Vincent van Kooten, EMEA North Fraud & Risk Intelligence Specialist RSA, The Security Division of EMC

Similar documents
RSA Fraud & Risk Intelligence Solutions

RSA Web Threat Detection

RSA Web Threat Detection

Protecting Against Online Fraud. F5 EMEA Webinar August 2014

Aktueller Überblick über das RSA Portfolio

EMC & VMWARE STRATEGIC FORUM NEW YORK MARCH Tom Heiser President, RSA. Tom Corn SVP & Chief Strategy Officer, RSA

Account Takeover: Why Payment Fraud Protection is Not Enough

RSA FRAUDACTION ANTI-PHISHING SERVICE: BENEFITS OF A COMPREHENSIVE MITIGATION STRATEGY

RSA. The security division of EMC. Visibilidad total en el entorno de seguridad. Javier Galvan Systems Engineer Mexico & NOLA

The Scenes of Cyber Crime

Intelligent and Secure Network

Panda Security 2010 Page 1

ADAPTIVE AUTHENTICATION ADAPTER FOR IBM TIVOLI. Adaptive Authentication in IBM Tivoli Environments. Solution Brief

Adaptive Authentication Adapter for Juniper SSL VPNs. Adaptive Authentication in Juniper SSL VPN Environments. Solution Brief

Adaptive Authentication Adapter for Citrix XenApp. Adaptive Authentication in Citrix XenApp Environments. Solution Brief

We b Ap p A t ac ks. U ser / Iden tity. P hysi ca l 11% Other (VPN, PoS,infra.)

Security. Risk Management. Compliance.

Application Security. Rafal Chrusciel Senior Security Operations Analyst, F5 Networks

Unique Phishing Attacks (2008 vs in thousands)

Accelerating growth and digital adoption with seamless identity trust

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

DIGITAL LIFE E-GUIDE. A Guide to 2013 New Year s Resolutions

The Double Edged Sword of Mobile Banking

How technology changed fraud investigations. Jean-François Legault Senior Manager Analytic & Forensic Technology June 13, 2011

Electronic payments in the Netherlands

EBOOK. Stopping Fraud. How Proofpoint Helps Protect Your Organization from Impostors, Phishers and Other Non-Malware Threats.

Imperva Incapsula Website Security

Ethical Hacking and Countermeasures: Secure Network Operating Systems and Infrastructures, Second Edition

IDENTITY AND THE NEW AGE OF ENTERPRISE SECURITY BEN SMITH CISSP CRISC CIPT RSA FIELD CTO

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Author: Tonny Rabjerg Version: Company Presentation WSF 4.0 WSF 4.0

The situation of threats in cyberspace in the first half of 2018

Turning the Tide: Fending off Cyber Threats

Mobile Security / Mobile Payments

Service Provider View of Cyber Security. July 2017

The Transformation in Security How RSA is responding to the Changing Threat Landscape

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

THE BUSINESS CASE FOR OUTSIDE-IN DATA CENTER SECURITY

Comprehensive DDoS Attack Protection: Cloud-based, Enterprise Grade Mitigation F5 Silverline

Cyber-Threats and Countermeasures in Financial Sector

CISO as Change Agent: Getting to Yes

The Cost of Phishing. Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015

The Bots Are Coming The Bots Are Coming Scott Taylor Director, Solutions Engineering

Identiteettien hallinta ja sovellusturvallisuus. Timo Lohenoja, CISPP Systems Engineer, F5 Networks

NetWitness Overview. Copyright 2011 EMC Corporation. All rights reserved.

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

KASPERSKY FRAUD PREVENTION FOR ENDPOINTS

Enabling Compliance for Physical and Cyber Security in Mobile Devices. Chip Epps & Daniel Bailin HID Global

Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)

Ethical Hacking and Prevention

Credit Union Cyber Crisis: Gaining Awareness and Combatting Cyber Threats Without Breaking the Bank

Proofpoint, Inc.

About Lavasoft. Contact. Key Facts:

Regulator s Perspective of Best Practices in Combatting Cybercrime Executive Fraud Forum October 30, 2013

Supply Chain Integrity and Security Assurance for ICT. Mats Nilsson

Keep the Door Open for Users and Closed to Hackers

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

AKAMAI CLOUD SECURITY SOLUTIONS

Large-Scale Internet Crimes Global Reach, Vast Numbers, and Anonymity

Emerging Issues: Cybersecurity. Directors College 2015

Threat Detection and Mitigation for IoT Systems using Self Learning Networks (SLN)

TABLE OF CONTENTS Introduction: IS A TOP THREAT VECTOR... 3 THE PROBLEM: ATTACKS ARE EVOLVING FASTER THAN DEFENSES...

