Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve
-
Upload
surfwatch-labs -
Category
Technology
-
view
343 -
download
0
Transcript of Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve
![Page 1: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/1.jpg)
Credit Unions Caught in the Cybercrime Cross Hairs:How to Get Ahead of the Curve
![Page 2: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/2.jpg)
Today’s Speaker
2
Adam MeyerChief Security StrategistSurfWatch Labs
![Page 3: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/3.jpg)
Tech Advances & User Demands Creating a Cyber Crisis
User Demands• 24x7 access
• Mobile banking
• Mobile deposit
3
Cyber Constraints• Small cyber team & budget
• Limited understanding
• Culture problem
VS.
![Page 4: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/4.jpg)
Regulatory Oversight Issues Creating Checkbox Compliance Trap
Regulations Must be Addressed…
BUT
COMPLIANCE SECURITY
4
![Page 5: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/5.jpg)
Examining the Credit Union Threat Landscape
These are the current “Commodities”
5
![Page 6: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/6.jpg)
Credit Unions Facing the Fraud Balloon
Cybercriminals shift their tactics to hit targets that are:
“Attractive” and “Soft”
6
![Page 7: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/7.jpg)
Anatomy of a Compromised Customer
7
Organization not following best practice
Continuous attempts without intervention
PII on Hand
![Page 8: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/8.jpg)
Anatomy of a Compromised Customer
8
Organization not following best practice x3
Organizational culture failure
Your Brand and Reputation
![Page 9: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/9.jpg)
Cybercriminals’ Avenue of Approach
9
![Page 10: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/10.jpg)
Exploring the Dark Web…
10
![Page 11: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/11.jpg)
A Major Blind Spot In Your Cyber Defenses
11
![Page 12: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/12.jpg)
12
Anonymous Overlays
![Page 13: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/13.jpg)
Real Life Example: Compromised Accounts
13
![Page 14: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/14.jpg)
Real Life Example: Card Skimmers
14
![Page 15: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/15.jpg)
What’s at Stake and Why You Should Care
• Brand and Reputation
• Customer Loyalty
• Intellectual Property
• Legal Defenses
• Sales
• IT Baselines
• Cybersecurity Strategy
Direct Impact on Your Business and Bottom Line!
15
![Page 16: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/16.jpg)
Get Your Head Out of the Sand!
16
Credit Unions are Being Targeted and the Impact of Being Breached is Huge. At Risk Are Your:
• Brand and Reputation
• Customer Loyalty
• Intellectual Property
• Legal Defenses
• Technology
There is a Direct Impact on Your Business and Bottom Line!
![Page 17: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/17.jpg)
Cyber Threat Intelligence Can Steer Your Tactical Defenses in the Right Direction
“FFIEC found that many credit unions and banks are not taking basic
cybersecurity actions.”
• Threat intelligence identified as a key cybersecurity approach by the FFIEC
• Focusing on cyber defense tactics before strategy will leave you wide open to attack
17
![Page 18: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/18.jpg)
FFIEC – Domain 1
Cyber Risk Management and OversightAddresses the BoD’s oversight and management’s development and implementation of an effective enterprise-wide cybersecurity program with comprehensive policies and procedures for establishing appropriate accountability and oversight.
Assessment Factors:
• Governance
• Risk Management
• Resources
• Training and Culture
18
![Page 19: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/19.jpg)
FFIEC – Domain 2
Threat Intelligence and CollaborationIncludes processes to effectively discover, analyze, and understand cyber threats, with the capability to share info internally and with appropriate third parties.
Assessment Factors:
• Threat Intelligence
• Monitoring and Analyzing
• Information Sharing
19
![Page 20: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/20.jpg)
More Threat Data Will Paralyze You
Sound threat intelligence allows you to easily understand your critical risks and make faster, more informed decisions
20
![Page 21: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/21.jpg)
Sharing Must Go Beyond the ISAC
21
It’s Nice, but NOT a Solution• Is your threat intelligence capability a
tool (aka a feed) or a program?- A tool would have an output- A program has an outcome
• How does threat intelligence affect decisions of the…- Incident responder- CIO- CISO- C-Suite (i.e. Business Unit leaders)- Board
![Page 22: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/22.jpg)
Where to Start and Choosing the Right Cybersecurity Strategy
22
![Page 23: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/23.jpg)
The Bottom Line…
• Average breach detection time is more than 200 days!
• Shift to prevention-based focus:
• Understand attack execution methods based on cyber trends related to your business profile
• Predict potential targeting of your systems and information
23
![Page 24: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/24.jpg)
Q&A and Additional SurfWatch Labs Resources
Credit Union Cyber Crisis Whitepaper:info.surfwatchlabs.com/cu-cyber-risk-intel-paper
SurfWatch Dark Web Intel Service: www.surfwatchlabs.com/dark-web-intelligence
Request a Demonstration:info.surfwatchlabs.com/request-demo
24
![Page 25: Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the Curve](https://reader035.fdocuments.us/reader035/viewer/2022062401/58ee73681a28ab534c8b45ed/html5/thumbnails/25.jpg)
Thank You!
www.surfwatchlabs.comFollow us at: