Given the transactional nature of the business, financial services is a market that frequently engages with customers, often exchanging communications and documents digitally. Brand phishing attacks take advantage of this standard, impersonating financial organizations to get customer information and ultimately account access. This panel will examine defense strategies that protect consumers from phishing schemes and minimize the damage once bad actors gain access.
Two decades after online financial transactions became a reality, financial organizations still struggle with authenticating users. Stolen credentials and compromised consumer machines in active botnets make fraud most banking institutions single point of failure. This panel will punch holes in typical tactics to identify the best approach to recognizing when a fraudster is at the door.
As consumers embrace the convenience of mobile banking, so have malware operators. Banking trojans target banking and wallet apps, swiping login credentials and stealing accounts stored on devices from consumers that too often lower their standards of security in a mobile environment. This panel will examine the typical vulnerabilities that leave mobile banking apps exposed, and the critical security standards needed to protect users.
There’s no question that crypto platforms, digital wallets and P2P apps have changed the game of personal and corporate finance, giving users more ways than ever to move their funds around. But as evidenced by a spate of recent attacks against decentralized finance e-payment services, these newer forms of banking have also introduced their own unique set of risks. This panel will examine how the threat landscape differs with these new approaches to banking, and what security needs to be baked into services to ensure “the next big thing” in finance doesn’t fail before it even leaves its mark.
Financial services is among the most targeted industries by ransomware groups, seen as vulnerable in light of the impact that an outage would have on the national or even global economy. At the same time, as double exportation becomes increasingly the flavor of choice for attackers, exposure of customer data can be a potential regulatory violation for financial organizations – not to mention
catastrophic to business. This panel will examine the state of the threat, and how financial organizations are mitigating the risk.
Financial organizations are well acquainted with Sarbanes-Oxley and Payment Card Industry Data Security Standards, but a patchwork of cybersecurity regulations that often differ by state and even country has grown all the more complicated by the surge of online transactions. This panel will examine best practices for compliance as insurance companies, banks and other financial services institutions dive deeper into digital services.
The financial sector by its nature brings a plethora of third-party suppliers that support different aspects of transactions, the movement of assets, and the exchange of documents. That brings a heightened level of risk. This panel will examine the critical need for financial institutions to avoid liability by putting in place effective processes and procedures to ensure all strategic partners and suppliers follow security protocols to effectively protect sensitive data and comply with regulations.
A recent study by the Cloud Security Alliance found that 91 percent of financial services organizations are actively using cloud services or plan to employ them during the next six to nine months. Standards are in place to bake security into those environments, but high rates of misconfigurations combined with proliferation of APIs that open security holes create heightened risk in a market that can’t afford a breach. This panel will examine the state of cloud security in financial services, and best practices for protecting personal and sensitive data in multi-cloud environments.