the technological fight against organize fraud

Download The technological fight against organize fraud

Post on 18-Jan-2017

262 views

Category:

Technology

1 download

Embed Size (px)

TRANSCRIPT

  • The technological fight against

    organized fraud

    2011 Summer Course Rey Juan Carlos University

    Aranjuez, 48 July 2011

  • PUBLISHING

    PRODUCTION

    DESIGN AND LAYOUT

    Miguel Salgueiro / MSGrfica

    PRINTING AND BINDING

    Grficas Monterreina

    Legal Deposit: M-22831-2012

  • 2011 Summer Course The technological fight against the organized fraud

    Centro de Investigacin para la Gestin Tecnolgica del Riesgo

    INDEX

    INTRODUCTION ........................................................................................................................................................................................ 5 Santiago Moral Rubio

    PROLOGUE ................................................................................................................................................................................................... 7 Pedro Gonzlez-Trevijano

    SECURITY AND BUSINESS: THE HEDGEHOGS DILEMMA ............................................................................................... 9 Alberto Partida

    ANTI-PHISING WORKING GROUP .................................................................................................................................................. 15 Gary Warner

    THREAT HORIzON: IDENTIfYING fUTURE TRENDS ........................................................................................................... 21 Adrian Davis

    THE RISK Of THE UNPREDICTABLE: THE BLACK SWANS ........................................................................................... 27 Jos Antonio Maas

    ROUND TABLE. NEW THREATS ....................................................................................................................................................... 33 Taking part: David Barroso fernando Garca Vicent Juan Jess Len Cobos Elena Maestre Garca Alfonso Martn Palma Rafael Ortega Garca Toms Roy Catal Juan Salom Clotet Marta Villn Sotomayor Marcos Gmez Hidalgo Modera: Jos de la Pea

  • Centro de Investigacin para la Gestin Tecnolgica del Riesgo

    The technological fight against the organized fraud 2011 Summer Course

    THE RISE Of CYBERCRIME: HOW LAGGING SECURITY MEASURES fUEL THE GROWTH IN ORGANIzED fRAUD ................................................................................................ 45 Richard Stiennon

    fROM HACKING TO ARTIfICIAL INTELLIGENCE .................................................................................................................. 51 Vctor Chapela

    LEGAL CERTAINTY AND CRITICAL ASPECTS Of DATA PROTECTION ............................................................................................................................ 57 francisco Javier Puyol

    THE LAW Of PERSONAL DATA PROTECTION IN MEXICO ............................................................................................... 63 ngel Trinidad zaldvar

    DATA PROTECTION AND THE NEW TECHNOLOGICAL CHALLENGES ..................................................................... 69 Artemi Rallo

    ROUND TABLE: PRIVACY IN THE CLOUD ............................................................................................................................... 75 Taking part: Manuel Carpio Cmara francisco Javier Garca Carmona Guillermo Llorente Ballesteros Idoia Mateo Murillo Justo Lpez Parra francisco Javier Puyol Carles Sol Pascual Modera: Esperanza Marcos

    UNDERSTANDING AND MANAGING SAAS AND CLOUD COMPUTING RISKS ....................................................................................................................................... 85 Tom Scholtz

    THE DARWINIAN COEVOLUTION (AS A STRATEGY IN THE TECHNOLOGICAL INNOVATION APPLIED TO RISK MANAGEMENT) ........................................................................ 91 Santiago Moral Rubio

    PHOTO GALLERY ..................................................................................................................................................................................... 97

  • 2011 Summer Course The technological fight against the organized fraud

    Centro de Investigacin para la Gestin Tecnolgica del Riesgo

    echnological globalization has led to a breakthrough in the participation of citizens in processes of public administrations and businesses that

    provide them with services, but the same risks that exist in the real world have moved to this field.

