Presentation is loading. Please wait.

Presentation is loading. Please wait.

Data Breaches in Payments Systems- Roles and Best Practices for the Public and Private Sector Response Don Rhodes Director Risk Management Policy American.

Published byDwayne Wilkinson Modified over 9 years ago

Similar presentations

Presentation on theme: "Data Breaches in Payments Systems- Roles and Best Practices for the Public and Private Sector Response Don Rhodes Director Risk Management Policy American."— Presentation transcript:

1 Data Breaches in Payments Systems- Roles and Best Practices for the Public and Private Sector Response Don Rhodes Director Risk Management Policy American Bankers Association Risk Management

2 Agenda ▪ Corporate Account Takeover ▪ Zeus Trojan ▪ Best Practices ▪ ABA Efforts Risk Management

3 Spear Phishing

4 Risk Management Spear Phishing

5 Risk Management Spear Phishing

6 Risk Management Banking Trojans in the News Silver Tail Systems

7 Risk Management What Happened in Kentucky? County treasurer had Zeus malware on his PC Criminals stole credentials and logged in to bank accounts from treasurer’s PC  Reconnaissance used to plan theft  Mule recruitment pretending to be CareerBuilder  Created mules as fictitious employees  Mules receive $9700 and sent $9200 to Ukraine via Western Union More than 25 <$10,000 wire transfers /Total of $415k stolen Silver Tail Systems

8 Risk Management Business Exploit

9 Risk Management Best Practices 1. Understand what data is most sensitive to your business 2. Know where this sensitive data resides 3. Understand your risk model 4. Select the appropriate controls based on policy, risk, and where sensitive data resides 5. Manage security centrally 6. Audit security to constantly improve http://www.rsa.com/ ©2009 RSA Security Inc.

10 Risk Management Best Practices http://www.ftc.gov/infosecurity/

11 Risk Management ABA Efforts ▪ National Card Fraud Task Force ▪ Information Security Working Group ▪ Risk Management Forum April 28-30, Renaissance Vinoy, St. Petersburg, FL

12 Data Breaches in Payments Systems- Roles and Best Practices for the Public and Private Sector Response Don Rhodes Director Risk Management Policy American Bankers Association drhodes@aba.com 202-663-7513 Risk Management

Download ppt "Data Breaches in Payments Systems- Roles and Best Practices for the Public and Private Sector Response Don Rhodes Director Risk Management Policy American."

Similar presentations

Ziv Cohen – Director, EMEA

Ziv Cohen – Director, EMEA
Identity theft Phishing Reshipping thief * All a thief needs are a Social Security # and a resume to steal a job seeker's identity. * fake A Social Security.

Identity theft Phishing Reshipping thief * All a thief needs are a Social Security # and a resume to steal a job seeker's identity. * fake A Social Security.
CORPORATE ACCOUNT TAKEOVER & PAYMENTS FRAUD WHAT IS HAPPENING NOW? SEPTEMBER 2014 VERSION 3.

CORPORATE ACCOUNT TAKEOVER & PAYMENTS FRAUD WHAT IS HAPPENING NOW? SEPTEMBER 2014 VERSION 3.
Faces of Fraud: What Every Institution Should Know Presented by: Tom Field Editorial Director Information Security Media Group: BankInfoSecurity.com CUInfoSecurity.com.

Faces of Fraud: What Every Institution Should Know Presented by: Tom Field Editorial Director Information Security Media Group: BankInfoSecurity.com CUInfoSecurity.com.
Malware and ACH/EFT Fraud

Malware and ACH/EFT Fraud
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Consumer Authentication in e-Banking & Part 748 – Appendix B Response Program Catherine Yao Information Systems Officer NCUA.

Consumer Authentication in e-Banking & Part 748 – Appendix B Response Program Catherine Yao Information Systems Officer NCUA.
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
Corporate Account Takeover Presented by : Jim Vogt, CFE, CTP.

Corporate Account Takeover Presented by : Jim Vogt, CFE, CTP.
Cyber Crime Trends A “State of the Union”.

Cyber Crime Trends A “State of the Union”.
CUTTING OFF THE HYDRA HEADS OF ACH WIRE FRAUD Presented by: Eigen Heald, MsIA, CISA, CISSP, CGEIT, CEH, GCFA.

CUTTING OFF THE HYDRA HEADS OF ACH WIRE FRAUD Presented by: Eigen Heald, MsIA, CISA, CISSP, CGEIT, CEH, GCFA.
The shadow war: What policymakers need to know about cybersecurity Eric Miller Vice President, Policy, Innovation, and Competitiveness Canadian Council.

The shadow war: What policymakers need to know about cybersecurity Eric Miller Vice President, Policy, Innovation, and Competitiveness Canadian Council.
Information Security Awareness April 13, 2003. Motivation Recent federal and state regulations and guidance Recent federal and state regulations and guidance.

Information Security Awareness April 13, Motivation Recent federal and state regulations and guidance Recent federal and state regulations and guidance.
Social Engineering J Nivethan. Social Engineering The process of deceiving people into giving away access or confidential information Onlinne Phone Offline.

Social Engineering J Nivethan. Social Engineering The process of deceiving people into giving away access or confidential information Onlinne Phone Offline.
Government Databases and You or How I Learned to Stop Worrying and Love Information Loss. By Patrick Fahey Mis 304.

Government Databases and You or How I Learned to Stop Worrying and Love Information Loss. By Patrick Fahey Mis 304.
Australian High Tech Crime Centre What is cybercrime & trends Monday 5 November 2007.

Australian High Tech Crime Centre What is cybercrime & trends Monday 5 November 2007.
Payment Fraud Trends : What Can you do? Protect Yourself and Your Business from Financial Fraud.

Payment Fraud Trends : What Can you do? Protect Yourself and Your Business from Financial Fraud.
INFORMATION SECURITY UPDATE Al Arboleda Chief Information Security Officer.

INFORMATION SECURITY UPDATE Al Arboleda Chief Information Security Officer.
Electronic Banking BY Bahaa Abas Noor abo han. Definition * e-banking is defined as: …the automated delivery of new and traditional banking products and.

Electronic Banking BY Bahaa Abas Noor abo han. Definition * e-banking is defined as: …the automated delivery of new and traditional banking products and.
INTERNAL AUDIT - ACCOUNTS RECEIVABLE AND COLLECTIONS AUDIT University of Washington August 11, 2011 Kim Herrenkohl, Director Western Washington University.

INTERNAL AUDIT - ACCOUNTS RECEIVABLE AND COLLECTIONS AUDIT University of Washington August 11, 2011 Kim Herrenkohl, Director Western Washington University.

Similar presentations

Ads by Google