Cyber: The Threat Is Real
With an estimated $800 Billion USD of cybercrime committed globally every year, the protection of our citizens, businesses and communities has become ever critical.
Cyber security is a key focus area in financial services where it is estimated that large financial institutions stave off over one billion digital threats every year – 80% from hacktivists, 17% from professional cyber criminals, and the balance from sovereign and terrorist actors.
Though penetration rates from hacktivists are low, cyber criminals are increasingly compromising enterprises and stealing valuable financial data as heard in the news about firms such as Yahoo, Sony, Target and JP Morgan.
The relationship between cyber threats and 9/11 is poignant, it is the existential risk that is posed – could cyber criminals or terrorists take down our financial system – how real is the threat?
The keynote address was delivered by Frank Bisignano, CEO of First Data, and a board member of the 9/11 Memorial and Museum, a man whose personal journey through the events leading up to and including 9/11 is nothing short of breath taking – he is a legend.
Frank was at Citi on 9/11 and led 16,000 employees on the walk north to 34th Street, Citi’s operations hub. As CAO, Frank led the contingency planning, should disaster strike the Twin Towers, and was ready when the unthinkable event occurred.
Known for being a shrewd cost manager, Frank invested millions on a new remote data center before 9/11, avoiding a commercially advantageous deal to significantly reduce costs by moving Citi’s data center to the Twin Towers on the old Salomon Brothers floor. He cited at the time, “it just doesn’t seem right to have a data center in the sky.”
“It is important to prepare for a crisis, but know that you are never really prepared,” he said.
A fireside chat saw two of the world’s preeminent cyber experts, Ciaran Martin, CEO at National Cyber Security Centre and Philip Reitinger, President and CEO at Global Cyber Alliance lead an excellent and informative discussion on cybercrime.
“I don’t think a ‘Cyber Armageddon’ is likely, but I do think it’s possible,” said Phil Reitinger, “I’m not sure anyone has a plan for when power, telecoms and financial services around the world go down,” he said. “What happens then? How do we recover?”
The two experts agreed that it is all about moving from beyond passwords, and the FIDO Alliance focus on industry standards for two factor authorization is the best emerging solution to thwart cybercrime.
Two factor authorization relies on a biometric identification like voice recognition or a facial scan followed by a device authorization such as a dongle, or security code received on a personal device like a mobile phone.
What is impressive is the level of collaboration between intelligence organizations in the US and UK and the financial services sector – a sign that there is much being done in collaboration to prevent cyber attacks.
Commenting on the collaboration between the finance community, Ciaran Martin cited, “It is the closest we have to a model on sharing,” but added, “We have to be very choosy about the sort of collaboration we do, otherwise there may be wasted effort and bad advice.”
Finishing the event with a tour of the 9/11 Museum was humbling and delegates were profoundly moved. The impact of terrorism is not fathomable and the response to 9/11 in New York, the US and around the world was one of unity and stiffening resolve.
The threat of cyber attacks unites those countries and players who see innovation and digital connectivity as critical to an inclusive, open society. We must do everything we can on our watch to prevent cybercrime from robbing us of our financial system and better protecting our citizens, businesses and communities from financial fraud. We must unite and collaborate to protect this freedom.
A second panel of global cyber experts included: Judith Germano, Adjunct Professor of Law & Senior Fellow, NYU Law; Justin Fier, Director for Cyber Intelligence and Analytics at Darktrace; Jon Hawes, Data Insight Strategy at Panaseer; and, Ed Dickson, President, Investigations at MSA Security.
The National Cyber Security Centre, part of the UK’s Government Communications Headquarters (GCHQ), a British intelligence and security organization responsible for providing intelligence and information assurance to the British government and armed forces.
The Global Cyber Alliance (GCA), a partnership of law enforcement and research organizations focused on combating systemic cyber risk in real, measurable ways founded by the New York County District Attorney, the City of London Police and the Centre for Internet Security.