SlideShare a Scribd company logo

Capitol Tech Talk Feb 17 2022 Cybersecurity Challenges in Financial Sector

Download as PPTX, PDF
C
CapitolTechU

This document summarizes a webinar presented by Capitol Technology University on cybersecurity challenges in the financial sector. The webinar included a presentation by Dr. Susan Goodwin on research showing an increase in cyber attacks on the financial sector during the COVID-19 pandemic. It discussed cybersecurity frameworks like NIST CSF and recommended that the financial sector adopt a framework to address vulnerabilities. The webinar provided an overview of the NIST CSF and case studies of universities that successfully used the framework.

1 of 42
Capitol Technology University Presents
Presented by Dr. Susan Goodwin Cybersecurity Challenges in the Financial Sector
Agenda Bill Gibbs Cap Tech Talks Host 1. About Capitol Technology University 2. Session pointers 3. About the presenter 4. Presentation: Dr. Susan Goodwin 5. Q & A 6. Upcoming webinars 7. Recording, Slides, Certificate
About Established in 1927, We are one of the only private Universities in the state of Maryland specifically dedicated to engineering, cybersecurity, computer sciences and tech management.
Nonprofit, Private & Accredited Capitol is a nonprofit, private accredited university located in Laurel, Maryland, USA Capitol Technology University is accredited by the Commission on Higher Education of the Middle States Association of Colleges and Schools The University is authorized by the State of Maryland to confer Associate’s (A.A.S.), Bachelor’s (B.S.), Master’s (M.S., M.B.A., T.M.B.A), and Doctoral (D.B.A.,D.Sc., Ph.D.) degrees.
Session Pointers • We will answer questions at the conclusion of the presentation. At any time you can post a question in the text chat and we will answer as many as we can. • Microphones and webcams are not activated for participants. • A link to the recording and to the slides will be sent to all registrants and available on our webinar web page. • A participation certificate is available by request for both Live Session and On Demand viewers.
Presented by Dr. Susan Goodwin Cybersecurity Challenges in the Financial Sector
About the presenter: Dr. Susan Goodwin • Cybersecurity Consultant / Subject Matter Expert • Capitol Technology University: • Ph.D. Technology (2020) • Adjunct Faculty / Dissertation Chair • University of Massachusetts Lowell (M.S. Cybersecurity, M.S. Information Technology, B.S. Computer Science) • Senior Member: IEEE, Society of Women Engineers • Industry engineer experience: financial, healthcare, government, military, and commercial; research, development, consulting, cybersecurity/information assurance, system administration, release engineering, documentation, quality assurance, risk management • Musician: cello, flute
Agenda  Research  Financial Sector Cybersecurity Challenges  Cybersecurity Frameworks  The NIST Cybersecurity Framework  Recommendations  Conclusion  Q&A
Research Dissertation: The Need for a Financial Sector Legal Standard to Support the NIST Framework for Improving Critical Infrastructure Cybersecurity (Dr. Susan Goodwin, Capitol Technology University, ProQuest, January 2021) • My dissertation focuses on research and analysis of reported Financial Sector risks, failures and impacts due to weak or lack of cybersecurity controls. • The study also provides analysis of success stories of Financial Sector and other entities which have adopted a cybersecurity framework. • Dissertation research findings assert an upward trend of cyber attacks in the U.S. Financial Sector during the COVID-19 pandemic, showing a need for adoption of cybersecurity best practices throughout the sector to mitigate the trend. • Several industry reports indicated a continued increase in cyber attacks from 2018 to 2020 with no downward trends.
Financial Sector Cybersecurity Challenges Global cyber attack opportunists used the 2020 COVID-19 pandemic to exploit cybersecurity vulnerabilities and gaps in the U.S. Financial Sector. In 2020, Kellerman and Murphy published a report, Modern Bank Heists, summarizing the findings of the VMWare Carbon Black survey of 25 chief information security officers from leading financial institutions https://www.vmware.com/resources/security/modern-bank-heists-2020.html
Financial Sector Cybersecurity Challenges • 27% of all cyber attacks in 2020 have targeted either the healthcare sector or the financial sector, according to VMware Carbon Black data. • Over one-quarter of all cyber attacks which occurred during the first five months of 2020 targeted the financial and healthcare sectors. • The two sectors are entities within the United States Critical Infrastructure. https://www.vmware.com/resources/security/modern-bank-heists-2020.html
Financial Sector Cybersecurity Challenges • 82% of surveyed financial institutions said cybercriminals have become more sophisticated, leveraging highly targeted social engineering attacks and advanced tactics, techniques and procedures for hiding malicious activity. • These criminals exploit weaknesses in people, processes, and technology to gain a foothold and persist in the network, enabling the ability to transfer funds and exfiltrate sensitive data. https://www.vmware.com/resources/security/modern-bank-heists-2020.html
Financial Sector Cybersecurity Challenges • 64% of surveyed financial institutions reported increased attempts of wire transfer fraud, a 17 percent increase over 2019. • The statistical upward trend only includes the first five months of 2020, but also during the beginning of the pandemic. https://www.vmware.com/resources/security/modern-bank-heists-2020.html
Financial Sector Cybersecurity Challenges • 25% of surveyed financial institutions said they were targeted by destructive attacks over the past year. • Destructive attacks are rarely conducted for financial gain. Rather, these attacks are launched to be punitive by destroying data. • One risk associated with this type of attack is the permanent loss of data when a financial sector entity does not have a data backup plan. https://www.vmware.com/resources/security/modern-bank-heists-2020.html
Financial Sector Cybersecurity Challenges • Ransomware attacks against the financial sector have increased by nine times from the beginning of February to the end of April 2020. • This statistical upward trend occurred during the onset of the pandemic in the United States. https://www.vmware.com/resources/security/modern-bank-heists-2020.html
Financial Sector Cybersecurity Challenges • 20% of surveyed financial institutions experienced a watering-hole attack during the past year. • In these attacks, financial institution and bank regulation websites are hijacked and used to pollute visitors’ browsers. • This tactic is increasing as cybercriminals recognize the implicit trust consumers have in bank brands. https://www.vmware.com/resources/security/modern-bank-heists-2020.html
Financial Sector Cybersecurity Challenges • The research results demonstrate that the number of cyber attacks in the U.S. Financial Sector continue to grow in an upward trend across several major categories of attacks between the beginning of 2018 and the end of the first five months of 2020. • The trends continued to increase upon the emergence of the 2020 COVID-19 pandemic, such as the number of ransomware attacks multiplying by nine times between February and April 2020. https://www.vmware.com/resources/security/modern-bank-heists-2020.html
Financial Sector Cybersecurity Challenges • Cybercriminals became more sophisticated and exploiting weaknesses in people, processes, and technology in the U.S. Financial Sector. • Cyber attack actors took advantage of the pandemic to further seek and exploit cyber infrastructures in the U.S. Financial Sector. https://www.vmware.com/resources/security/modern-bank-heists-2020.html
Cybersecurity Frameworks Prameet Roy, Information Security & Risk Management Consultant, performed a study in 2020 comparing the NIST Cybersecurity Framework and the ISO 27001 Information Security Standard. Roy found that both frameworks provide robust methodologies on cybersecurity which address threats and breaches, ensuring the 3 pillars of confidentiality, integrity, and availability. Roy concluded that the main advantages of the NIST Cybersecurity Framework over ISO 27001 are: • The structure of the NIST Framework enables its implementation at an enterprise level • The NIST Framework is more user friendly • The NIST Framework is streamlined https://www.nist.gov/cyberframework
Cybersecurity Frameworks • The National Institute of Standards and Technology (NIST) published the NIST Framework for Improving Critical Infrastructure Cybersecurity of 2014, followed by an updated version in 2017. • The Framework, which was developed as a joint effort between the U.S. Federal Government and the private sector, serves only as a guideline and is not mandated by any legal authority. Currently, adoption of the Framework is voluntary. https://www.nist.gov/cyberframework
