrix will be presented that reveals the steps company leadership must take and the decisions they must make in order to address these problems. Finally, this presentation will address the team that is needed, malware analysis, intell collection/analysis, traceback experts, tool/technique development, law and legal analysis, and more all to provide leaders the necessary info to make informed decisions taking into account risk, liability, the law and legal issues.
  • Defining Intelligence Recorded: Oct 24 2013 20 mins
    David Swan
    There is increasing awareness of the threats on the Internet. There
    is also an increasing awareness that these threats can affect everyone – from
    the largest organizations to individual(s). As increasing numbers of people
    look to computer security companies for help, they encounter a confusing
    mess of cool sounding words – but much less substance.

    This presentation will briefly examine: where Intelligence comes from, provide
    several key definitions and examine how people can use these definitions to
    ensure they get value for dollars spent on security information.
  • The Evolving Role of Cyber Security at the Department of Homeland Security Recorded: Oct 24 2013 19 mins
    Chuck Brooks
    The presentation will examine the Department of Homeland Security's evolving role in cyber security over the past three Secretaries of DHS. Specifically, DHS's structure and institutional role will be discussed in the context of policy/enforcement issues and the public/private partnership in securing cyber space.
  • Those Living in Glass Houses Shouldn’t Throw Stones: Seven Axioms for Reasonable Recorded: Oct 24 2013 20 mins
    Captain Joe Coleman
    Almost every day the public is exposed to rather bombastic claims of Cyber War, Cyber Pearl Harbor, 9/11, and other scenarios out of the movies Die Hard 4 and Hackers. The over-the-top tone of these statements and "blanket" finger pointing at China and Eastern Europe confuse the public who confuse the already confused politicians who come up with legislation like CISPA, PIPA and government entities that spend money on cyber security like water. This presentation seeks to debunk the notion of cyber war and other Hollywood scenarios and replace it with rational and common sense solutions through the lens of "open source security." This concept looks to blend the open source development community as applied to legislation and intelligence analysis to come up with policies that don't interfere with personal privacy and makes the Internet safe for everyone.
  • Understanding your Cyber Liability- A Primer for Small & Medium Business Recorded: Oct 24 2013 24 mins
    Adam Meyer
    Understanding your Cyber Liability- A Primer for Small & Medium Business

    The largest growth area for targeted attacks, comprising 31 percent of all attacks last year was with businesses having fewer than 250 employees. Not surprising since small business is the backbone of any economy and all data has a commodity tied to it. Additionally the cost of breach notification can cost upwards of $200 per record compromised generating significant liability risk. This brief will give you an overview of the threat landscape that small and medium sized business should be concerned about and strategies they can do reduce their risk levels. Large business that utilize small business should also find this brief interesting in order to understand their supply chain risk.
  • Security in the Cloud - covering all the bases Recorded: Oct 24 2013 19 mins
    Steve Heeney
    The Cloud means delegation of responsibility, not abdication.
    Clients need to understand what security means.
    A lot of Cloud vendors throw accreditations and titles at this not always with relevance
  • Cybersecurity and Apollo 13 - let’s look at this from a position of status Recorded: Oct 24 2013 19 mins
    Martin Smith
    The Apollo moon programme was the touchstone of my youth. Everyone was immersed in its excitement and drama, especially Apollo 13. I believe the cybersecurity industry, as was the Mission Control team at the outset of the Apollo 13 disaster, appears still to be in denial as to the nature and scale of the problems we face and as confused about what to do next. I suggest it is time for us to stand back, as Gene Kranz did, and look at things from a position of status. Let’s look at what is actually happening out there, it might give us a clue as to what to do next.