Automated Context and Incident Response

INVISIBLE MOBILE BANKING CHANNEL SECURITY WHITE PAPER

Getting over Ransomware - Plan your Strategy for more Advanced Threats

How Next Generation Trusted Identities Can Help Transform Your Business

To Catch A Thief. Sam Curry Chief Technology Officer RSA, The Security Division of EMC

ITU Regional Cybersecurity Forum for Asia-Pacific

Personal Cybersecurity

War Stories from the Cloud: Rise of the Machines. Matt Mosher Director Security Sales Strategy

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

How to Fight Back against Phishing A guide to mitigating and deterring attacks targeting your customers

Quick recap on ing Security Recap on where to find things on Belvidere website & a look at the Belvidere Facebook page

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

DHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1

ISACA West Florida Chapter - Cybersecurity Event

Small Business Is Big Business in Cybercrime A TrendLabs Primer

QUARTERLY TRENDS AND ANALYSIS REPORT

FOR FINANCIAL SERVICES ORGANIZATIONS

ENTERPRISE ENDPOINT PROTECTION BUYER S GUIDE

Trustwave Managed Security Testing

Prevx 3.0 v Product Overview - Core Functionality. April, includes overviews of. MyPrevx, Prevx 3.0 Enterprise,

RSA FraudAction Intelligence A DECADE OF PHISHING. November 2016

Exam : JK Title : CompTIA E2C Security+ (2008 Edition) Exam. Version : Demo

AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. Ralf Kaltenbach, Regional Director RSA Germany

(Botnets and Malware) The Zbot attack. Group 7: Andrew Mishoe David Colvin Hubert Liu George Chen John Marshall Buck Scharfnorth

Integrated Access Management Solutions. Access Televentures

Beyond Blind Defense: Gaining Insights from Proactive App Sec

Security Solutions. Overview. Business Needs

Defend Your Web Applications Against the OWASP Top 10 Security Risks. Speaker Name, Job Title

Regional Seminar on Cyber Preparedness

How to Catch a Thief. Trends & Technologies in the Fight Against Fraud. Rohan Langley SAS

SOLUTION BRIEF FPO. Imperva Simplifies and Automates PCI DSS Compliance

JUNIPER SKY ADVANCED THREAT PREVENTION

CERTIFIED SECURE COMPUTER USER COURSE OUTLINE

A Layered Approach to Fraud Mitigation. Nick White Product Manager, FIS Payments Integrated Financial Services

SHAPE Integrated Security in The Cloud. CNBG/SP Bobby Zhou

Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS

Transcription:

Vincent van Kooten, EMEA North Fraud & Risk Intelligence Specialist RSA, The Security Division of EMC 1

2013 2

3 in 4 3

5.900.000.000 $ 4

RSA s Top 10 List 5

RSA s top 10 phishing list Copyright 2014 EMC Corporation. All rights reserved. 6

Netherlands compared overall Copyright 2014 EMC Corporation. All rights reserved. 7

Trend#1: Mobile Threats Become More Sophisticated and Pervasive TREND1 INTH3WILD 8

1,000,000,000 total number of smartphones sold in 2013 Source: IDC Worldwide Quarterly Mobile Phone Tracker, January 2014 9

1 BILLION Android-based smart phones estimated to be shipped in 2017 Source: Canalys Smart Phone Report, June 2013 10

1,000,000 number Apps in Google Play Source: Sundar Pichai, speaking at a Google breakfast briefing, July 2013 11

1.400.000 malicious Android apps in 13 Jumped from 350.000 in 2012 Source: TrendMicro TrendLabs 12

Personal Finances 530 +76% 300 Mobile bankers in 2012 Mobile bankers in 2013 Source: Juniper Research 13

Mobile Threats 14

Malicious apps are posing as legitimate apps BANK For Malware Distribution For Phishing Scams 15

Games 16

Supply chain infection 17

SMS Sniffers $350 18

Perkele $5K and up 19

IBanking ibanking Mobile Bot 20

Mtoken mtoken 21

Trend#2: Malware Gets More Sophisticated TREND3 INTH3WILD 22

Stealthier, more durable botnets Botnets are being created that behave as similarly as possible to legitimate software Hosting a botnet s command-and-control center in a Tor-based network Cybercriminals are building more resilient peer-to-peer botnets, populated by bots that talk to each other, with no central control points An alternative business continuity led approach involves controlling a botnet from a mobile device using SMS messages. 23

Tutorials & Trainings 24

ChewBacca: POS Malware 25

Trade in vulnerabilities 26

Stegano-Zeus and more variants to come 27

Trend#3: Cybercriminals increase effectiveness and add more services TREND5 INTH3WILD 28

Facebook Accounts $1/acct 29

Facebook Ads 30

Bitcoin stealer 31

DDos Attacks for rent $8/hr 32

Wanna be liked? 33

Big Data Analytics 34

Criminals & Big Data 35

Criminals & Big Data 36

Market Disruptors Extended Customer Base And Workforce Mobile Cloud Big Data Networked Value Chains APTs Sophisticated Fraud Infrastructure Transformation Business Transformation Threat Landscape Transformation Less control over access device and back-end infrastructure More hyper-extended, more digital Fundamentally different tactics, more formidable than ever Copyright 2014 EMC Corporation. All rights reserved. 37

