Comments
yourfanat wrote: I am using another tool for Oracle developers - dbForge Studio for Oracle. This IDE has lots of usefull features, among them: oracle designer, code competion and formatter, query builder, debugger, profiler, erxport/import, reports and many others. The latest version supports Oracle 12C. More information here.
Cloud Expo on Google News
SYS-CON.TV
Cloud Expo & Virtualization 2009 East
PLATINUM SPONSORS:
IBM
Smarter Business Solutions Through Dynamic Infrastructure
IBM
Smarter Insights: How the CIO Becomes a Hero Again
Microsoft
Windows Azure
GOLD SPONSORS:
Appsense
Why VDI?
CA
Maximizing the Business Value of Virtualization in Enterprise and Cloud Computing Environments
ExactTarget
Messaging in the Cloud - Email, SMS and Voice
Freedom OSS
Stairway to the Cloud
Sun
Sun's Incubation Platform: Helping Startups Serve the Enterprise
POWER PANELS:
Cloud Computing & Enterprise IT: Cost & Operational Benefits
How and Why is a Flexible IT Infrastructure the Key To the Future?
Click For 2008 West
Event Webcasts
Booz Allen Announces Top 10 Financial Services Cyber Risk Trends for 2013

Ask any customer what they expect from their bank or financial services firm today, and two words come through loudly and clearly: security and privacy. Commercial and institutional customers have come to expect seamless service, properly cleared transactions and fast, accurate information. But news about major cybersecurity breaches has alarmed consumers, causing banks to redouble their efforts to protect their technology infrastructure. This means the stakes have never been higher for banks and financial services firms, and there are clear trends for cyber risk and security protection in the financial services industry in 2013, according to the experts at Booz Allen Hamilton.

“When we think about the lethal daily threats to the globally integrated financial services industry from nation-states and individuals, it is imperative that Chief Information Security Officers begin looking around corners, talk with each other and better prioritize the real threats to their firms,” said Mike McConnell, Booz Allen vice chairman and former Director of National Intelligence. “Self-evaluation and industry-wide conversations are the new ‘rules of the road’ to creating successful, integrated cyber defenses. The CISO can really drive organization-wide change while still championing efficiency and customer service.”

McConnell is speaking today at Bloomberg’s Enterprise Risk Conference (more information) where he will discuss the financial services industry’s responses to state-based and state-sponsored cyber attacks. He added, “There are many cyber trends – including the sophistication and lethality of the attacks – that the financial industry should be aware of. Even though it is difficult to look into a crystal ball and predict the future, these events are happening now and could cause significant reputational, financial and infrastructure damage to any ill-prepared firm. Individual companies should not wait for legislation or an Executive Order to come together with their government counterparts to find dynamic solutions to these big issues.”

Booz Allen works with financial services firms to identify and benchmark best practices and challenges for long-term cybersecurity prevention and protection. This process is part of Booz Allen’s Cyber M3 (Measure, Manage, Mature) capability, which evaluates the maturity of a firm’s cybersecurity programs. Both Cyber M3 and the benchmarking program incorporate technology, business process engineering, human capital development and risk management in developing a comprehensive picture of a firm’s and industry’s cyber readiness.

The Top 10 Financial Services Cybersecurity Trends for 2013:

