Upload File

cyber security richard_benham

14
Cyber-security in the financial industry Richard Benham Professor of Cyber Security Management and founder of the National MBA in Cyber Security®, Coventry University SWIFT Nordics Regional Conference 2015 Copenhagen, 4 - 5 March 2015

Upload: swift

Post on 15-Jul-2015

76 views

Category:

Documents


1 download

Report

TRANSCRIPT

Page 1: Cyber security richard_benham

Cyber-security in the financial

industry Richard Benham

Professor of Cyber Security Management and founder of the

National MBA in Cyber Security®, Coventry University

SWIFT Nordics Regional

Conference 2015

Copenhagen, 4 - 5 March 2015

Page 2: Cyber security richard_benham

“Theoretical Overview of Cyber Security”

PR O FE SSOR R ICHA R D B E NHA M

Page 3: Cyber security richard_benham

Content

With my thanks to…

• INTRODUCTION • WHAT IS A THEORY? • IS IT APPROPRIATE FOR CYBER SECURITY? • THE CYBER RIPPLE THEORY® • WHAT DOES THIS MEAN FOR FINANCIAL

INSTITUTIONS? • TWO PREDICTIONS !

- The collapse of a Bank following a cyber attack within 5 years - The rise of Economic Cyber Terrorism (ECT)

• QUESTIONS

Page 4: Cyber security richard_benham

Introduction

PR O FE SSOR O F CYB E R SE CUR IT Y MA NAG E MENT AT COVE NT R Y B USINESS SCHO O L PR O FE SSOR IN R E SIDENCE AT T HE UK NAT IO NA L CYB E R SK IL L S CE NT R E AR EAS OF INT ER EST - CYB E R MA NAG E ME NT - CYB E R IN B A NK ING - CYB E R CR IME 20 YE A R S IN FINA NCIA L SE R VICES 1 0 YEAR S IN POLICING 5 YE A R S IN CYB E R SE CUR ITY

Page 5: Cyber security richard_benham

What is a Theory? A T HE O R Y CA N B E B E ST DE SCR IB ED A S A SING LE O R NUMB ER O F IDE A S INT E NDED TO E X PLA IN SO ME THING AND TO PR OVIDE G ENERAL PR INCIPALS INDEPENDENT OF T HE ACT UA L T HING TO B E E X PL A INED. • E X PE CT TO B E E VIDE NCED O R CHA L L E NGED

• NOT A HYPOT HESIS WHICH IS A PR OPOSED

E X PLA NATIO N

• NOT A N O B SE R VAT IO N WHICH IS FR O M A SING L E SO UR CE

IN SHO R T …..

“A RATIONALISED GENERALISATION TO EXPLAIN SOMETHING”

Page 6: Cyber security richard_benham

Is it appropriate for Cyber Security?

• S U R P R I S I N G LY T H E R E A R E V E R Y F E W T H E O R I E S R E G A R D I N G C Y B E R S E C U R I T Y

• M AT H E M AT I C A L B A S E D A N D N E T W O R K / S Y S T E M F O C U S E D

• H I S TO R I C A L LY A P R E D I C T I V E S C I E N C E W I T H A LO G I C A L F LO W A N D S E Q U E N C E T H AT H A S E VO LV E D R A P I D LY W I T H T H E M A R K E T P L AC E .

• A M B I G U I T Y C A N O CC U R W I T H A N Y H U M A N I N T E R AC T I O N

• T H E O R I E S A R E N E E D E D TO U N D E R S TA N D H O W H U M A N S W I L L U S E , A B U S E A N D N E E D P R OT E C T I O N I N T H E C Y B E R W O R L D

• C Y B E R S TA N D A R D S A N D R U L E S N E E D TO H AV E A C O M M O N S TA R T I N G P O I N T

• F E E L S R E T R O S P E C T I V E … . .

Page 7: Cyber security richard_benham

The Cyber Ripple Theory ® T HE CYB E R R IPPL E T HE O R Y® IS R E L AT IVELY ST R A IG HTFO RWA R D B UT IS HUG E LY IMPO R TA NT TO T HE ECONOMIC AND SOCIAL WELL BEING OF SOCIETY AS NE T WO R K T E CHNO LOG Y A DVA NCE S. IT STAT E S; - “ T HE E FFE CT O F A CYB E R AT TACK O N A N O R G A NISATIO N OR INDIVIDUAL HAS A DEST R UCTIVE CASCADING EFFECT O N B OT H T HE CO NNE CTING T E CHNO LOGY A ND HUMA N A SPE CT S T HAT A R E L INK E D. T HE E X T E NT O F T HE DE ST R UCT IO N DE PE NDS O N T HE AWA R E NE SS A ND PR OT E CTIO N L E VE L S B UILT A R O UND T HE SE QUE NT IA L POINT S OF T HE AT TACK” PR O FE SSOR R ICHA R D B E NHA M - MAY 20 13