    The crimes of low intensity, without harming people or their property, were unprofitable in the physical world and therefore are little persecuted; however, technological globalization makes that they are profitable and continue to be of small risk because of the international technological anonymity. Therefore, the risk morphology changes as the parameters of profitability change and that makes now phishing profitable as it is anonymous and massive.

    Risks change and the way to manage them change. The same technologies that have allowed creating this globalized world must be used to manage the new risks existing in the virtual world. for example, one of the emerging risks is the ease of transmission and replication of the personal data of citizens.

    In order to talk about all this, the Research Center for Technological Risk Management convened a Summer Course (within the framework of Summer School at the Rey Juan Carlos University) that was held in Aranjuez (Madrid Spain) between the 4th and 8th July 2011 inclusive, with the active participation of almost 100 attendees and some of the main speakers at the global level in this field.

    Now, in this publication, we transfer to those interested the transcription of the papers presented at the Summer Course.

    INTRODUCTION

    Santiago Moral Rubio(Director of the Summer Course The technological fight against organized fraud)

  • Centro de Investigacin para la Gestin Tecnolgica del Riesgo

    The technological fight against the organized fraud 2011 Summer Course

  • 2011 Summer Course The technological fight against the organized fraud

    Centro de Investigacin para la Gestin Tecnolgica del Riesgo

    hat two major institutions of the economic and financial and academic life, as BBVA and the Rey Juan Carlos University, put together their

    experiences and, above all, the qualification and competence of their teams, to create experiences of training, research and innovation, could only be the advance of great and encouraging contributions to the scientific community. Thus was born the Research Center for Technological Risk Management.

    Under the leadership of Santiago Moral Rubio and francisco Garca Marn last July the course The technological fight against organized fraud was held within the summer courses that the Rey Juan Carlos University holds annually at the Royal site of Aranjuez. The response of the scientific and academic community was massive. The participants level was extraordinary. And the result of work, rigor and the seriousness of the summer experience of 2011 is today reflected in this magnificent volume.

    The need to respond to new formats of risk and fraud, adapted to a global technological reality, is a genuine requirement of an also universal life experience. The significant of the contribution that this work contains is the ability of academic institutions and centers of research to detect problems, build effective solutions and responses and, straight afterwards, transferring this knowledge to the society.

    The Research Center for Technological Risk Management has become not only a leading resort in this area, but also an example of the intense collaboration that universities and companies can and should undertake in a historical setting more demanding. But, above all things, an exciting and motivating environment; an environment of opportunity and challenges for energy, the reflection from the analysis, and creativity. I am convinced that the work of the Research Center for Technological Risk Management will continue to bring, in the immediate future, new grounds for satisfaction like this magnificent work.

    PROLOGUE

    Pedro Gonzlez-Trevijano(Rector of the Rey Juan Carlos University)

  • Centro de Investigacin para la Gestin Tecnolgica del Riesgo

    The technological fight against the organized fraud 2011 Summer Course

  • 2011 Summer Course The technological fight against the organized fraud

    Centro de Investigacin para la Gestin Tecnolgica del Riesgo

    he philosopher Schopenhauer baptized the expression hedgehogs dilemma to explain, in his view, how the personal and social relationships worked.

    According to his research, the human must assume the following paradox: find the collective heat necessary for our survival and avoid any damage that might arise from such interaction with others at the same time.

    As the hedgehog that seeks company, but must avoid spikes of others hurt him or do so with their own. Hence I could also explain the perspective from which I took, five years ago, the challenge of creating a security team that was in tune with the business; and the reason why I decided to write a book.

    The challenge has been to find a way in which we avoid the damage of the respective quills between business and security, seeking at the end more similarities in the interaction of the penguins, species that can reach intimacy more than hedgehogs as they dont have spikes and have no fear to hurt or be hurt.

    The first change I assumed in the definition of my security team was to modify the original name, from security administration team to operational security team, where we took on the security of the information on production systems; but maintaining the challenge: achieve a harmony between the se

Recommended

View more >