The NIST Cybersecurity Framework The NIST Framework provides general guidance which pro-actively addresses the elements of each of the findings: • Risk management • Planning cybersecurity incident response • Setting policies processes, and procedures • Planning the requirements for protective technology • Planning controls and detection • Planning post-incident analysis • Planning mitigation for future incidents https://www.nist.gov/cyberframework
The NIST Cybersecurity Framework The NIST Cybersecurity Framework consists of Three Components: 1. Framework Core 2. Implementation Tiers 3. Profile https://www.nist.gov/cyberframework/online-learning/components-framework
The NIST Cybersecurity Framework 1. Framework Core • A set of desired cybersecurity activities and outcomes organized into categories and aligned to Informative References • Designed to be intuitive and simplistic • Consists of three parts: Functions, Categories, and Subcategories • Five high level functions: Identify, Protect, Detect, Respond, and Recover https://www.nist.gov/cyberframework/online-learning/components-framework
The NIST Cybersecurity Framework The NIST Cybersecurity Framework Core: https://www.nist.gov/cyberframework/online-learning/components-framework
The NIST Cybersecurity Framework 2. Implementation Tiers • Tiers describe the degree to which an organization’s cybersecurity risk management practices show the characteristics defined in the Framework • The Tiers range from Partial (Tier 1) to Adaptive (Tier 4) and describe an increasing degree of rigor, and how well integrated cybersecurity risk decisions are into broader risk decisions, and the degree to which the organization shares and receives cybersecurity info from external parties • Tiers do not necessarily represent maturity levels https://www.nist.gov/cyberframework/online-learning/components-framework
The NIST Cybersecurity Framework The NIST Cybersecurity Framework Implementation Tiers https://www.nist.gov/cyberframework/online-learning/components-framework
The NIST Cybersecurity Framework 3. Profile • An organization's unique alignment of organizational requirements, objectives, risk appetite, and resources against the desired outcomes of the Framework Core • Profiles can be used to identify opportunities for improving cybersecurity posture by comparing a “Current” Profile with a “Target” Profile https://www.nist.gov/cyberframework/online-learning/components-framework
The NIST Cybersecurity Framework The NIST Cybersecurity Framework Implementation Tiers https://www.nist.gov/cyberframework/online-learning/components-framework
The NIST Cybersecurity Framework • The authors of the NIST Framework intended its guidance to be voluntarily adoptable by any organization in any country (not only by U.S. organizations), and the Framework’s core functions are identical for all adopting organizations • The findings and recommendations from NIST Framework assessments, are examples for other organizations, such as U.S. Financial Sector entities, for cybersecurity risk assessment and mitigation through Framework adoption. • The Framework’s cybersecurity principles and risk management guidance can apply to any organization. https://www.nist.gov/cyberframework
The NIST Cybersecurity Framework According to the U.S. Government’s Cybersecurity & Infrastructure Security Agency (CISA), the NIST Cybersecurity Framework can be used for: • Alignment of mission objectives with cybersecurity decisions • Organization of security requirements derived from policy, legislation, regulation, and best practices in industry • Communication of cybersecurity requirements to stakeholders, including suppliers and partners • Integration of the risk management of civil liberties and privacy into cybersecurity activities • Measure current state and express desired state • Prioritize cybersecurity resources and objectives • Analysis of risk and expenditure trade-offs https://www.cisa.gov/using-cybersecurity-framework
The NIST Cybersecurity Framework In 2020, NIST published an online catalog of eight NIST Cybersecurity Framework global success stories, including three U.S. academic institutions: University of Kansas Medical Center, University of Pittsburgh, and University of Chicago. The university implements the Baldrige Cybersecurity Excellence Builder, a framework for self- assessment and program development, in conjunction with the NIST Cybersecurity Framework. Results and positive impact of Framework adoption by the University of Kansas Medical Center include: • Identification of gaps resulting in action plans, funding opportunities and deep alignment to the business • Better understanding by team members of their roles and engaging other employees and partners in cybersecurity protection https://www.nist.gov/cyberframework/success-stories
The NIST Cybersecurity Framework Initially, the University of Pittsburgh did not have centralized cybersecurity management or a unifying cybersecurity standard. Adoption and implementation of the Framework provided the university with “better knowledge and perspective about its management of cybersecurity risks and identified multiple opportunities for better coordination of its cybersecurity approaches, investments, and priority needs”. The benefits of Framework adoption by the University of Pittsburgh include: • Consistency in data management standards across a decentralized environment • Execution of a security assessment across the organization which identified the need for a prioritized data security mitigation and remediation plan https://www.nist.gov/cyberframework/success-stories
The NIST Cybersecurity Framework All twenty-three departments of the Biological Sciences Division of the University of Chicago benefitted from implementation of the Framework with a “consistent, risk-informed, cybersecurity program” of: • Aligned security risk expectations • A common set of target outcomes • Prioritized security goals Results of Framework implementation include the education of all users on the university’s cybersecurity program and continuous monitoring of program improvements. https://www.nist.gov/cyberframework/success-stories
Recommendations • The Financial Sector, one of sixteen Department of Homeland Security critical infrastructure sectors, should be mandated to adopt a framework such as the NIST Cybersecurity Framework, based on risk impacts and inconsistency and accountability of best practices implementation across the sector. • As an example, the NIST Cybersecurity Framework provides a tailorable outline of best practices, including risk management. https://www.nist.gov/cyberframework
Recommendations • The NIST Cybersecurity Framework has been proven to be successful in preventing cybersecurity incidents as determined in case studies from academia and various industries. • The implementation of the NIST Cybersecurity Framework in each of the cases was proven to mitigate or reduce cyber risk impacts as well as strengthen the organizations’ cybersecurity infrastructure. https://www.nist.gov/cyberframework
Conclusion • Until the U.S. Financial Sector takes action to adopt consistent cybersecurity best practices, especially as shown by vulnerabilities exposed during a pandemic, the risk impacts will continue to rise as cyber criminals become more sophisticated in their actions. • Vulnerabilities during the pandemic include gaps in infrastructure personnel coverage, cybersecurity infrastructure weaknesses due to employees working from home, delays of cybersecurity infrastructure updates. • Established and proven frameworks, such as the NIST Cybersecurity Framework, provide guidance for prevention and mitigation of such vulnerabilities.
Questions Dr. Susan Goodwin, Ph.D. Adjunct Faculty Capitol Technology University smgoodwin@captechu.edu
Upcoming Webinars Infrastructure: Critical Challenges & Differences Between the Private & Public Sectors Dr. Nikki Robinson Mar.17 Tech Career Skills Identification & Communication in Writing a Resume Connie Harrington Apr. 14 Tips for Finding Career Success in Technology Vennard Wright May 19
www.captechu.edu/webinar-series To learn more, and to register visit:
Recording, Slides & Certificate A copy of the slides and a link to the recording will be sent to all registrants. Watch for an email A Certificate of Completion is available upon request to both live session and On Demand viewers Simply reply to the email
Thanks for Joining Us! Thank You! This concludes today’s webinar Watch for a follow up email that contains: 1. How to get a Participation Certificate (Available by request for both Live Session and On Demand viewers) 2. Link to the webinar recording and slides 3. Info on upcoming webinars

More Related Content

What's hot

Cybercrime Bill 2014: Due Diligence
Cybercrime Bill 2014: Due DiligenceCybercrime Bill 2014: Due Diligence
Cybercrime Bill 2014: Due Diligence
Shiva Bissessar
 
The Future of Cybersecurity - October 2015
The Future of Cybersecurity - October 2015The Future of Cybersecurity - October 2015
The Future of Cybersecurity - October 2015
Security Innovation
 