Page 8: Cyber security richard_benham

The Cyber Ripple Theory ® T HE CYB E R R IPPL E T HE O R Y® IS R E L AT IVELY ST R A IG HTFO RWA R D B UT IS HUG E LY IMPO R TA NT TO T HE ECONOMIC AND SOCIAL WELL BEING OF SOCIETY AS NE T WO R K T E CHNO LOG Y A DVA NCE S. IT STAT E S; - “ T HE E FFE CT O F A CYB E R AT TACK O N A N O R G A NISATIO N OR INDIVIDUAL HAS A DEST R UCTIVE CASCADING EFFECT O N B OT H T HE CO NNE CTING T E CHNO LOGY A ND HUMA N A SPE CT S T HAT A R E L INK E D. T HE E X T E NT O F T HE DE ST R UCT IO N DE PE NDS O N T HE AWA R E NE SS A ND PR OT E CTIO N L E VE L S B UILT A R O UND T HE SE QUE NT IA L POINT S OF T HE AT TACK” PR O FE SSOR R ICHA R D B E NHA M - MAY 20 13

Page 9: Cyber security richard_benham

The Cyber Ripple Theory ® T HE CYB E R R IPPL E T HE O R Y® IS R E L AT IVELY ST R A IG HTFO RWA R D B UT IS HUG E LY IMPO R TA NT TO T HE ECONOMIC AND SOCIAL WELL BEING OF SOCIETY AS NE T WO R K T E CHNO LOG Y A DVA NCE S. IT STAT E S; - “ T HE E FFE CT O F A CYB E R AT TACK O N A N O R G A NISATIO N OR INDIVIDUAL HAS A DEST R UCTIVE CASCADING EFFECT O N B OT H T HE CO NNE CTING T E CHNO LOGY A ND HUMA N A SPE CT S T HAT A R E L INK E D. T HE E X T E NT O F T HE DE ST R UCT IO N DE PE NDS O N T HE AWA R E NE SS A ND PR OT E CTIO N L E VE L S B UILT A R O UND T HE SE QUE NT IA L POINT S OF T HE AT TACK” PR O FE SSOR R ICHA R D B E NHA M - MAY 20 13

Page 10: Cyber security richard_benham

The Cyber Ripple Theory ® T HE CYB E R R IPPL E T HE O R Y® IS R E L AT IVELY ST R A IG HTFO RWA R D B UT IS HUG E LY IMPO R TA NT TO T HE ECONOMIC AND SOCIAL WELL BEING OF SOCIETY AS NE T WO R K T E CHNO LOG Y A DVA NCE S. IT STAT E S; - “ T HE E FFE CT O F A CYB E R AT TACK O N A N O R G A NISATIO N OR INDIVIDUAL HAS A DEST R UCTIVE CASCADING EFFECT O N B OT H T HE CO NNE CTING T E CHNO LOGY A ND HUMA N A SPE CT S T HAT A R E L INK E D. T HE E X T E NT O F T HE DE ST R UCT IO N DE PE NDS O N T HE AWA R E NE SS A ND PR OT E CTIO N L E VE L S B UILT A R O UND T HE SE QUE NT IA L POINT S OF T HE AT TACK” PR O FE SSOR R ICHA R D B E NHA M - MAY 20 13

Page 11: Cyber security richard_benham

What does this mean for Financial Institutions?

WE NE E D MO R E T HE O R IE S FO R T HE NAT IO NA L MB A “ FINA NCIA L SE R VICES MO DUL E” WE NE E D TO FACE T HE O B VIO US QUE ST IO NS AG A IN A ND ASK….. (1 ) IS A CYB E R AT TACK O N A B A NK L IMITE D TO T HAT

B A NK ? (2) IS IT S E FFE CT CO NST R A INED B Y CO UNT R Y? (3 ) IS IT S EFFECT CONST R AINED BY R EG ION? (4) IS T HE USE O F ME DIA TO DE ST R OY T HE INT E GR ITY O F

A B A NK MO R E CO ST E FFE CT IVE A ND L E SS R ISK ? ( 5 ) IS T HE L A ST B A NK ING CR ISIS A DR Y R UN FO R A CYB E R

G E NE R ATED CO L L A PSE? (6) WHAT IS PLAN B? – IS IT G OVER NMENT BACKED

B A NK ING? (7) IS T HE R E A FUT UR E FO R PR IVAT E LY O WNE D B A NK S? (8) HO W DO WE DE A L WIT H T HE NE E D FO R SHA R E D

INT E LL IGENCE VE R SE S T HE NE E D FO R CO MME RCIA L PR IVACY AND NON DISCLOSURE OF CYBER LOSSES?

Page 12: Cyber security richard_benham

Two Personal Predictions !

- The collapse of a Bank following a cyber attack within 5 years

Reputation damage using social media prompting a run / share sale on that particular bank…………

Page 13: Cyber security richard_benham

Two Personal Predictions !

