Topics of the Conference
(1) ICT security incidents, breaches and risks and their impact on financial institutions
• account takeovers,
• identity theft,
• DRP issues, telecommunication network disruptions,
• third-party payment processor breaches,
• malicious software (malware),
• mobile platforms exploitation,
• ATM skimming/point-of-sale attack schemes,
• data integrity breaches,
• social engineering techniques: phishing, pharming, vishing and smishing,
• banking trojan horses, available botnets and zombies.
(2) Designing and managing effective information security frameworks and programs
• a written information security policy, requirements on formalized security documentation,
• security awareness education and employee training,
• IT risk management,
• key risks indicators,
• information security audit frameworks,
• security monitoring and incident handling,
• PCI DSS requirements,
• comprehensive communications plan to respond to inquiries in the event of a breach.
(3) The latest security technology to help to mitigate these risks.
• spyware and malware detection,
• firewalling, network segmentation principles,
• server-based access control lists,
• role-based access control (RBAC),
• network admission control (NAC),
• intrusion prevention and intrusion detection,
• vulnerability scanning tools,
• encryption for data in transit,
• data loss / data leakage prevention,
• fraud detection systems,
• penetration tests, ethical hacking.