Fraud and security are always hot topics in the financial services arena. But this year, some risks - such as data breaches linked to third parties and increasingly insecure authentication practices - will definitely get more attention from security pros.
See Also: Secure Access in a Hybrid IT WorldHow financial institutions address those risks will be key, whether it's through more reliance on data analytics or a better understanding of emerging malware strains and the cybercriminals or adversaries behind the attacks. Fortunately, all of these areas of concern are on the agenda at RSA 2014.
In reviewing this year's lineup of speakers and sessions, a few highlights stand out. There are far too many sessions for anyone to attend, of course. But here are some presenters that will offer timely insights for those in the financial services industry:
- Daniel Cohen, a phishing expert and head of knowledge delivery and business development at RSA;
- Nick Selby, an encryption expert and CEO of StreetCred Software;
- Adam Sedgewick, senior adviser of information technology for the National Institute of Standards and Technology and a leading contributor to guidelines for securing the financial services critical infrastructure.
As for sessions, here are several that will offer important insights:
Securing Critical Infrastructure
On Feb. 25, 4 p.m. to 5 p.m. in Moscone West, Room 3002, Sean McBride, director of analytics for cyber-intelligence firm Critical Intelligence, will discuss how the United States delivered malware to industrial objectives within Iran during his session, "Effects-based Targeting for Critical Infrastructure."
On Feb. 25, 4 p.m. to 5 p.m. in Moscone West, Room 2006, Jay Jacobs, senior data analyst, and Wade Baker, both of Verizon, will review why big data is not the only data that organizations should rely on in their presentation, "From Data to Wisdom: Big Lessons in Small Data." Their session will examine the state of security data analysis.
Knowing Thy Enemy
On Feb. 25, 2 p.m. to 2:20 p.m. in Moscone West, Room 3022, and again on Feb. 28, 11:40 a.m. to 12 p.m. in Moscone North, Room 130, Dmitri Alperovitch of CrowdStrike will explore why it's not just the attacks, but the attackers, that organizations need to understand during his presentation, "The Art of Attribution: Identifying and Pursuing your Cyber Adversaries."
Malware for Defense
On Feb. 26, 9:20 a.m. to 10:20 a.m. in Moscone West, Room 3002, Trustwave's Ryan Barnet, lead security researcher, and Ziv Mador, director of security research, will walk through how security products can be used against hackers during their session, "An Arms Race: Using Banking Trojan and Exploit Kit Tactics for Defense."
Taking Down Citadel
And on Feb. 27, 10:40 a.m. to 11:40 a.m. in Moscone West, Room 3002, presenters Errol Weiss of Citigroup, John Wilson of online security firm Agari and Richard Boscovich of Microsoft will review the June 2013 takedown of more than 1,500 command-and-control servers for botnets based on Citadel. During their session, "How Microsoft, FS-ISAC & Agari Took Down the Citadel Cybercrime Ring," they will discuss the coordinated takedown led by Microsoft, the Financial Services Information Sharing and Analysis Center and Agari.