CYBERSECURITY 2016: PREPARING FOR THE FUTURE MONEY MANAGEMENT INSTITUTE NETMEETING JANUARY 20, 2016
ADVANCING THE FUTURE OF INVESTMENT ADVISORY SOLUTIONS 2
Upcoming MMI Events
2015
2016 Sales & Marketing Leadership Summit February 17-18, 2016 | Palm Beach, FL Eau Palm Beach 2016 Annual Convention April 20-21, 2016 | Washington, DC Marriott Marquis
Panelists
Mark Connelly, Chief Information Security Officer
Vince Skinner, Vice President of Security
Ernie Smith, Vice President, Technology
Matt Steel, Vice President, Information Security
Cybercriminals Did Not Rest During 2015… It’s been a watershed year for cybercrime - 2015 US State of Cybercrime Survey
Financial services encounters security incidents 300 percent more frequently than other industries - 2015 Industry Drill Down Report
…and the Reactions Were Varied
Increased Concern Over Cybercrime in 2016
69% 2014
87% 2015
18th Annual Global CEO Survey 2015
59% 2014
76% 2015
2015 US State of Cybercrime Survey
The Principal Threats Institutions are Facing and their Sources
Sources: PWC, 2015 US State of Cybercrime Survey RSA, Cybercrime 2015, An Inside Look at the Changing Threat Landscape
The cybercrime-as-a-service marketplace continues to mature
Mobile provides a larger attack surface
Cybercriminals seek more bang for the buck and increase large-scale retail & financial attacks
Threats continue to grow more targeted and more advanced
Risk Assessment and Mitigation Strategies
“The bad guys are smart, well equipped, and determined. There’s no reason that the good guys can’t be the
same.” - Mandiant
Trends in Threat Detection • Intelligence-driven security approaches which can
operate in mobile and cloud environments
• Greater use of behavioral analytics
• Smart device capabilities
Source: RSA, Cybercrime 2015, An Inside Look at the Changing Threat Landscape
Developing a Recovery Plan to Minimize Damage in the Event of a Breach
FS-ISAC Recommendations • Use well documented recovery plans to begin the process of
restoring systems and networks • Utilize multiple backups that have been maintained
separately and restore data to alternate system • Use snapshots of storage to minimize data loss and plan for
other ways to record transactions that have occurred during the incident
• Consider a Bare Metal Rebuild in the event of a catastrophic event
• Document all procedures, maintaining forensics in order to share threat indicators with industry and government partners
Source: FS-ISAC, Best Practices for US Financial Institutions, 2015
Questions & Answers
REUTERS/Russell Cheynelivepic
REUTERS/Randall Hill
Speed Round
REUTERS
ADVANCING THE FUTURE OF INVESTMENT ADVISORY SOLUTIONS 13
Upcoming MMI Events
2015
2016 Sales & Marketing Leadership Summit February 17-18, 2016 | Palm Beach, FL Eau Palm Beach 2016 Annual Convention April 20-21, 2016 | Washington, DC Marriott Marquis