Thriving in the face of cyber uncertaintySecurity evolved to grow your business

Mike Kehoe

May 2019

WW Programme Director , Threat & Intelligence IBM Security

IBM Security Connect:https://www.ibm.com/security/intelligence-analysis/i2

IBM Security / © 2019 IBM Corporation 4

The Digital Economy is the digitization (or moving online) many of the traditional activities and offerings that historically were only available to customers when physically inside of a commercial entity

In relation to the banking sector this would have include: Money Deposits, Withdrawals & Transfers. Checking/Saving Account Management.

What digital Economy is delivering Business efficiency -Cost savings -Increased accuracy -Improved competitiveness –Enhanced security –

The Digital Economy continues to evolve but its not new to IBM !

The first modern ATM was an IBM 2984

IBM Security / © 2019 IBM Corporation 5

With new business growth opportunities comes new opportunities for financial crimes

1) Behind every threat vector is a threat actor

2 ) In a connected and online world every transaction has a digital foot print

3) There is no such thing as luck , successful attacks have a threat vector

4) Threat actors are smart ……….really smart !!!

The Digital Economy has a dark side

Old opportunities for financial crimes….. The Threat Surfaces

New opportunities for financial crimes….. The Threat Surfaces

Money launderingSyndetic IDS

Phishing Campaign / Account Take Over ( Internal / External )

Card Fraud:–ATM , Credit & Debit

Cyber AttacksMan in the Middle

Organized Crime RingsJackpotting

Back Ground Screening

Insider

Cyber Analysis

Insider Threats

System Abuse

System AbuseThreat Discovery

Stakeholder Protection

1

2

Cyber Threat Hunting

Insider Threat

3 Stakeholder Protection

4 Threat Discovery ( AML , ABC , EDD ) 6 Active Watch Lists

Aka Vetting , Sanctions

Stakeholder Protection

5 Combatting FraudAKA System Abuse

Threat Hunting

Most common threat vectors in the commercial space

Blue Light i2i

The Fundementals of Crimes has nit Changed ?

Financial crimes is carried out by individuals, corporations, or by organized crime groups to illegal obtain funds by deception, falsify documentation, or conceal illicit

activities as a means to abuse / exploit financial systems and its stakeholders .

Impacts are Financial in nature ( 3R’s )

Reputational

Regulatory

Revenue ( primary / secondary )

The 3R’s Impacts of Financial Crimes

Types of Fraud and Financial Crimes....... Transactional

Card / Payment Fraud Insurance Fraud Forgery & counterfeiting Insider Cyber Crime

• Credit / Debit Card

• ATM

• Fuel / Shopping cards

• Loyalty Programs

• Online payments

• Auto

• Health

• Property

• Pet

• Life

• Opportunistic

• Revenge

• Ideology

• Ignorance • Coerce

• Shipping / storage

• Withdrawals

• Tax evasion

• Shell Companies

• Returns

• Identity theft

• Man in the middle

• Phishing

• Embezzlement

Customers >>>> CISO / FIUs / SIUs / Fraud Investigators / Threat Managements / Risk Compliance

Types of Fraud and Financial Crimes....... Regulatory

Money Laundering Sanction Violation

Detection Anti Bribery and Corruption Due Diligence

• Gaming

• Goods returns

• Mule Accounts

• Ghost companies

• PEP (politically exposed person)

• Insider

• Watch listed

• Beneficial Ownership

• Degree of Separation

• Identity Resolution

• Synthetic ID

• Embargo trading

• Hedge funds

• Shell Company

Customers >>>> FIUs / SIUs / MLRO / CRO / Risk Compliance

Financial Crimes....... Use cases

MORE TO FOLLOW

IBM Security 2019 …….the Good Guys

IBM Security / © 2019 IBM Corporation 15

DigitalTrust

Threat Management

Strategyand Risk

Get Ahead of Risk and Compliance

Build Leadership and Culture

Detect and Stop Advanced Threats

Orchestrate Incident Response

Master Threat Hunting

Protect Critical Assets

Govern Users and Identities

Deliver Digital Identity Trust

Secure Hybrid Cloud

Unify Endpoint Management

The Threatscape has evolved , so have we.

