seccon - protecting banking and financial infrastructure
DESCRIPTION
Presented at 6th International Conference on Security SECCON 2014 Protecting Banking and Financial Infrastructure Brig. Muhammad Farooq Shaukat (Retd.) Country Head of Security – Standard Chartered Bank Topics Covered: • Security Assessment • Managing Security in Banking Sector • Security Management Cycle • Contours of Security Strategy • Threat Matrix • Threat / Risk Assessment • Crime Trend • Impact of Security State – Banking Sector • Security Management • Technological Measures • Facts on ATM Skimming Attacks • Training and Awareness • Essence of Security ManagementTRANSCRIPT
Security Dynamics In
Banking Sector
AimThe aim of today’s session is to acquaint you with security dynamics in Banking Sector
Country Security Situation
Security AssessmentMilitancy
• The TTP central shura unanimously decided not to extend
the ‘ceasefire’ but would keep the dialogue option open.
Analysis • While the Government exhibited flexibility in continuing with
talks amidst violence and releases of prisoners (19) , the TTP insisted on their demands of ‘demilitarized peace zone’ and release of more prisoners.
• Although the talks were in progress under announced ceasefire yet the security matrix of the country did not really improve. We saw two deadly attacks in Rawalpindi and one train put on fire near Sibi, among other bombings.
Security Assessment
Analysis
• The TTP has little or no control over a wide range of militant factions or splinter groups and therefore cannot influence them effectively to reign in their attacks.
• Some analysts opine that withdrawl of ceasefire is perhaps a way to put more pressure on a government, as the militants have kept the negotiations option open.’
• Clashes among major splinter groups of militants have surfaced. Mehsud and Khurasani groups oppose peace talks and may have influenced TTP shura to roll back ceasefire.
Militancy• Due to truncated leadership, reduced capacity and split among
militants, we are likely to see reduced militant attacks in mid to long terms while the current situation is likely to remain fluid in coming days where periodic spike in attacks shall remain a possibility.
• While the militants shall look to launch a big attack to exert their writ, it is expected that most of these attacks shall be low in intensity as well as frequency. However, most of their attacks are likely to be directed against LEAs and soft targets.
• Balochistan continues to experience low intensity conflict with occasional spike. The main issues centre around sectarian killings, kidnappings and attack against Gas Pipelines / Trains by insurgent.
Security Assessment
Managing Security in Banking Sector
Security Process Flow
• Detect Procedural
• Deter Physical
• Delay Analysis /
Assessment
• Defend Response
• Business Continuity
Philosophy
Risk Threat
Threat’s Acuity
Adversary
Capabilities
Intentions
Reasoning
10
POLICIES, PROCEDURES &
PLANS
RISK ASSESSMENT&
RISK MANAGEMENT
EFFECTIVE SYSTEMS
SURVEILLANCE
AWARENESS&
TRAINING
BUSINESS CONTINUITY
SECURITYMANAGEMENT
Security Management Cycle
Security Management
Threat Assessment
Threat
Identification
Threat IdentificationThreat AssessmentProactive Security Management
Contours Of Security Strategy
Terrorism Bomb Threat Bomb Attack
Armed Robbery Hostage Situation Asset Loss Reputation Loss
Cash Snatching
Cash Swindling
Law and Order Vandalism Arson
Burglary
Threat Matrix
Evaluation of • Threat of Terrorism• Branch/Office Location• Local Political Dynamics• Crime Rate and Category of Crime• Pressure Groups/Gangs in the Area• Vandalism Record/Past History
• Follow up Actions Share with Stakeholders Periodic Review
Threat / Risk Assessment
Demography
Pressure Groups
Slums,Escape routes
Area Crime History
Ethnic/Political/Sectarian
Security Assessment - Area
Risk Assessment
J
B
FD
AE
C
H
G
ALiyari/KharadarLyari, Kharadar, Ranchor, Lines, old city area, Eidgagh, Saddar, Jamshed Quarter,Machar colonyPolitical Influence : PPP,Crime : Extortion, Kidnapping, Drugs mafia, Ethnic violence.