Its not ITs problem
Its not ITs problemIts not ITs problem
Its not ITs problem
Shiva Bissessar
 
ICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security Governance
Charles Lim
 
Thinking like a hacker - Introducing Hacker Vision
Thinking like a hacker - Introducing Hacker VisionThinking like a hacker - Introducing Hacker Vision
Thinking like a hacker - Introducing Hacker Vision
PECB
 
Critical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCritical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challenges
Community Protection Forum
 
Risks and Security of Internet and System
Risks and Security of Internet and SystemRisks and Security of Internet and System
Risks and Security of Internet and System
Param Nanavati
 
Combating cyber crimes chinatu
Combating cyber crimes chinatuCombating cyber crimes chinatu
Combating cyber crimes chinatu
Chinatu Uzuegbu
 
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
Empired
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber Attacks
Tripwire
 
Cybersecurity in the Era of IoT
Cybersecurity in the Era of IoTCybersecurity in the Era of IoT
Cybersecurity in the Era of IoT
Amy Daly
 
Industrial Cybersecurity and Critical Infrastructure Protection in Europe
Industrial Cybersecurity and Critical Infrastructure Protection in EuropeIndustrial Cybersecurity and Critical Infrastructure Protection in Europe
Industrial Cybersecurity and Critical Infrastructure Protection in Europe
Positive Hack Days
 
Potential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical InfrastructurePotential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical Infrastructure
Unisys Corporation
 
Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021
Amrit Chhetri
 
Security Solutions against Computer Networks Threats
Security Solutions against Computer Networks ThreatsSecurity Solutions against Computer Networks Threats
Security Solutions against Computer Networks Threats
Eswar Publications
 
Need for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionNeed for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure Protection
William McBorrough
 
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurity
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurityImpressions from Caribbean ICT Stakeholder Meeting, CyberSecurity
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurity
Shiva Bissessar
 
ICS Supply Chain Security: Learning from Recent Incidents and Other Sectors
ICS Supply Chain Security: Learning from Recent Incidents and Other SectorsICS Supply Chain Security: Learning from Recent Incidents and Other Sectors
ICS Supply Chain Security: Learning from Recent Incidents and Other Sectors
EnergySec
 
Data Safety And Security
Data Safety And SecurityData Safety And Security
Data Safety And Security
Constantine Karbaliotis
 

What's hot (20)

Cybercrime Bill 2014: Due Diligence
Cybercrime Bill 2014: Due DiligenceCybercrime Bill 2014: Due Diligence
Cybercrime Bill 2014: Due Diligence
 
The Future of Cybersecurity - October 2015
The Future of Cybersecurity - October 2015The Future of Cybersecurity - October 2015
The Future of Cybersecurity - October 2015
 
Its not ITs problem
Its not ITs problemIts not ITs problem
Its not ITs problem
 
ICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security Governance
 
Thinking like a hacker - Introducing Hacker Vision
Thinking like a hacker - Introducing Hacker VisionThinking like a hacker - Introducing Hacker Vision
Thinking like a hacker - Introducing Hacker Vision
 
Critical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCritical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challenges
 
Risks and Security of Internet and System
Risks and Security of Internet and SystemRisks and Security of Internet and System
Risks and Security of Internet and System
 
Combating cyber crimes chinatu
Combating cyber crimes chinatuCombating cyber crimes chinatu
Combating cyber crimes chinatu
 
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber Attacks
 
Cybersecurity in the Era of IoT
Cybersecurity in the Era of IoTCybersecurity in the Era of IoT
Cybersecurity in the Era of IoT
 
Industrial Cybersecurity and Critical Infrastructure Protection in Europe
Industrial Cybersecurity and Critical Infrastructure Protection in EuropeIndustrial Cybersecurity and Critical Infrastructure Protection in Europe
Industrial Cybersecurity and Critical Infrastructure Protection in Europe
 
Potential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical InfrastructurePotential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical Infrastructure
 
Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021
 
Security Solutions against Computer Networks Threats
Security Solutions against Computer Networks ThreatsSecurity Solutions against Computer Networks Threats
Security Solutions against Computer Networks Threats
 
Need for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionNeed for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure Protection
 
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurity
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurityImpressions from Caribbean ICT Stakeholder Meeting, CyberSecurity
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurity
 
ICS Supply Chain Security: Learning from Recent Incidents and Other Sectors
ICS Supply Chain Security: Learning from Recent Incidents and Other SectorsICS Supply Chain Security: Learning from Recent Incidents and Other Sectors
ICS Supply Chain Security: Learning from Recent Incidents and Other Sectors
 
Data Safety And Security
Data Safety And SecurityData Safety And Security
Data Safety And Security
 

Similar to Capitol Tech Talk Feb 17 2022 Cybersecurity Challenges in Financial Sector

Securing Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesSecuring Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best Practices
Ulf Mattsson
 
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 Trends
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 TrendsCybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 Trends
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 Trends
Ivanti
 
Cybersecurity Day for Parliament
Cybersecurity Day for ParliamentCybersecurity Day for Parliament
Cybersecurity Day for Parliament
Oxford Martin Centre, OII, and Computer Science at the University of Oxford
 
The Role Of Data Analytics In Cybersecurity
The Role Of Data Analytics In CybersecurityThe Role Of Data Analytics In Cybersecurity
The Role Of Data Analytics In Cybersecurity
ABMCollege2
 
Cyber Security Standards Compliance
Cyber Security Standards ComplianceCyber Security Standards Compliance
Cyber Security Standards Compliance
Dr. Prashant Vats
 
Fortifying the Digital Fortress: A Comprehensive Guide to Cybersecurity Solut...
Fortifying the Digital Fortress: A Comprehensive Guide to Cybersecurity Solut...Fortifying the Digital Fortress: A Comprehensive Guide to Cybersecurity Solut...
Fortifying the Digital Fortress: A Comprehensive Guide to Cybersecurity Solut...
greendigital
 
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
TraintechTde
 
Cyber Security: Threat and Prevention
Cyber Security: Threat and PreventionCyber Security: Threat and Prevention
Cyber Security: Threat and Prevention
fmi_igf
 
A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...
Judith Beckhard Cardoso
 
Cyber Liability - Insurance Risk Management and Preparation
Cyber Liability - Insurance Risk Management and PreparationCyber Liability - Insurance Risk Management and Preparation
Cyber Liability - Insurance Risk Management and Preparation
Eric Reehl
 
ISACA ISSA Presentation
ISACA ISSA PresentationISACA ISSA Presentation
ISACA ISSA Presentation
Marc Crudgington, MBA
 
Steel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. Hawkins
Steel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. HawkinsSteel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. Hawkins
Steel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. Hawkins
lthawkins
 
SecureWeb3 - Developing a Comprehensive Cybersecurity Strategy for the Decent...
SecureWeb3 - Developing a Comprehensive Cybersecurity Strategy for the Decent...SecureWeb3 - Developing a Comprehensive Cybersecurity Strategy for the Decent...
SecureWeb3 - Developing a Comprehensive Cybersecurity Strategy for the Decent...
Prasanna Hegde
 
Lessons Learned from Implementing the Cybersecurity Capacity Maturity Model f...
Lessons Learned from Implementing the Cybersecurity Capacity Maturity Model f...Lessons Learned from Implementing the Cybersecurity Capacity Maturity Model f...
Lessons Learned from Implementing the Cybersecurity Capacity Maturity Model f...
Carolin Weisser
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit plan
Cameron Forbes Over
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit plan
Cameron Forbes Over
 
20101012 isa larry_clinton
20101012 isa larry_clinton20101012 isa larry_clinton
20101012 isa larry_clinton
CIONET
 
Top 10 Cybersecurity Predictions for 2015
Top 10 Cybersecurity Predictions for 2015Top 10 Cybersecurity Predictions for 2015
Top 10 Cybersecurity Predictions for 2015
Matthew Rosenquist
 
