Embed Size (px)
Citation preview
Cyber Security Challenges
in the World of Online Payments
14 June 2016
Ofir EitanCyber Security Team LeaderInfoSec & CyberSec Unit
2
Contents
1.Personal background
2.Leumi Card Ltd.
3.Threat Landscape
4.Challenges & Unique Needs
5.Tips to Start UP!
3
Personal background
Cyber security team leader - new team, we’re hiring!
30 years old, married + dog
10 years of experience in the field of information security
Expertise: Cyber security strategy, intelligence, threat analysis,
risk assessment, training, IRP, supply chain risks, cloud security
Previous organizations: Military Intelligence Directorate, INCB
On my free time - wine enthusiast, traveling, certifications
Contacts: Find me on Linkedin - Ofir Eitan
4
Leumi Card
CONSUMERS
Digital wallet inc. Loyalty
P2P Payments
Online Statement
Online Loans
CUSTOMER SERVICE
Visual IVR
Robotic Service (POC)
MERCHANTS
Digital On Boarding
Mobile Point of Sale
Real Time Analytics
Location Based
Advertisement
DIGITAL PLATFORMS
2.6MILLION
ISSUED CARDS
40K
MERCHANTS
ACQUIRING
680K
1M MONTHLY WEBSITE VISITS
PART OF GLOBAL
LEUMI GROUP
INNOVATIVED.N.A
USE OUR APP
1600EMPLOYEES
LEUMI CARD OVERVIEW
Source: Leumi Card Financial Statement, Dec. 2015
264M$
TOTAL REVENUE
415M$
EQUITY CAPITAL
2.9BN$
TOTAL BALANCE SHEET
45M$
PROFIT
17BN$
ISSUING VOLUME
COMPANY PROFILE
8
Threat Landscape
1.Organized Crime (APT) - Bank in Bangladesh, Hospital in San
Francisco, European Central Bank and the list continues on…
Am I the next target worldwide?
2.Inside threat
3.Financial hacker
4.Skilled sensationalist
5.Cyber terrorist & political attacker (nation state or sponsored)
6.Political activist
7.Industrial espionage
9
Challenges & Unique Needs
Finance - We are a target!
We need to be up-to-date
Variety of needs, solutions and products
Multiple regulations – sectorial (BOI), payments (PCI-DSS), stock
market (SOX), juridical (ILITA)
10
Challenges & Unique Needs
Our data is our main asset
All network segments are considered highly sensitive -
containing credit and personal information
Large surface of supply-chains
11
Tips to start UP!
Reduce your BPS rate!
Sales personnel are important. Bring your IT guy to meetings!
Give us what we need + your added value
One solution = multiple mitigations
12
Tips to start UP!
Malware analysis isn’t everything. We also need: governance,
risk assessments, compliance, digital security, client/partners
anomaly detection, situation reports, network visibility, KM
IT Systems and integrations are everything!
KEEP IT SIMPLE!
13
Thank you foryour time!
Any questions?
