Cybersecurity: Ongoing Challenges and Increasing Threats (Medium and Large Firm Focus) Wednesday, May 25 10:00 a.m. 11:00 a.m.

Transcription

1 Cybersecurity: Ongoing Challenges and Increasing Threats (Medium and Large Firm Focus) Wednesday, May 25 10:00 a.m. 11:00 a.m. Hear about the latest IT security threats to your clients and to your practice. This update will highlight the threats that are prevalent today and what steps you should take to protect you and your clients. Panelists will share useful practices for protecting your practice. Moderator: John Brady Vice President and Chief Information Security Officer FINRA Technology Administration Panelists: Gerard (Jerry) Brady Managing Director, Chief Information Security Officer and Global Head of IT Security Morgan Stanley Michelle Wraight Director and Chief Privacy Officer Pershing LLC Andy Zolper Chief Information Security Officer Raymond James Financial, Inc Financial Industry Regulatory Authority, Inc. All rights reserved. 1

2 Cybersecurity: Ongoing Challenges and Increasing Threats (Medium and Large Firm Focus) Panelist Bios: Moderator: John Brady is a Vice President in Technology for Cyber and Information Security for FINRA, and is the organization s Chief Information Security Officer (CISO). In this capacity, he is responsible for all aspects of FINRA s information and cyber security programs, as well as ensures compliance with related laws and regulations. He oversees staff focused in four primary information security areas: security architecture and controls, security management tools, application security, and identity management. Mr. Brady, along with counterparts in FINRA s Data Privacy Office, establishes policy and technical controls to ensure information is appropriately protected throughout its lifecycle. He began his career with FINRA over 10 years ago as the Director of Networks and Firewalls. He then broadened and deepened his technical knowledge by taking on responsibility for server and storage infrastructure, where he led system engineering efforts to expand capacity and performance of Market Regulation systems in response to data volumes growing more than 40 percent year over year. Mr. Brady recently led the establishment, design, and implementation of FINRA s new data centers and the seamless migration of more than 175 applications from an outsourcer to those new data centers. Prior to the commencement of his work with FINRA in October 2002, Mr. Brady was Director of Networks at VeriSign from 2000 to 2002 and Network Solutions from 1998 to From 1995 to 1998, he built and operated Citibank s Internet Web and services as Vice President, Internet Services. From 1993 to 1995, Mr. Brady worked for Sun Microsystems as Senior Consultant, where he built integrated network systems for prominent customers. Mr. Brady began his professional career as a member of technical staff at The Aerospace Corporation from 1987 to 1993, designing satellite systems and command and control networks for the Air Force Space Command. Mr. Brady holds a bachelor s degree in Computer and Electrical Engineering from Purdue University of West Lafayette in Indiana, and a master s degree in Industrial Engineering and Operations Research from the University of California at Berkeley. He also is an (ISC)2 Certified Information Systems Security Professional (CISSP). Panelists: Gerard Brady is a Managing Director of Morgan Stanley in Technology and Data based in New York. He is the Head of IT Security and is the Chief Information Security Officer. Mr. Brady joined Morgan Stanley in August 2005 and has more than 26 years of industry experience in information security. Prior to joining the firm, Mr. Brady worked at Guardent (acquired by VeriSign), where he was the Chief Technology Officer and Chief Security Officer. Before joining Guardent, Mr. Brady worked at Prudential as the Enterprise Information Security Officer and at Internet Security Systems running emerging technologies and enterprise security software. Michelle Wraight is Director and Chief Privacy Officer at Pershing, LLC, a BNY Mellon Company, with firm-wide responsibilities for managing the Privacy and Data Protection Program. She has been with Pershing since Ms. Wraight has over 20 years of experience in the Information Security and Data Protection field, having worked in both the pharmaceutical and financial industries. Prior to her current position, Ms. Wraight was the Information Security Officer at Pershing Managed Account Solutions. Ms. Wraight has shared her many years of security and privacy expertise with clients and colleagues through several speaking engagements at Pershing, BNY Mellon, SIFMA, FINRA, International Association of Privacy Professionals, Industry Conferences and a local University. Mr. Wraight holds a bachelor's degree in Information Technology is a member of the FBI Infragard Program, the International Association of Privacy Professionals and has achieved CISM (Certified Information Security Manager) and CRISC (Certified in Risk and Information Systems Control) industry certifications. Andy Zolper is Chief Information Security Officer for Raymond James Financial, Inc., a diversified financial services provider with subsidiaries engaged in investment and financial planning, investment banking and asset management. Through its three broker-dealer subsidiaries, Raymond James Financial has more than 6,300 financial advisers, serving more than 2.5 million accounts in more than 2,500 locations throughout the United States, Canada and overseas. As CISO, Mr. Zolper provides strategic direction to identify appropriate security measures, sponsors implementation of security solutions, manages daily security operations and provides governance to manage technology risk all 2016 Financial Industry Regulatory Authority, Inc. All rights reserved. 2