  1. Business/Information Risk protection is not Just a Technology IssueSpending on new technology alone is not enough to protect a firm’s information and business. Firms must also invest in people and in fine-tuning processes to ensure, not only the proper use of technology, but that the processes that require interfaces between organizations are well managed and executed flawlessly. No matter how good a technology is, if not used correctly by skilled employees who follow well-defined processes, vulnerabilities will surface that can be leveraged by both internal and external threat actors.
  2. Data disruption attacks may become data destruction attacks The potential of threat actors actually destroying data is a major concern among risk and security professionals. Over time, the financial services industry will face threats from extremist groups who, when denied access to weapons of mass destruction, will use cyber as a “weapon of mass disruption.” Additionally, threat actors who mean to disrupt a firm’s business operations to make a statement or prove what they consider a moral point will also utilize destruction of data to ensure they make an impact.
  3. Nation-states and threat actors are becoming more sophisticated We now have to face more sophisticated threat actors such as smaller nation-states and terrorist elements obtaining similar capabilities. The financial services industry must fully understand the entire threat landscape and what this means in terms of employing the right people, technology and processes to ensure business continuity and proper risk management.
  4. Legislation could push industry standards around cyber risks and improve threat intelligence information sharing Banks already share information, but they will need to do more in light of possible legislation to set standards for cyber protection. If Congress allows the sharing of important national security information, industry standards could become a benchmark requirement that firms must meet before they are given access to government information. Additionally, such legislation could help in reducing the valid fears of firms in sharing cyber incident information due to the threat of penalties and further regulation. The industry and government must acknowledge and treat firms as part of the nation’s critical infrastructure because a breach at anyone bank or firm can have severe, cascading effects on the nation’s stability.
  5. Predictive threat intelligence analytics will create a more effective risk management capabilityFinancial services firms must begin to employ a more predictive threat intelligence capability to determine who might be trying to attack them and how. Focusing on understanding their own individual business risks (as well as industry risks) and combating real potential threats that could focus on such risks is much more effective than trying to create a defense that could cover any possible threat.
  6. Vendor Risk Management is becoming an increasingly important concern among firms Most firms buy much of their information technology and services from suppliers. Therefore, these suppliers’ vulnerabilities become the vulnerabilities of the firms they provide products and services. Firms are becoming more focused on the security requirements for these suppliers and engaging independent third parties to evaluate the risks around such products and services.
  7. Cyber risk continues to be a board-level issue Information, legal documents, and communications with clients and employees are all becoming more and more electronic every day to include an even greater usage of mobile technologies and social media. The boards of financial institutions must create and embrace a culture that acknowledges the evolving risks and more openly shares incident information across the industry, with technology providers and with both law enforcement and the federal government.
  8. Firms must continue to embrace and adapt to the new “boundless network,” and must also invest in training its workforce to properly access and protect corporate data Cloud, social and mobile technologies, including “Bring Your Own Device” (BYOD), are simply too cost efficient and effective for institutions to ignore them. Security and risk professionals need to better integrate these technology trends, which will require they embrace the fact that the corporate network now has extended beyond their control. Risk management and mitigation is evolving to better control how corporate data travels these boundless networks and ensuring the education of their employees on the responsibilities they have in securing such data.
  9. Identity and Access Management is becoming a key security control area in which firms will continue to invest heavily The days of focusing solely on perimeter defense have long since passed. Phishing and other social engineering strategies employed by threat actors have been very effective in allowing them to penetrate almost any network. Banking institutions must assume these actors can get in. Ensuring proper identity of an authorized individual is a key area that is being addressed by all firms in all industries to address this new paradigm. Most threat actors employ a strategy to gain access to networks and information by gaining access to valid authorized credentials of a firm’s employee so that they can go undetected in their actions. Firms will continue to invest heavily in ensuring that an authorized user is actually an authorized user. Additionally, firms will invest more heavily in tracking unusual activity of a user to detect stolen credentials or an insider threat.
  10. The Financial Services industry will rely more heavily on cyber benchmarking The FS industry is investing more and more in protecting its information assets and wisely spending these scarce dollars is becoming increasingly important, not only from an effectiveness standpoint, but to also be able to articulate to business leaders, the value of such an investment. The FS industry, therefore, will continue to use industry benchmarks to understand how their competitors and suppliers are investing in people processes and technology for cyber risk management.

For 2012 Booz Allen issued its first annual list of cybersecurity trends for the financial services industry (read the 2012 list). Since then, the industry has experienced a number of high-profile attacks, such as the DDoS attacks on U.S. commercial banks and the New York Stock Exchange.

“In the span of one year, we have seen a significant shift in the frequency and sophistication of cyber attacks on financial services firms. This is perhaps the biggest trend of them all,” McConnell said.

ABOUT BOOZ ALLEN HAMILTON

Booz Allen Hamilton is a leading provider of management and technology consulting services to the U.S. government in defense, intelligence, and civil markets, and to major corporations, institutions, and not-for-profit organizations. Booz Allen combines deep technical knowledge with expertise in each client’s core mission to deliver proven results. Booz Allen is headquartered in McLean, Virginia, employs approximately 24,000 people, and had revenue of $5.86 billion for the 12 months ended March 31, 2012 (NYSE: BAH).

About Business Wire
Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Cloud Developer Stories
More and more enterprises today are doing business by opening up their data and applications through APIs. Though forward-thinking and strategic, exposing APIs also increases the surface area for potential attack by hackers. To benefit from APIs while staying secure, enterprises ...
Web conferencing in a public cloud has the same risks as any other cloud service. If you have ever had concerns over the types of data being shared in your employees’ web conferences, such as IP, financials or customer data, then it’s time to look at web conferencing in a private...
Many cloud hosting providers have achieved ticket-of-entry credibility in the data warehousing industry by building simple colocation centers. A first-tier database as a service (DBaaS) contender, however, is set apart by a value-added service approach that is strategic, consulta...
Today’s hyper competitive environment defined by unreasonable demands for speed and high expectations for quality and usability has forced companies to differentiate based on their technology. Every company is a software company where customers’ demands for features and functions...
Next-Gen Cloud. Whatever you call it, there’s a higher calling for cloud computing that requires providers to change their spots and move from a commodity mindset to a premium one. Businesses can no longer maintain the status quo that today’s service providers offer. Yes, the con...
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021



SYS-CON Featured Whitepapers
ADS BY GOOGLE

Breaking Cloud Computing News
Parsons is pleased to announce that it has acquired Secure Mission Solutions, a premier provider of ...