If you missed out on FS-ISAC this week, below is an elevator ride summary of key security points. Sorry, unable to pass on the 80-degree sunny weather, ocean views and a flight deck dinner on the Midway aircraft carrier (take the tour if you can.)
The fall FS-ISAC (Financial Services – Information Sharing Analysis Center) event held in San Diego at the Hotel Del Coronado brought together over 800 financial security leaders and keynote perspectives from Mike Rogers, former member of US Congress, member of the US Army, and FBI Special Agent. If you asked for a 2-minute overview, here are the key points in our notes:
- Expect phishing attacks to be more specialized to individuals using stolen personal information, a prime example being OPM stolen personal data that is very detailed. Phishing attacks will appear more trustworthy to targets using personal information that has little exposure to give the sender credibility. These attacks will likely lead to account compromise and hijacking to evade defenses.
- For threat intelligence sharing, it needs to happen in minutes to help others within industry and across industries. The value decreases quickly as attacks succeed in minutes while dwell time is often months to detection. Balance IT security investment between preventive and detective defenses.
- Weak signals need to be analyzed for user behaviors within identities, access and actions before and after on all accounts and entitlements as isolated transaction analysis is too narrow. Full context determines the predictive security analytics value for weak signals.
- Nation states have targeted and breached individual companies and will continue via cyber strikes directly or via third parties. As a security leader at your company adversaries include nation states, nation-state enabled cyber crime, cyber crime and social hack-tivists. The game is not getting an easier as cyber attacks become part of a nation’s offense and defense.
- Softening the battlefield strategies continue to increase via cyber attacks for economic impact or to weaken infrastructure such as communications, power grids, or GPS. During the keynote address a new cyber defense for the Navy was displayed – a sextant.
Cyber security is well beyond a malware problem, mindsets need to shift forward to big data analysis, compute cycles and machine learning for complex problem analysis. Dwell time needs to be reduced and predictive security from the perspective of user behavior analytics for on-premise and cloud IT needs to increase. Providing access through authentication and authorization and then assuming all is ok parallels the weakness of fighting cyber attacks with signatures and rules.