State-of-Cybersecurity-2022_WHPSC22_res_eng_0322.pdf
State-of-Cybersecurity-2022_WHPSC22_res_eng_0322.pdfState-of-Cybersecurity-2022_WHPSC22_res_eng_0322.pdf
State-of-Cybersecurity-2022_WHPSC22_res_eng_0322.pdf
Fadli Wirya Wirawan
 

Similar to Capitol Tech Talk Feb 17 2022 Cybersecurity Challenges in Financial Sector (20)

Securing Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesSecuring Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best Practices
 
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 Trends
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 TrendsCybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 Trends
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 Trends
 
Cybersecurity Day for Parliament
Cybersecurity Day for ParliamentCybersecurity Day for Parliament
Cybersecurity Day for Parliament
 
The Role Of Data Analytics In Cybersecurity
The Role Of Data Analytics In CybersecurityThe Role Of Data Analytics In Cybersecurity
The Role Of Data Analytics In Cybersecurity
 
Cyber Security Standards Compliance
Cyber Security Standards ComplianceCyber Security Standards Compliance
Cyber Security Standards Compliance
 
Fortifying the Digital Fortress: A Comprehensive Guide to Cybersecurity Solut...
Fortifying the Digital Fortress: A Comprehensive Guide to Cybersecurity Solut...Fortifying the Digital Fortress: A Comprehensive Guide to Cybersecurity Solut...
Fortifying the Digital Fortress: A Comprehensive Guide to Cybersecurity Solut...
 
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
 
Cyber Security: Threat and Prevention
Cyber Security: Threat and PreventionCyber Security: Threat and Prevention
Cyber Security: Threat and Prevention
 
A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...
 
Cyber Liability - Insurance Risk Management and Preparation
Cyber Liability - Insurance Risk Management and PreparationCyber Liability - Insurance Risk Management and Preparation
Cyber Liability - Insurance Risk Management and Preparation
 
ISACA ISSA Presentation
ISACA ISSA PresentationISACA ISSA Presentation
ISACA ISSA Presentation
 
Steel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. Hawkins
Steel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. HawkinsSteel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. Hawkins
Steel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. Hawkins
 
SecureWeb3 - Developing a Comprehensive Cybersecurity Strategy for the Decent...
SecureWeb3 - Developing a Comprehensive Cybersecurity Strategy for the Decent...SecureWeb3 - Developing a Comprehensive Cybersecurity Strategy for the Decent...
SecureWeb3 - Developing a Comprehensive Cybersecurity Strategy for the Decent...
 
Lessons Learned from Implementing the Cybersecurity Capacity Maturity Model f...
Lessons Learned from Implementing the Cybersecurity Capacity Maturity Model f...Lessons Learned from Implementing the Cybersecurity Capacity Maturity Model f...
Lessons Learned from Implementing the Cybersecurity Capacity Maturity Model f...
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit plan
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit plan
 
20101012 isa larry_clinton
20101012 isa larry_clinton20101012 isa larry_clinton
20101012 isa larry_clinton
 
Top 10 Cybersecurity Predictions for 2015
Top 10 Cybersecurity Predictions for 2015Top 10 Cybersecurity Predictions for 2015
Top 10 Cybersecurity Predictions for 2015
 
State-of-Cybersecurity-2022_WHPSC22_res_eng_0322.pdf
State-of-Cybersecurity-2022_WHPSC22_res_eng_0322.pdfState-of-Cybersecurity-2022_WHPSC22_res_eng_0322.pdf
State-of-Cybersecurity-2022_WHPSC22_res_eng_0322.pdf
 

More from CapitolTechU

Capitol Doctoral Presentation -June 2024v2.pptx
Capitol Doctoral Presentation -June 2024v2.pptxCapitol Doctoral Presentation -June 2024v2.pptx
Capitol Doctoral Presentation -June 2024v2.pptx
CapitolTechU
 
Capitol Tech U Doctoral Info Session-June 30 2024.pptx
Capitol Tech U Doctoral Info Session-June 30 2024.pptxCapitol Tech U Doctoral Info Session-June 30 2024.pptx
Capitol Tech U Doctoral Info Session-June 30 2024.pptx
CapitolTechU
 
Capitol Masters Presentation June 2024.pptx
Capitol Masters Presentation June 2024.pptxCapitol Masters Presentation June 2024.pptx
Capitol Masters Presentation June 2024.pptx
CapitolTechU
 
CapTechTalks Webinar Slides June 2024 Donovan Wright.pptx
CapTechTalks Webinar Slides June 2024 Donovan Wright.pptxCapTechTalks Webinar Slides June 2024 Donovan Wright.pptx
CapTechTalks Webinar Slides June 2024 Donovan Wright.pptx
CapitolTechU
 
slides CapTechTalks Webinar May 2024 Alexander Perry.pptx
slides CapTechTalks Webinar May 2024 Alexander Perry.pptxslides CapTechTalks Webinar May 2024 Alexander Perry.pptx
slides CapTechTalks Webinar May 2024 Alexander Perry.pptx
CapitolTechU
 
Capitol Tech U Masters Presentation May 2024
Capitol Tech U Masters Presentation May 2024Capitol Tech U Masters Presentation May 2024
Capitol Tech U Masters Presentation May 2024
CapitolTechU
 
Capitol Tech Univ Doctoral Presentation -May 2024
Capitol Tech Univ Doctoral Presentation -May 2024Capitol Tech Univ Doctoral Presentation -May 2024
Capitol Tech Univ Doctoral Presentation -May 2024
CapitolTechU
 
CapTechU Masters Presentation April 2024.pptx
CapTechU Masters Presentation April 2024.pptxCapTechU Masters Presentation April 2024.pptx
CapTechU Masters Presentation April 2024.pptx
CapitolTechU
 
Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptx
CapitolTechU
 
Slides CapTechTalks Webinar April 2024 Ilia Kolochenko.pptx
Slides CapTechTalks Webinar April 2024 Ilia Kolochenko.pptxSlides CapTechTalks Webinar April 2024 Ilia Kolochenko.pptx
Slides CapTechTalks Webinar April 2024 Ilia Kolochenko.pptx
CapitolTechU
 
CapTechU Masters Info Session March 2024.pptx
CapTechU Masters Info Session March 2024.pptxCapTechU Masters Info Session March 2024.pptx
CapTechU Masters Info Session March 2024.pptx
CapitolTechU
 
Slides CapTechTalks Webinar March 2024 Joshua Sinai.pptx
Slides CapTechTalks Webinar March 2024 Joshua Sinai.pptxSlides CapTechTalks Webinar March 2024 Joshua Sinai.pptx
Slides CapTechTalks Webinar March 2024 Joshua Sinai.pptx
CapitolTechU
 
CapTechU Doctoral Presentation -March 2024 slides.pptx
CapTechU Doctoral Presentation -March 2024 slides.pptxCapTechU Doctoral Presentation -March 2024 slides.pptx
CapTechU Doctoral Presentation -March 2024 slides.pptx
CapitolTechU
 
Masters Presentation - February 2024.pptx
Masters Presentation - February 2024.pptxMasters Presentation - February 2024.pptx
Masters Presentation - February 2024.pptx
CapitolTechU
 
Capitol Doctoral Presentation -Feb 2024.pptx
Capitol Doctoral Presentation -Feb 2024.pptxCapitol Doctoral Presentation -Feb 2024.pptx
Capitol Doctoral Presentation -Feb 2024.pptx
CapitolTechU
 
CapTechTalks Webinar Feb 2024 Darrell Burrell.pptx
CapTechTalks Webinar Feb 2024 Darrell Burrell.pptxCapTechTalks Webinar Feb 2024 Darrell Burrell.pptx
CapTechTalks Webinar Feb 2024 Darrell Burrell.pptx
CapitolTechU
 