IBM Security / © 2019 IBM Corporation 16

2019+Connected security,at the “speed of cloud”

2011-2018Security intelligenceacross the enterprise

Before 2011Bolt-on security for IT projects

SECURITYINTELLIGENCE

APPS

MOBILE

ENDPOINT

THREATINTEL

NETWORK

ADVANCEDFRAUD

IDENTITY& ACCESS

DATA

Beyond…AI, quantum, IoT, blockchain security

IBM helps across the entire Security Spectrum

IBM Security / © 2019 IBM Corporation 17

Get Ahead of Risk and Compliance• Strategy and Planning • Risk Assessments• Advisory Services

Build Leadership and Culture• X-Force Cyber Range• Cyber Tactical Operations Center

Detect and Stop Advanced Threats• Security Operations Consulting• X-Force Threat Mgmt. Services• X-Force Red• QRadar• Managed SIEM

Orchestrate Incident Response• Resilient • X-Force IRIS

Master Threat Hunting• i2 Intelligence Analysis• QRadar Advisor with Watson

Protect Critical Assets• SDLC Consulting• Data Protection Services• AppScan• Guardium• Data Risk Manager• Multi-cloud Encryption• Key Lifecycle Manager

Govern Users and Identities• Identity Mgmt. Services• Identity Governance• Cloud Identity• Access Manager

Deliver Digital Identity Trust• Trusteer• Cloud Identity

Secure Hybrid Cloud• Infrastructure and

Endpoint Services• Hybrid Cloud

Security Services• QRadar Cloud Analytics• Cloud Identity• Guardium for Cloud

Unify Endpoint Management• Endpoint Mgmt. Services• MaaS360• BigFix

IBM Security / © 2019 IBM Corporation

18

Strategyand Risk

FSS Cyber Range War Games

Mobile Command Center

Red Team pend testing

WW experts and partners covering the full security spectrum

Considerations for Digital Banking

IBM Security / © 2019 IBM Corporation

Threat ManagementConsiderations for Digital Banking

Security Operations Center

Products

Process

People

IBM Security / © 2019 IBM Corporation

Threat ManagementConsiderations for Digital Banking

Move Faster then the speed of threat

Tier O ne Tier Tw o Tier Three

Progression from transactional to sophisticated

Intelligence & Investigation Transactional R ules Correlation R ules

A utom ated D etection ExploratoryEvents C onnections

Continual Process Im provem ent

IBM Security / © 2019 IBM Corporation

DigitalTrust IAM

PrivilegedAccess

Management

Identity Governance & Administration

Access Management & AuthenticationConsiderations for Digital Banking

Access Management

Stop threats in real time at the transaction

IBM Security / © 2019 IBM Corporation 22

Connected ecosystem

Operational simplicity

Global-scale AI and analytics

Experts on-demand

The only open, cloud-based security platformthat doesn’t demand migrating your data

IBM Security Connect

The future of security is connected

IBM Security / © 2019 IBM Corporation

A Threat is,

A Threat is,

A Threat

Cyber Analysis

Insider Threats

System Abuse

System Abuse Adaptive Watch Lists Threat Discovery

Stakeholder Protection

1

2

Cyber Threat Hunting

Insider Threat

3 Stakeholder Protection

4 Threat Discovery6 Active Watch Lists

Aka Vetting

Stakeholder Protection

5 Combatting FraudAKA System Abuse

Most common threat vectors in the commercial space

FSSThreat vectors

ibm.com/security

securityintelligence.com

xforce.ibmcloud.com

@ibmsecurity

youtube/user/ibmsecuritysolutions

© Copyright IBM Corporation 2019. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.

FOLLOW US ON:

THANK YOU

ibm.com/security/community

Cybersecurity is a universal challenge

IBM Security / © 2019 IBM Corporation 26

5 billionpersonal data records stolen

20.8 billion things we needto secure

$6 trillionlost to cybercrime over the next 2 years

What’s at stake…

Organizations are using

too manytools from too many vendors

Too many tools

GDPR fines can cost

billionsfor large global companies

Compliance updates

By 2022, CISOs will face

1.8 million unfulfilled cybersecurity jobs

Skills shortageWhat we face…