- The rise of Economic Cyber Terrorism (ECT)

An Individual , Organisation or State using the fear of cyber attacks and exposure of vulnerabilities by social media to economically ruin a organisation or company.

Page 14: Cyber security richard_benham

“Questions”

PL E A SE CHA L L E NGE!!


Improving Cyber-Security Improving Cyber-Security through

Cyber Security, Cyber Intelligence & Cyber Investigation

CYBER SECURITY STRATEGY - Portal GOV.SI · 2020-01-08 · 2 Cyber Security Strategy Purpose and summary Slovenia’s cyber security strategy will improve the country’s cyber security

Cyber Security - Cisco · Cyber Security Kah-Kin Ho Head of Cyber Security Business Development Europe, Middle East and Africa. Agenda •Cyber Threat Landscape ... Customized Cyber

Cyber Security isn’t Really Cyber

NORTON SMB CYBER SECURITY SURVEY - now.symassets.com · Norton’s SMB Cyber Security survey researched business perceptions of cyber security issues including computer backup, cyber

Cyber Security Seminar Cyber Security fingerprints Security Seminar Cyber Security fingerprints Per Larsen, ... Antivirus Solutions ... Account Management Computer Policies Microsoft

Cyber Security Analyst Course Outline Cyber Security

DHS National Cyber Security Division Cyber Security Procurem

Innovating in Cyber Security...Cyber intelligence Threat actor profiling for enhanced security operations Human Factors in Cyber security Secure transactions III Cyber security end-user

Cyber Security

CAT Telecom...d. d. navl (WI'UU) nonu#nunmynönqv Network FDIi.]îfiuõqumu Security - IT/Cyber security - IT/Cyber security - Network - IT/Cyber Security - Lðunzlå - IT/Cyber Security

Understanding Cyber Threats & Cyber Security

MAGAZINE - Cyber Security Raad€¦ · progression of cyber security ° Cyber security: limitation and opportunity Cyber security belongs in the boardroom ° °Greater internet security

Cyber Security - Joshua McCloud - Cisco Cyber Security Solutions Architect

CYBER SECURITY: CCSS CLOSE CYBER SECURITY SUPPORT › dtic › tr › fulltext › u2 › a588004.pdf · 2013-12-12 · 1 CYBER SECURITY: CCSS – CLOSE CYBER SECURITY SUPPORT An

FOCUS GROUPS - Cyber Security Coalition | Cyber Security ... · A central pillar of the European Union cyber security strategy, the Cyber Security Act aims to strengthen the cyber

Cyber Security Specialist Information Security • Cyber ... · Cyber Security • Security Analyst • Cyber Security Specialist Information Security • Cyber Operations Manager

Cyber security & Importance of Cyber Security

Introduction to Cyber Security by Cyber Security Infotech(CSI)

RUAG Cyber Security Security Consulting · into the customer’s protection and determine their Cyber Security Maturity. Reinforce your security posture Cyber Security Compliance

Cyber Security Architecture Methodology for the Electric ... · part of a cyber security strategy. Another component of the cyber security strategy is a cyber security architecture

Cyber Security Technologist Level 4 Apprenticeship€¦ · Cyber Security Technologists This course supports cyber security technologists who apply an understanding of cyber threats,

Cyber Security - documents.swisscom.comdocuments.swisscom.com/.../Security-Doks/cyber-security-report_de.… · Swisscom AG, August 2015-08-19 Cyber Security: die aktuelle Bedrohungslage

ppt -Cyber Crime, Cyber Security and Cyber Laws

Cyber Security The Cyber Security - GOV.UK

Cyber Security Risk Rating The Egan-Jones Cyber Security

European Cyber Security Challenge - Greel National Cyber Security Team

Clarity on Cyber Security - assets.kpmg€¦ · Partner, Cyber Security Matthias Bossardt Gerben Schreurs Partner, Cyber Security Gerben Schreurs Media reports on cyber incidents

Vardhil Cyber Security Cyber Crime1st

CYBER SECURITY DIVISION - dhs.gov · CYBER SECURITY DIVISION: SECURING YOUR CYBER FUTURE • • • CYBER SECURITY DIVISION OVERVIEW The nation’s economic strength and security

Informatica Cyber Security 1 Masterclass Cyber Security Erik Poll Digital Security groep

10 tips for cyber security - Munich ReCyber risks 10 tips for cyber security Title 10 tips for cyber security Subject hsb-cyber-ten-security-tips Keywords,cyber,HSB_Cyber_Safety_Tips_10082020

ABB Cyber Security Services - library.e.abb.com · ABB’s approach to cyber security Cyber security roadmap –reaching maturity with ABB Cyber Security Services May 8, 2017 Slide

BSc (Hons) Cyber Security BSc (Hons) Cyber Security (with