Existing Tools Lack Visibility into Criminal Behavior User 2 Factor Authentication Device ID Passwords Network Firewall IPS/IDS Application WAF Penetration Testing Dynamic Scanning Log Analysis/SIEM Source Code Analysis Copyright 2014 EMC Corporation. All rights reserved. 38

Evolving Fraud Threat Landscape In the Wild Begin Session Login Transaction Logout Web Threat Landscape Phishing Rogue Mobile App Site Scraping Vulnerability Probing Layer 7 DDoS Attacks Man in the Middle/Browser Password Cracking/Guessing Parameter Injection New Account Registration Fraud Advanced Malware (e.g. Trojans) Account Takeover New Account Registration Fraud Promotion Abuse Unauthorized Account Activity Fraudulent Money Movement Copyright 2014 EMC Corporation. All rights reserved. 39

A New Security World In a Constantly Evolving Environment Fraud Evolves so MUST the Response We must focus on people, the flow of data and on transactions Copyright 2014 EMC Corporation. All rights reserved. 40

Intelligence-Driven Security Risk-based, contextual, and agile Risk Intelligence thorough understanding of risk to prioritize activity Advanced Analytics provide context and visibility to detect threats Adaptive Controls adjusted dynamically based on risk and threat level Information Sharing actionable intelligence from trusted sources Copyright 2014 EMC Corporation. All rights reserved. 41

RSA Fraud & Risk Intelligence Distinguish Between a Customer or Criminal Trusted Identities, Actions and Transactions Reduce Fraud & Account Takeover Risk-Based Detection Gain Visibility and Context Balance Security and Convenience Copyright 2014 EMC Corporation. All rights reserved. 42

RSA Fraud & Risk Intelligence Solutions Securing Online User Life Cycle Web Threat Detection (Silver Tail) Adaptive Authentication Adaptive Authentication for ecommerce FraudAction In the Wild Transaction Monitoring Begin Session Login Transaction Logout Web Threat Landscape Copyright 2014 EMC Corporation. All rights reserved. 43

Securing Entire Online User Lifecycle FraudAction Gain Visibility into Cybercrime Underground Detect Phishing and Trojan Attacks Identify Fake Mobile Apps In the Wild Begin Session Login Transaction Logout Web Threat Landscape Copyright 2014 EMC Corporation. All rights reserved. 44

Securing Entire Online User Lifecycle Web Threat Detection Real Time Visibility into Pre and Post Login Activity Detect User and Group Anomalous Behavior Identify Precursors to Fraud In the Wild Begin Session Login Transaction Logout Web Threat Landscape Copyright 2014 EMC Corporation. All rights reserved. 45

Securing Entire Online User Lifecycle Adaptive Authentication Transparent Risk Based Authentication Challenge Only High Risk Logins Collective Fraud Intelligence Sharing Balance Cost, Risk and Convenience In the Wild Begin Session Login Transaction Logout Web Threat Landscape Copyright 2014 EMC Corporation. All rights reserved. 46

Securing Entire Online User Lifecycle Transaction Monitoring Transparently Monitor Transactions Identify High Risk or Anomalous Activities Mitigate Against Advanced Trojan Attacks Collective Fraud Intelligence Sharing In the Wild Begin Session Login Transaction Logout Web Threat Landscape Copyright 2014 EMC Corporation. All rights reserved. 47

Securing Entire Online User Lifecycle Adaptive Authentication for Ecommerce Transparently authenticates 3D Transactions Identify High Risk or Anomalous Activities Mitigate Against Advanced Trojan Attacks Collective Fraud Intelligence Sharing In the Wild Begin Session Login Transaction Logout Web Threat Landscape Copyright 2014 EMC Corporation. All rights reserved. 48

8000+ Banks, Card Issuers, ISPs, Feeding Partners The RSA Layered Approach Anti-Fraud Command Center Anti-Phishing Anti-Trojan Anti-Rogue App Threat Intel efraudnetwork Fraudulent IP addresses, Device Fingerprints, Mule Accounts AA / TM AAecom Web Threat Detection Copyright 2014 EMC Corporation. All rights reserved. 49

RSA Proven Fraud Prevention 8,000 + Global Customers protected by efraudnetwork 500 Million Devices & Credit Cards Secured $7.5 + Billion Fraud Losses Prevented Over 800,000 Cyber Attacks Shutdown Trust in the digital world 50+ Billion Transactions Protected Copyright 2014 EMC Corporation. All rights reserved. 50

Thank You! Vincent van Kooten Vincent.vankooten@rsa.com Big Data Transforms Security Copyright 2014 EMC Corporation. All rights reserved. 51

STANDING TOGETHER Copyright 2012 EMC Corporation. All rights reserved. 52

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback