MANILA, Philippines - At a recent BancNet conference at Fairmont Hotel in Makati City, IT and information security expert Andrew Jacquith urged banks and other financial networks to make key security investments from now through 2020 to address the increasing sophistication and aggressiveness of underground syndicates. Jacquith is the author of the book “Security Metrics: Replacing Fear, Uncertainty and Doubt.”
At the “Securing our Networks” Conference organized by electronic banking consortium BancNet in cooperation with network security solutions provider Silversky, Inc., Jacquith gave an overview of the financial services security threats landscape to an audience composed of IT audit and information security personnel.
He based his assessment on first half-2014 data collected from 954 US-based financial institutions. Jacquith described the modern security threats that include spam botnets, attack botnets, and financial botnets. He highlighted the increasing professionalization of the malware supply chain where malware wholesalers assemble and sell franchise “kits” for botnets and “ransom ware” and where anonymized currencies grease the wheels of commerce, making it harder to “follow the money.”
“Attackers have access to more weapons, are better disguised, and are more professional than ever before. They are more determined and persistent,” he said.
“The cloud is becoming more complex, with serious implications for security,” he added. He identified key security investment areas for banks and other financial institutions, namely, the acquisition of technology for preventing security breach, the honing of competencies in network security monitoring and incident response, and the development of traits and behavior that encourage security awareness, phishing resistance, and custodianship. He also recommended the installation of multi-layered defenses on company PCs and investing in a highly-skilled, highly trained, security event detection and response staff.
Aside from Jacquith, IT and information security expert Justin Riek and Qualified Security Assessor and sought-after speaker on IT security Tom Neclerio also shared their insights on network security.
Riek provided an overview of industry trends around secure cloud storage and document workflows as well as how to maximize return on investment for banks that decide to pursue the use of secure mobility solutions. He has over 15 years of IT and information security experience and is currently with Citrix Systems in their Data Sharing division where he enables Fortune 5000 organizations to securely share and access data in today’s complex enterprise IT environments.
Neclerio explored lessons learned from past data security breaches and the major developments in the Payment Card Industry Data Security Standards (PCI DSS).
BancNet is the leading electronic banking network in the country whose 112 member financial institutions and affiliates together have more than 12,500 ATMs and 44.2 million ATM cardholders. It holds the Securing Our Networks conference annually as part of its continuing education program for members. SilverSky is the largest provider of network security solutions to the US financial services industry and an expert in cloud computing.