Masters Presentation - January 2024.pptx
Masters Presentation - January 2024.pptxMasters Presentation - January 2024.pptx
Masters Presentation - January 2024.pptx
CapitolTechU
 
Capitol Tech U Doctoral Presentation -Jan 2024
Capitol Tech U Doctoral Presentation -Jan 2024Capitol Tech U Doctoral Presentation -Jan 2024
Capitol Tech U Doctoral Presentation -Jan 2024
CapitolTechU
 
CapTech Talks Webinar December 2023 Diane Janosek.pptx
CapTech Talks Webinar December 2023 Diane Janosek.pptxCapTech Talks Webinar December 2023 Diane Janosek.pptx
CapTech Talks Webinar December 2023 Diane Janosek.pptx
CapitolTechU
 
CapTech Talks Webinar November 2023 Tom Vazdar slides.pptx
CapTech Talks Webinar November 2023 Tom Vazdar slides.pptxCapTech Talks Webinar November 2023 Tom Vazdar slides.pptx
CapTech Talks Webinar November 2023 Tom Vazdar slides.pptx
CapitolTechU
 

More from CapitolTechU (20)

Capitol Doctoral Presentation -June 2024v2.pptx
Capitol Doctoral Presentation -June 2024v2.pptxCapitol Doctoral Presentation -June 2024v2.pptx
Capitol Doctoral Presentation -June 2024v2.pptx
 
Capitol Tech U Doctoral Info Session-June 30 2024.pptx
Capitol Tech U Doctoral Info Session-June 30 2024.pptxCapitol Tech U Doctoral Info Session-June 30 2024.pptx
Capitol Tech U Doctoral Info Session-June 30 2024.pptx
 
Capitol Masters Presentation June 2024.pptx
Capitol Masters Presentation June 2024.pptxCapitol Masters Presentation June 2024.pptx
Capitol Masters Presentation June 2024.pptx
 
CapTechTalks Webinar Slides June 2024 Donovan Wright.pptx
CapTechTalks Webinar Slides June 2024 Donovan Wright.pptxCapTechTalks Webinar Slides June 2024 Donovan Wright.pptx
CapTechTalks Webinar Slides June 2024 Donovan Wright.pptx
 
slides CapTechTalks Webinar May 2024 Alexander Perry.pptx
slides CapTechTalks Webinar May 2024 Alexander Perry.pptxslides CapTechTalks Webinar May 2024 Alexander Perry.pptx
slides CapTechTalks Webinar May 2024 Alexander Perry.pptx
 
Capitol Tech U Masters Presentation May 2024
Capitol Tech U Masters Presentation May 2024Capitol Tech U Masters Presentation May 2024
Capitol Tech U Masters Presentation May 2024
 
Capitol Tech Univ Doctoral Presentation -May 2024
Capitol Tech Univ Doctoral Presentation -May 2024Capitol Tech Univ Doctoral Presentation -May 2024
Capitol Tech Univ Doctoral Presentation -May 2024
 
CapTechU Masters Presentation April 2024.pptx
CapTechU Masters Presentation April 2024.pptxCapTechU Masters Presentation April 2024.pptx
CapTechU Masters Presentation April 2024.pptx
 
Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptx
 
Slides CapTechTalks Webinar April 2024 Ilia Kolochenko.pptx
Slides CapTechTalks Webinar April 2024 Ilia Kolochenko.pptxSlides CapTechTalks Webinar April 2024 Ilia Kolochenko.pptx
Slides CapTechTalks Webinar April 2024 Ilia Kolochenko.pptx
 
CapTechU Masters Info Session March 2024.pptx
CapTechU Masters Info Session March 2024.pptxCapTechU Masters Info Session March 2024.pptx
CapTechU Masters Info Session March 2024.pptx
 
Slides CapTechTalks Webinar March 2024 Joshua Sinai.pptx
Slides CapTechTalks Webinar March 2024 Joshua Sinai.pptxSlides CapTechTalks Webinar March 2024 Joshua Sinai.pptx
Slides CapTechTalks Webinar March 2024 Joshua Sinai.pptx
 
CapTechU Doctoral Presentation -March 2024 slides.pptx
CapTechU Doctoral Presentation -March 2024 slides.pptxCapTechU Doctoral Presentation -March 2024 slides.pptx
CapTechU Doctoral Presentation -March 2024 slides.pptx
 
Masters Presentation - February 2024.pptx
Masters Presentation - February 2024.pptxMasters Presentation - February 2024.pptx
Masters Presentation - February 2024.pptx
 
Capitol Doctoral Presentation -Feb 2024.pptx
Capitol Doctoral Presentation -Feb 2024.pptxCapitol Doctoral Presentation -Feb 2024.pptx
Capitol Doctoral Presentation -Feb 2024.pptx
 
CapTechTalks Webinar Feb 2024 Darrell Burrell.pptx
CapTechTalks Webinar Feb 2024 Darrell Burrell.pptxCapTechTalks Webinar Feb 2024 Darrell Burrell.pptx
CapTechTalks Webinar Feb 2024 Darrell Burrell.pptx
 
Masters Presentation - January 2024.pptx
Masters Presentation - January 2024.pptxMasters Presentation - January 2024.pptx
Masters Presentation - January 2024.pptx
 
Capitol Tech U Doctoral Presentation -Jan 2024
Capitol Tech U Doctoral Presentation -Jan 2024Capitol Tech U Doctoral Presentation -Jan 2024
Capitol Tech U Doctoral Presentation -Jan 2024
 
CapTech Talks Webinar December 2023 Diane Janosek.pptx
CapTech Talks Webinar December 2023 Diane Janosek.pptxCapTech Talks Webinar December 2023 Diane Janosek.pptx
CapTech Talks Webinar December 2023 Diane Janosek.pptx
 
CapTech Talks Webinar November 2023 Tom Vazdar slides.pptx
CapTech Talks Webinar November 2023 Tom Vazdar slides.pptxCapTech Talks Webinar November 2023 Tom Vazdar slides.pptx
CapTech Talks Webinar November 2023 Tom Vazdar slides.pptx
 

Recently uploaded

Front Desk Management in the Odoo 17 ERP
Front Desk Management in the Odoo 17 ERPFront Desk Management in the Odoo 17 ERP
Front Desk Management in the Odoo 17 ERP
Celine George
 
NAEYC Code of Ethical Conduct Resource Book
NAEYC Code of Ethical Conduct Resource BookNAEYC Code of Ethical Conduct Resource Book
NAEYC Code of Ethical Conduct Resource Book
lakitawilson
 
Configuring Single Sign-On (SSO) via Identity Management | MuleSoft Mysore Me...
Configuring Single Sign-On (SSO) via Identity Management | MuleSoft Mysore Me...Configuring Single Sign-On (SSO) via Identity Management | MuleSoft Mysore Me...
Configuring Single Sign-On (SSO) via Identity Management | MuleSoft Mysore Me...
MysoreMuleSoftMeetup
 
How to Store Data on the Odoo 17 Website
How to Store Data on the Odoo 17 WebsiteHow to Store Data on the Odoo 17 Website
How to Store Data on the Odoo 17 Website
Celine George
 
matatag curriculum education for Kindergarten
matatag curriculum education for Kindergartenmatatag curriculum education for Kindergarten
matatag curriculum education for Kindergarten
SarahAlie1
 
Views in Odoo - Advanced Views - Pivot View in Odoo 17
Views in Odoo - Advanced Views - Pivot View in Odoo 17Views in Odoo - Advanced Views - Pivot View in Odoo 17
Views in Odoo - Advanced Views - Pivot View in Odoo 17
Celine George
 
Book Allied Health Sciences kmu MCQs.docx
Book Allied Health Sciences kmu MCQs.docxBook Allied Health Sciences kmu MCQs.docx
Book Allied Health Sciences kmu MCQs.docx
drtech3715
 
Understanding and Interpreting Teachers’ TPACK for Teaching Multimodalities i...
Understanding and Interpreting Teachers’ TPACK for Teaching Multimodalities i...Understanding and Interpreting Teachers’ TPACK for Teaching Multimodalities i...
Understanding and Interpreting Teachers’ TPACK for Teaching Multimodalities i...
Neny Isharyanti
 
The basics of sentences session 9pptx.pptx
The basics of sentences session 9pptx.pptxThe basics of sentences session 9pptx.pptx
The basics of sentences session 9pptx.pptx
heathfieldcps1
 
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
marianell3076
 
Howe Writing Center - Orientation Summer 2024
Howe Writing Center - Orientation Summer 2024Howe Writing Center - Orientation Summer 2024
Howe Writing Center - Orientation Summer 2024
Elizabeth Walsh
 
DANH SÁCH THÍ SINH XÉT TUYỂN SỚM ĐỦ ĐIỀU KIỆN TRÚNG TUYỂN ĐẠI HỌC CHÍNH QUY N...
DANH SÁCH THÍ SINH XÉT TUYỂN SỚM ĐỦ ĐIỀU KIỆN TRÚNG TUYỂN ĐẠI HỌC CHÍNH QUY N...DANH SÁCH THÍ SINH XÉT TUYỂN SỚM ĐỦ ĐIỀU KIỆN TRÚNG TUYỂN ĐẠI HỌC CHÍNH QUY N...
DANH SÁCH THÍ SINH XÉT TUYỂN SỚM ĐỦ ĐIỀU KIỆN TRÚNG TUYỂN ĐẠI HỌC CHÍNH QUY N...
thanhluan21
 
National Learning Camp( Reading Intervention for grade1)
National Learning Camp( Reading Intervention for grade1)National Learning Camp( Reading Intervention for grade1)
National Learning Camp( Reading Intervention for grade1)
SaadaGrijaldo1
 
SYBCOM SEM III UNIT 1 INTRODUCTION TO ADVERTISING
SYBCOM SEM III UNIT 1 INTRODUCTION TO ADVERTISINGSYBCOM SEM III UNIT 1 INTRODUCTION TO ADVERTISING
SYBCOM SEM III UNIT 1 INTRODUCTION TO ADVERTISING
Dr Vijay Vishwakarma
 
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
siemaillard
 
Principles of Roods Approach!!!!!!!.pptx
Principles of Roods Approach!!!!!!!.pptxPrinciples of Roods Approach!!!!!!!.pptx
Principles of Roods Approach!!!!!!!.pptx
ibtesaam huma
 
NLC Grade 3.................................... ppt.pptx
NLC Grade 3.................................... ppt.pptxNLC Grade 3.................................... ppt.pptx
NLC Grade 3.................................... ppt.pptx
MichelleDeLaCruz93
 
How to Show Sample Data in Tree and Kanban View in Odoo 17
How to Show Sample Data in Tree and Kanban View in Odoo 17How to Show Sample Data in Tree and Kanban View in Odoo 17
How to Show Sample Data in Tree and Kanban View in Odoo 17
Celine George
 
The basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxThe basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptx
heathfieldcps1
 
How to Add Colour Kanban Records in Odoo 17 Notebook
How to Add Colour Kanban Records in Odoo 17 NotebookHow to Add Colour Kanban Records in Odoo 17 Notebook
How to Add Colour Kanban Records in Odoo 17 Notebook
Celine George
 

Recently uploaded (20)

Front Desk Management in the Odoo 17 ERP
Front Desk Management in the Odoo 17 ERPFront Desk Management in the Odoo 17 ERP
Front Desk Management in the Odoo 17 ERP
 
NAEYC Code of Ethical Conduct Resource Book
NAEYC Code of Ethical Conduct Resource BookNAEYC Code of Ethical Conduct Resource Book
NAEYC Code of Ethical Conduct Resource Book
 
Configuring Single Sign-On (SSO) via Identity Management | MuleSoft Mysore Me...
Configuring Single Sign-On (SSO) via Identity Management | MuleSoft Mysore Me...Configuring Single Sign-On (SSO) via Identity Management | MuleSoft Mysore Me...
Configuring Single Sign-On (SSO) via Identity Management | MuleSoft Mysore Me...
 
How to Store Data on the Odoo 17 Website
How to Store Data on the Odoo 17 WebsiteHow to Store Data on the Odoo 17 Website
How to Store Data on the Odoo 17 Website
 
matatag curriculum education for Kindergarten
matatag curriculum education for Kindergartenmatatag curriculum education for Kindergarten
matatag curriculum education for Kindergarten
 
Views in Odoo - Advanced Views - Pivot View in Odoo 17
Views in Odoo - Advanced Views - Pivot View in Odoo 17Views in Odoo - Advanced Views - Pivot View in Odoo 17
Views in Odoo - Advanced Views - Pivot View in Odoo 17
 
Book Allied Health Sciences kmu MCQs.docx
Book Allied Health Sciences kmu MCQs.docxBook Allied Health Sciences kmu MCQs.docx
Book Allied Health Sciences kmu MCQs.docx
 
Understanding and Interpreting Teachers’ TPACK for Teaching Multimodalities i...
Understanding and Interpreting Teachers’ TPACK for Teaching Multimodalities i...Understanding and Interpreting Teachers’ TPACK for Teaching Multimodalities i...
Understanding and Interpreting Teachers’ TPACK for Teaching Multimodalities i...
 
The basics of sentences session 9pptx.pptx
The basics of sentences session 9pptx.pptxThe basics of sentences session 9pptx.pptx
The basics of sentences session 9pptx.pptx
 
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
 
Howe Writing Center - Orientation Summer 2024
Howe Writing Center - Orientation Summer 2024Howe Writing Center - Orientation Summer 2024
Howe Writing Center - Orientation Summer 2024
 
DANH SÁCH THÍ SINH XÉT TUYỂN SỚM ĐỦ ĐIỀU KIỆN TRÚNG TUYỂN ĐẠI HỌC CHÍNH QUY N...
DANH SÁCH THÍ SINH XÉT TUYỂN SỚM ĐỦ ĐIỀU KIỆN TRÚNG TUYỂN ĐẠI HỌC CHÍNH QUY N...DANH SÁCH THÍ SINH XÉT TUYỂN SỚM ĐỦ ĐIỀU KIỆN TRÚNG TUYỂN ĐẠI HỌC CHÍNH QUY N...
DANH SÁCH THÍ SINH XÉT TUYỂN SỚM ĐỦ ĐIỀU KIỆN TRÚNG TUYỂN ĐẠI HỌC CHÍNH QUY N...
 