    At the end of this session delegates will have learned:

    1. There is nothing to be frightened about with cybersecurity - you don’t need to be a techie to get it right.
    2. Most of the cybersecurity technical defences will already be in place within enterprises, they may just not be configured correctly or used properly.
    3. The remaining weaknesses and vulnerabilities of our IT systems and networks will be due to human error, ignorance and omission and can be fixed easily and quickly.
  • Is Cyber Security a Business Continuity Issue? Recorded: Oct 24 2013 19 mins
    David Hamilton
    Having spoken recently on 'incorporating ERM (Enterprise Risk Management) within an MBP (Modern Business Plan), I could tailor make the presentation to suit the relevant audience. The presentation would involve how to get C suite attention on cyber risk exposures in plan development, training and scenario testing. I would be exposing some very real pitfalls in trying to deal with internal politics within large (and not so large) organisations in getting an area such as cyber security relevant attention at at time of cut backs and reduced IT resources.
  • Where off line fraud meets on line fraud Recorded: Oct 24 2013 24 mins
    Michael Neary
    An observation of areas where on-line and off-line fraud combine to pose a threat to business. Off line fraud can often be neglected but as we will see it is imperative for businesses to monitor off line activities so they can better protect themselves on-line.
  • Cyber Resilience: Learning to Cope with Multifaceted Attacks Proactively Recorded: Oct 24 2013 18 mins
    Dan Solomon
    The multifaceted and advanced nature of today’s more sophisticated attacks, and looking into the future at the form they will take in years to come exposes the lack of preparedness of most companies to deal with the complexity and uncertainty they will face. The presentation will present a simulated evolution of a complex attack and highlight the challenges and typical failings, step-by-step as the attack evolves, of the crisis management process which illustrate the problems in attaining real resilience in the cyber domain. In doing so the audience will be led through a typical war game process to discover the value of simulating sophisticated and persistent attacks in order to develop greater preparedness towards more effective cyber resilience.
  • Modern online-banking cybercrime Recorded: Oct 24 2013 36 mins
    Pierluigi Paganini
    The presentation analyzes current context for cybersecurity in Banking focusing on cyber threats and countermeasures.
  • Understanding the Cybercriminal: Application of forensic psychology and criminol Recorded: Oct 24 2013 38 mins
    Dr Grainne Kirwan
    Theories of crime are an important part of criminological literature as they attempt to describe and
    explain criminality at a range of levels. These theories can help researchers and practitioners to
    understand how and why crime occurs, to predict future criminal behaviour, to prepare successful
    rehabilitative interventions for offenders and to develop appropriate crime prevention strategies. This presentation critically examines several theories of crime at societal, community, socialisation and individual levels and evaluates which of these theories are most applicable to cybercriminal incidents. A range of cybercriminal activities are identified and analysed, including; hacking, malware development and distribution, online child pornography, online predation of children, cyberterrorism, online fraud and identity theft and copyright infringement
  • The Information Assurance Heptad Recorded: Oct 24 2013 21 mins
    Michael Bacon
    The CIA Triad of confidentiality, integrity and availability has served the practice of computer and data security for many years, but in today's world it is inadequate to encompass the complexities to be found in business information.

    This presentation introduces the Information Assurance Heptad, which extends the Department of Defense 'Five Pillars Model" and Donn B Parker's Information Assurance Hexad in a model that addresses the key issues for businesses in describing their requirements for information governance and compliance.
  • Industry supporting potential employees for the future Recorded: Oct 24 2013 19 mins
    Peter Jones
    With the government wanting to fight cyber crime and get more students interested as well as the jobs marketing being so limited. This presentation is about how Zentek now works with a number of universities in the north of England and helps bring in industry standard tools and methods to academia.
Cyber Threat Summit
"Individually, we are one drop. Together, we are an ocean" Ryunosuke Satoro

The mission of ICTTF is to connect the world’s security professionals to enable them to be more productive and successful in their efforts against cyber threats.

You can join now at: www.ICTTF.org

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Modern online-banking cybercrime
  • Live at: Oct 24 2013 8:00 am
  • Presented by: Pierluigi Paganini
  • From:
Your email has been sent.
or close