BGulistan Johar Pehlwan goth, Rabia City, Kiran Society, Saforan Goth, Sani view Political Influence : MQM, ANPCrime : Extortion, Land mafia, Ethnic violence Kidnapping,
CLandhiAshrafi Goth, Muslimabad, Ajmer Col, Dawood Chowrangi, Burmee Col.Political Influence : MQM, PPP, ANPCrime : Extortion, land/ Drugs Mafia
DBaldia Town / Orangi TownIttehad Town, Nai abadi, Saeedabad, Mohajir Camp, Rasheedabad Political Influence : MQM, ANP, Crime : Extortion, Sectarian /Sectarian violence EKorangiIbrahim Hyderi, Industrial Area, Korangi CreekPolitical Influence : ANP, MQM, MQM(H)Crime : Land Mafia, Extortion Kidnapping
FSohrab GothAbulhasan Isphani Road, Gulshan Maymar, Mobina Town, Sohrab GothPolitical Influence : ANP, MQM,Crime : Land/Drug Mafia, Politics, Kidnapping , Extortion
GNorth KarachiKati Phari, Sarjani Town, New Karachi, Nagan ChowrangiPolitical Influence : MQM, Crime : Land Mafia, Kidnapping, snatching Extortion
J
Shah Faisal Col.Natha Khan Goth, Drigh Col, Al-Falah SocietyPolitical Influence : MQM, ANP,Crime : Ethnic violence, snatching
H
NazimabadPaposh Nagar, Liaquatabad, Golimar, Orangi, Katti Pahari.Political Influence : MQM, MQM(H), Crime : Kidnapping, snatching
Vulnerable Areas
Sohrab Goth
Landhi
Shah Faisal
Glustan-e-Jauhar
Orangi
Nazimabad
Korangi
Lyari
North Karachi
Crime Trend
Robberies 2011- 2014
Robbery
Amount
2011 2012 2013 2014
4831 35
69.6 M
43.07 M
66.6 M
23
71.4 M
Robberies- Analysis • Selection and scrutiny of Guarding / Alarming Company
• Untrained and under verified guards
• Placement of guards
• Inadequate Floor Management
• Insufficient training to staff
• Casualness in Critical timings
• No consideration for critical branches(Bunkers, vantage points)
• Indolent QRF and Response
Street Crime
Karachi
Lahore
Peshawar
Quetta
51%38%
6% 5%
20
Street Crimes
Terrorism
Ethnic / Sectarian violence
Kidnap / Extortion
Robberies
Crime Ratio
14%
20%
22%
40%
4%
Region’s Violence Rate
SindBalochistanPunjabKP/FATAIslamabad
45%
25%
20%
8 %
2 %
Impact of Security State-Banking Sector
Reputation
Staff
Customer
Asset
Business
Impact
Physical
Measure
s
Technological
Measure
s
Trainings and Awarene
ss
Threat Mitigation
Security Management
Guards Quality and Strength of Guards During Day Remove Night Guards Placement of Sentries on Upper Floor/Vantage Point/Roof Tops
Smart and Trained Vigilance Staff
QRF
Efficient Floor Management
Efficient Night Patrolling
Proactive Control Room Team
Physical Measures
25
Guards Placement
Strength
Routes
knowledge
Communicati
on
Training
Placement in terms
of ETAs
Type of
vehicle
required
Number of QRF
required
Quick Reaction Force
Technological Measures
Establishment of Effective Control Room (s) Effective Remote CCTV Monitoring of All Branches Simultaneous Display of Vault Doors and ATM’s
Effective Alarm System Backed by Efficient Response PIR Devices/Motion Detectors Vibration Sensors Bolt Locks
Integrated System
Pop up Alerts for Branch Arming Disarming, Fire Alarms, DVR Faults, Camera Faults etc.
Sufficient and Uninterrupted Power Backup.
Ensure uninterrupted power
supply
Ensure
security of
Data.
DVR Bolting
Ensure
operation
al status of DVR
Vaults/
ATM during
silent
hours
External view
at Opening/closing
Placement
of CCTV cameras(Vault,
ATM ,banki
ng Hall etc)
Surveillance
Dual ConnectivityLand line and GSM
Provision of Panic Buttons
Armed Vault With Duress code
Alarm System
30
30
What do skimming devices look like?Spot the difference….. Can you tell now?
Top photo shows an unadulterated ATM fascia. The flashing FDI indicator is easily observed.
A skimming device has been fitted over the card reader slot. Although the device has been given the appearance of being a standard part of the terminal it is in fact an additional fitted piece & clearly is different from the above photo. Note: No flashing lead-through light can be seen and the shape of the bezel is also clearly different.
Facts - ATM Skimming Attacks
31
Spot the difference….. Can you tell now?
Facts - ATM Skimming Attacks
32
Upon closer inspection of the merchandising unit, you can clearly see the pin hole camera installed on the bottom side, capturing an image of the keypad and subsequently, the customers PIN
PIN Capturing Devices
33
PIN Capturing Devices
Criminals tend to attach skimming devices either late at night or early in the morning and during periods of low traffic
Despite this skimming devices generally only take a few minutes to install and therefore can be attached at any time
Skimming devices are usually attached for a few hours only
Criminals install equipment on at least 2 regions of an ATM to steal both the ATM card number and the PIN
Inspect the front of the ATM closely for unusual or non standard appearance/items. Scratches, marks, adhesive or tape residues could be indictors of tampering.
Familiarize yourself with the look and feel of your ATM fascia. Particularly pay attention to all of the touch and action points. (keypad, card entry slot, etc.)
Report any unusual issues immediately
By being vigilant you can play a part in reducing the risk of a skimming attack!
Facts On ATM Skimming Attacks
Training & Awareness • Situational Training• Guards OJTs• Anti Robbery, Bomb and Evacuation Drills• Online Training• E-Learning Module• Security Awareness weeks• Interaction with senior LEA’s • Security Publications.• Regular Staff Awareness
Travel Advisories Fortnightly Security Updates On Occurrence Security Advice
Awareness Week
• Be proactive rather than reactive
• Adequate reliance on Technology
• Quality of Manpower & Timely response
• Vertical and Horizontal Staff awareness
Essence of Security Management
Thank You