3 in order to help Raymond James achieve its business objectives. Mr. Zolper was previously at UBS as CISO of its Wealth Management Americas division, and later as global head of IT Risk Management. Prior to joining UBS, he led teams in IT risk management, global program management and business process reengineering at JPMorgan Chase. Before working at JPMC, Mr. Zolper was responsible for application development at Sterling Resources Inc., and developed the company's process reengineering, e-learning and knowledge management software products. Before joining Sterling Resources, he served in various management roles at Verizon, ranging from staff director of competitive intelligence analysis to field management of "fiber to the curb" deployment. Mr. Zolper graduated from the Virginia Military Institute. He is a U.S. Marine Corps veteran, having served as a communications and signals intelligence officer. He is a graduate of SIFMA's Securities Industry Institute at The Wharton School, a Registered Operations Professional (Series 99), a certified Six Sigma Black Belt and a Certified Information Security Manager (CISM). He represents Raymond James on the Advisory Council of BITS, the technology policy division of The Financial Services Roundtable, and is a member of SIFMA s Cyber Security Working Group Financial Industry Regulatory Authority, Inc. All rights reserved. 3

4 FINRA Annual Conference May 23 25, 2016 Washington, DC Cybersecurity: Ongoing Challenges and Increasing Threats (Medium and Large Firm Focus)

5 Panelists Moderator John Brady, Vice President and Chief Information Security Officer, FINRA Technology Administration Panelists Jerry Brady, Managing Director, Chief Information Security Officer and Global Head of IT Security, Morgan Stanley Michelle Wraight, Director and Chief Privacy Officer, Pershing LLC Andy Zolper, Chief Information Security Officer, Raymond James Financial, Inc. FINRA Annual Conference 2016 FINRA. All rights reserved. 1

6 To Access Polling Click on the schedule icon on the home screen Choose the Cybersecurity: Ongoing Challenges and Increasing Threats (Medium and Large Firm Focus)session In the lower right there is an icon: iphone Bubble with a bar graph Android Thumbs up Click on that to see polling questions and responses. FINRA Annual Conference 2016 FINRA. All rights reserved. 2

7 Threats & Risks FINRA Annual Conference 2016 FINRA. All rights reserved. 3

8 Ransomware FINRA Annual Conference 2016 FINRA. All rights reserved. 4

9 Ransomware Best Practices Prevention Restrict write permission on file servers / shared folders Software whitelisting Block malicious websites Educate users and user support Detect and block software behaviors indicative of malware Segment your network using firewalls Response and Recovery Quickly isolate computers that may contain malware Backup data and files; test restoration regularly FINRA Annual Conference 2016 FINRA. All rights reserved. 5

10 Phishing, Spear Phishing & Whaling FINRA Annual Conference 2016 FINRA. All rights reserved. 6

11 Phishing Best Practices Training with simulated phishes and web security filtering Fraud controls and thresholds in payments and funds transfers Assist users with review of questionable s and provide a central contact for reporting Maintain secure configurations and stay current on security patches Restrict workstation administrator privileges FINRA Annual Conference 2016 FINRA. All rights reserved. 7

12 Insider Threat FINRA Annual Conference 2016 FINRA. All rights reserved. 8

13 Insider Threat Best Practices Guidance: US-CERT: Common Sense Guide to Mitigating Insider Threats MITRE: Insider Threat Program Best Practices Dept. of Energy: Predictive Model for Insider Threat Mitigation Raytheon: Best Practices for Mitigating and Investigating Insider Threats INSA: A Preliminary Examination of Insider Threat Programs in the U.S. Private Sector Effective Controls: Pre-hire screening and background checks Security Information and Event Management (SIEM) Behavioral Analytics tools HR processes for identifying and tracking insider risks FINRA Annual Conference 2016 FINRA. All rights reserved. 9

14 Privacy Breach Reporting FINRA Annual Conference 2016 FINRA. All rights reserved. 10

15 Privacy Best Practices Access to legal expertise familiar with privacy, healthcare, other relevant laws Know your information assets and legal obligations Engage senior management and the Board Awareness training for staff and management Include 3 rd parties (vendors, partners) in your plans Data Loss Prevention (DLP) tools ID Theft Red Flags program Collaboration between Data Privacy and Information Security teams FINRA Annual Conference 2016 FINRA. All rights reserved. 11

16 Response and Recovery Best Practices Develop incident response plans, that is playbooks for various scenarios Explore cybersecurity insurance coverage options Retain an Incident Response firm w/ forensics capabilities Establish working relationships with Law Enforcement (FBI and/or USSS) Conduct table top exercises involving all departments identified in response plans FINRA Annual Conference 2016 FINRA. All rights reserved. 12

17 Distributed Denial of Service FINRA Annual Conference 2016 FINRA. All rights reserved. 13

18 DDoS Best Practices Have a means to mitigate in-house, with a DDoS protection service, or your Internet Service Provider (ISP) Access to expertise capable of coordinating detection, mitigation and recovery Test DDoS mitigation capability regularly Avoid paying ransom Stay current on patches and secure configurations Implement a Web Application Firewall (WAF) FINRA Annual Conference 2016 FINRA. All rights reserved. 14

19 FINRA Annual Conference 2016 FINRA. All rights reserved. 15

20 Cybersecurity: Ongoing Challenges and Increasing Threats (Medium and Large Firm Focus) Tuesday, May 23 3:00 p.m. 4:00 p.m. Resources Regulatory Guidance FINRA Report on Cybersecurity Practices (February 3, 2015) NIST Cyber Security Framework and Roadmap SEC National Exam Program Risk Alert (OCIE Cyber Security Initiative) SEC Cybersecurity Guidance Update (April 2015) Tips and Templates National Cyber Security Alliance Mobile Tip Sheet Cyber Security in the Golden State (see Practical Steps ) Strategies to Mitigate Targeted Cyber Intrusions Financial Industry Regulatory Authority, Inc. All rights reserved. 1