National Learning Camp( Reading Intervention for grade1)
National Learning Camp( Reading Intervention for grade1)National Learning Camp( Reading Intervention for grade1)
National Learning Camp( Reading Intervention for grade1)
 
SYBCOM SEM III UNIT 1 INTRODUCTION TO ADVERTISING
SYBCOM SEM III UNIT 1 INTRODUCTION TO ADVERTISINGSYBCOM SEM III UNIT 1 INTRODUCTION TO ADVERTISING
SYBCOM SEM III UNIT 1 INTRODUCTION TO ADVERTISING
 
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
 
Principles of Roods Approach!!!!!!!.pptx
Principles of Roods Approach!!!!!!!.pptxPrinciples of Roods Approach!!!!!!!.pptx
Principles of Roods Approach!!!!!!!.pptx
 
NLC Grade 3.................................... ppt.pptx
NLC Grade 3.................................... ppt.pptxNLC Grade 3.................................... ppt.pptx
NLC Grade 3.................................... ppt.pptx
 
How to Show Sample Data in Tree and Kanban View in Odoo 17
How to Show Sample Data in Tree and Kanban View in Odoo 17How to Show Sample Data in Tree and Kanban View in Odoo 17
How to Show Sample Data in Tree and Kanban View in Odoo 17
 
The basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxThe basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptx
 
How to Add Colour Kanban Records in Odoo 17 Notebook
How to Add Colour Kanban Records in Odoo 17 NotebookHow to Add Colour Kanban Records in Odoo 17 Notebook
How to Add Colour Kanban Records in Odoo 17 Notebook
 

Capitol Tech Talk Feb 17 2022 Cybersecurity Challenges in Financial Sector

  • 2. Presented by Dr. Susan Goodwin Cybersecurity Challenges in the Financial Sector
  • 3. Agenda Bill Gibbs Cap Tech Talks Host 1. About Capitol Technology University 2. Session pointers 3. About the presenter 4. Presentation: Dr. Susan Goodwin 5. Q & A 6. Upcoming webinars 7. Recording, Slides, Certificate
  • 4. About Established in 1927, We are one of the only private Universities in the state of Maryland specifically dedicated to engineering, cybersecurity, computer sciences and tech management.
  • 5. Nonprofit, Private & Accredited Capitol is a nonprofit, private accredited university located in Laurel, Maryland, USA Capitol Technology University is accredited by the Commission on Higher Education of the Middle States Association of Colleges and Schools The University is authorized by the State of Maryland to confer Associate’s (A.A.S.), Bachelor’s (B.S.), Master’s (M.S., M.B.A., T.M.B.A), and Doctoral (D.B.A.,D.Sc., Ph.D.) degrees.
  • 6. Session Pointers • We will answer questions at the conclusion of the presentation. At any time you can post a question in the text chat and we will answer as many as we can. • Microphones and webcams are not activated for participants. • A link to the recording and to the slides will be sent to all registrants and available on our webinar web page. • A participation certificate is available by request for both Live Session and On Demand viewers.
  • 7. Presented by Dr. Susan Goodwin Cybersecurity Challenges in the Financial Sector
  • 8. About the presenter: Dr. Susan Goodwin • Cybersecurity Consultant / Subject Matter Expert • Capitol Technology University: • Ph.D. Technology (2020) • Adjunct Faculty / Dissertation Chair • University of Massachusetts Lowell (M.S. Cybersecurity, M.S. Information Technology, B.S. Computer Science) • Senior Member: IEEE, Society of Women Engineers • Industry engineer experience: financial, healthcare, government, military, and commercial; research, development, consulting, cybersecurity/information assurance, system administration, release engineering, documentation, quality assurance, risk management • Musician: cello, flute
  • 9. Agenda  Research  Financial Sector Cybersecurity Challenges  Cybersecurity Frameworks  The NIST Cybersecurity Framework  Recommendations  Conclusion  Q&A
  • 10. Research Dissertation: The Need for a Financial Sector Legal Standard to Support the NIST Framework for Improving Critical Infrastructure Cybersecurity (Dr. Susan Goodwin, Capitol Technology University, ProQuest, January 2021) • My dissertation focuses on research and analysis of reported Financial Sector risks, failures and impacts due to weak or lack of cybersecurity controls. • The study also provides analysis of success stories of Financial Sector and other entities which have adopted a cybersecurity framework. • Dissertation research findings assert an upward trend of cyber attacks in the U.S. Financial Sector during the COVID-19 pandemic, showing a need for adoption of cybersecurity best practices throughout the sector to mitigate the trend. • Several industry reports indicated a continued increase in cyber attacks from 2018 to 2020 with no downward trends.
  • 11. Financial Sector Cybersecurity Challenges Global cyber attack opportunists used the 2020 COVID-19 pandemic to exploit cybersecurity vulnerabilities and gaps in the U.S. Financial Sector. In 2020, Kellerman and Murphy published a report, Modern Bank Heists, summarizing the findings of the VMWare Carbon Black survey of 25 chief information security officers from leading financial institutions https://www.vmware.com/resources/security/modern-bank-heists-2020.html
  • 12. Financial Sector Cybersecurity Challenges • 27% of all cyber attacks in 2020 have targeted either the healthcare sector or the financial sector, according to VMware Carbon Black data. • Over one-quarter of all cyber attacks which occurred during the first five months of 2020 targeted the financial and healthcare sectors. • The two sectors are entities within the United States Critical Infrastructure. https://www.vmware.com/resources/security/modern-bank-heists-2020.html
  • 13. Financial Sector Cybersecurity Challenges • 82% of surveyed financial institutions said cybercriminals have become more sophisticated, leveraging highly targeted social engineering attacks and advanced tactics, techniques and procedures for hiding malicious activity. • These criminals exploit weaknesses in people, processes, and technology to gain a foothold and persist in the network, enabling the ability to transfer funds and exfiltrate sensitive data. https://www.vmware.com/resources/security/modern-bank-heists-2020.html
  • 14. Financial Sector Cybersecurity Challenges • 64% of surveyed financial institutions reported increased attempts of wire transfer fraud, a 17 percent increase over 2019. • The statistical upward trend only includes the first five months of 2020, but also during the beginning of the pandemic. https://www.vmware.com/resources/security/modern-bank-heists-2020.html
  • 15. Financial Sector Cybersecurity Challenges • 25% of surveyed financial institutions said they were targeted by destructive attacks over the past year. • Destructive attacks are rarely conducted for financial gain. Rather, these attacks are launched to be punitive by destroying data. • One risk associated with this type of attack is the permanent loss of data when a financial sector entity does not have a data backup plan. https://www.vmware.com/resources/security/modern-bank-heists-2020.html
  • 16. Financial Sector Cybersecurity Challenges • Ransomware attacks against the financial sector have increased by nine times from the beginning of February to the end of April 2020. • This statistical upward trend occurred during the onset of the pandemic in the United States. https://www.vmware.com/resources/security/modern-bank-heists-2020.html
  • 17. Financial Sector Cybersecurity Challenges • 20% of surveyed financial institutions experienced a watering-hole attack during the past year. • In these attacks, financial institution and bank regulation websites are hijacked and used to pollute visitors’ browsers. • This tactic is increasing as cybercriminals recognize the implicit trust consumers have in bank brands. https://www.vmware.com/resources/security/modern-bank-heists-2020.html
  • 18. Financial Sector Cybersecurity Challenges • The research results demonstrate that the number of cyber attacks in the U.S. Financial Sector continue to grow in an upward trend across several major categories of attacks between the beginning of 2018 and the end of the first five months of 2020. • The trends continued to increase upon the emergence of the 2020 COVID-19 pandemic, such as the number of ransomware attacks multiplying by nine times between February and April 2020. https://www.vmware.com/resources/security/modern-bank-heists-2020.html
  • 19. Financial Sector Cybersecurity Challenges • Cybercriminals became more sophisticated and exploiting weaknesses in people, processes, and technology in the U.S. Financial Sector. • Cyber attack actors took advantage of the pandemic to further seek and exploit cyber infrastructures in the U.S. Financial Sector. https://www.vmware.com/resources/security/modern-bank-heists-2020.html
  • 20. Cybersecurity Frameworks Prameet Roy, Information Security & Risk Management Consultant, performed a study in 2020 comparing the NIST Cybersecurity Framework and the ISO 27001 Information Security Standard. Roy found that both frameworks provide robust methodologies on cybersecurity which address threats and breaches, ensuring the 3 pillars of confidentiality, integrity, and availability. Roy concluded that the main advantages of the NIST Cybersecurity Framework over ISO 27001 are: • The structure of the NIST Framework enables its implementation at an enterprise level • The NIST Framework is more user friendly • The NIST Framework is streamlined https://www.nist.gov/cyberframework
  • 21. Cybersecurity Frameworks • The National Institute of Standards and Technology (NIST) published the NIST Framework for Improving Critical Infrastructure Cybersecurity of 2014, followed by an updated version in 2017. • The Framework, which was developed as a joint effort between the U.S. Federal Government and the private sector, serves only as a guideline and is not mandated by any legal authority. Currently, adoption of the Framework is voluntary. https://www.nist.gov/cyberframework
  • 22. The NIST Cybersecurity Framework The NIST Framework provides general guidance which pro-actively addresses the elements of each of the findings: • Risk management • Planning cybersecurity incident response • Setting policies processes, and procedures • Planning the requirements for protective technology • Planning controls and detection • Planning post-incident analysis • Planning mitigation for future incidents https://www.nist.gov/cyberframework
  • 23. The NIST Cybersecurity Framework The NIST Cybersecurity Framework consists of Three Components: 1. Framework Core 2. Implementation Tiers 3. Profile https://www.nist.gov/cyberframework/online-learning/components-framework
  • 24. The NIST Cybersecurity Framework 1. Framework Core • A set of desired cybersecurity activities and outcomes organized into categories and aligned to Informative References • Designed to be intuitive and simplistic • Consists of three parts: Functions, Categories, and Subcategories • Five high level functions: Identify, Protect, Detect, Respond, and Recover https://www.nist.gov/cyberframework/online-learning/components-framework
  • 25. The NIST Cybersecurity Framework The NIST Cybersecurity Framework Core: https://www.nist.gov/cyberframework/online-learning/components-framework
  • 26. The NIST Cybersecurity Framework 2. Implementation Tiers • Tiers describe the degree to which an organization’s cybersecurity risk management practices show the characteristics defined in the Framework • The Tiers range from Partial (Tier 1) to Adaptive (Tier 4) and describe an increasing degree of rigor, and how well integrated cybersecurity risk decisions are into broader risk decisions, and the degree to which the organization shares and receives cybersecurity info from external parties • Tiers do not necessarily represent maturity levels https://www.nist.gov/cyberframework/online-learning/components-framework
  • 27. The NIST Cybersecurity Framework The NIST Cybersecurity Framework Implementation Tiers https://www.nist.gov/cyberframework/online-learning/components-framework
  • 28. The NIST Cybersecurity Framework 3. Profile • An organization's unique alignment of organizational requirements, objectives, risk appetite, and resources against the desired outcomes of the Framework Core • Profiles can be used to identify opportunities for improving cybersecurity posture by comparing a “Current” Profile with a “Target” Profile https://www.nist.gov/cyberframework/online-learning/components-framework
  • 29. The NIST Cybersecurity Framework The NIST Cybersecurity Framework Implementation Tiers https://www.nist.gov/cyberframework/online-learning/components-framework
  • 30. The NIST Cybersecurity Framework • The authors of the NIST Framework intended its guidance to be voluntarily adoptable by any organization in any country (not only by U.S. organizations), and the Framework’s core functions are identical for all adopting organizations • The findings and recommendations from NIST Framework assessments, are examples for other organizations, such as U.S. Financial Sector entities, for cybersecurity risk assessment and mitigation through Framework adoption. • The Framework’s cybersecurity principles and risk management guidance can apply to any organization. https://www.nist.gov/cyberframework
  • 31. The NIST Cybersecurity Framework According to the U.S. Government’s Cybersecurity & Infrastructure Security Agency (CISA), the NIST Cybersecurity Framework can be used for: • Alignment of mission objectives with cybersecurity decisions • Organization of security requirements derived from policy, legislation, regulation, and best practices in industry • Communication of cybersecurity requirements to stakeholders, including suppliers and partners • Integration of the risk management of civil liberties and privacy into cybersecurity activities • Measure current state and express desired state • Prioritize cybersecurity resources and objectives • Analysis of risk and expenditure trade-offs https://www.cisa.gov/using-cybersecurity-framework
  • 32. The NIST Cybersecurity Framework In 2020, NIST published an online catalog of eight NIST Cybersecurity Framework global success stories, including three U.S. academic institutions: University of Kansas Medical Center, University of Pittsburgh, and University of Chicago. The university implements the Baldrige Cybersecurity Excellence Builder, a framework for self- assessment and program development, in conjunction with the NIST Cybersecurity Framework. Results and positive impact of Framework adoption by the University of Kansas Medical Center include: • Identification of gaps resulting in action plans, funding opportunities and deep alignment to the business • Better understanding by team members of their roles and engaging other employees and partners in cybersecurity protection https://www.nist.gov/cyberframework/success-stories
  • 33. The NIST Cybersecurity Framework Initially, the University of Pittsburgh did not have centralized cybersecurity management or a unifying cybersecurity standard. Adoption and implementation of the Framework provided the university with “better knowledge and perspective about its management of cybersecurity risks and identified multiple opportunities for better coordination of its cybersecurity approaches, investments, and priority needs”. The benefits of Framework adoption by the University of Pittsburgh include: • Consistency in data management standards across a decentralized environment • Execution of a security assessment across the organization which identified the need for a prioritized data security mitigation and remediation plan https://www.nist.gov/cyberframework/success-stories
  • 34. The NIST Cybersecurity Framework All twenty-three departments of the Biological Sciences Division of the University of Chicago benefitted from implementation of the Framework with a “consistent, risk-informed, cybersecurity program” of: • Aligned security risk expectations • A common set of target outcomes • Prioritized security goals Results of Framework implementation include the education of all users on the university’s cybersecurity program and continuous monitoring of program improvements. https://www.nist.gov/cyberframework/success-stories
  • 35. Recommendations • The Financial Sector, one of sixteen Department of Homeland Security critical infrastructure sectors, should be mandated to adopt a framework such as the NIST Cybersecurity Framework, based on risk impacts and inconsistency and accountability of best practices implementation across the sector. • As an example, the NIST Cybersecurity Framework provides a tailorable outline of best practices, including risk management. https://www.nist.gov/cyberframework
  • 36. Recommendations • The NIST Cybersecurity Framework has been proven to be successful in preventing cybersecurity incidents as determined in case studies from academia and various industries. • The implementation of the NIST Cybersecurity Framework in each of the cases was proven to mitigate or reduce cyber risk impacts as well as strengthen the organizations’ cybersecurity infrastructure. https://www.nist.gov/cyberframework
  • 37. Conclusion • Until the U.S. Financial Sector takes action to adopt consistent cybersecurity best practices, especially as shown by vulnerabilities exposed during a pandemic, the risk impacts will continue to rise as cyber criminals become more sophisticated in their actions. • Vulnerabilities during the pandemic include gaps in infrastructure personnel coverage, cybersecurity infrastructure weaknesses due to employees working from home, delays of cybersecurity infrastructure updates. • Established and proven frameworks, such as the NIST Cybersecurity Framework, provide guidance for prevention and mitigation of such vulnerabilities.
  • 38. Questions Dr. Susan Goodwin, Ph.D. Adjunct Faculty Capitol Technology University smgoodwin@captechu.edu
  • 39. Upcoming Webinars Infrastructure: Critical Challenges & Differences Between the Private & Public Sectors Dr. Nikki Robinson Mar.17 Tech Career Skills Identification & Communication in Writing a Resume Connie Harrington Apr. 14 Tips for Finding Career Success in Technology Vennard Wright May 19
  • 41. Recording, Slides & Certificate A copy of the slides and a link to the recording will be sent to all registrants. Watch for an email A Certificate of Completion is available upon request to both live session and On Demand viewers Simply reply to the email
  • 42. Thanks for Joining Us! Thank You! This concludes today’s webinar Watch for a follow up email that contains: 1. How to get a Participation Certificate (Available by request for both Live Session and On Demand viewers) 2. Link to the webinar recording and slides 3. Info on upcoming webinars