Webinar: Cyber-Physical Converged Threats and Trends in the Financial Services Sector Flashcards
This conversation covers:
* Unique risks to the sector arising from the convergence of cyber and physical threats
* How to identify high-impact cyber and physical threats wherever they emerge
* How companies can become more resilient and leaders can mitigate risk more effectively
Speakers:
Craig Froelich, Chief Information Security Officer, Bank of America
Jason Witty, Senior Vice President & CSO, USAA
Dave DeWalt, Founder & Managing Director, NightDragon
Ted Bailey, Founder and CEO, Dataminr
Ted Bailey
* founded the company in 2009, building an AI platform that has historically focused on physical world threats but more recently has grown into the cyber space, both from the converged cyber-physical security perspective and applying our AI platform more broadly across deep and dark web for more traditional cyber threat intelligence
Dave
* started to see cyber-physical convergence, Colonial pipeline is a good example, the rise of ransomware, where we started to see physical effects from cyber attacks
* we watched this also in Russia-Ukraine attacks
* now we really see a potentiality of these problems, also in climate problems, here in Arizona we had snow in the desert, also in domestic violence and active shooter scenarios
Discussion
* this convergence has been happening over past 20 years
* a peer on campus uses robot dogs synchronised to drones
* as we become more digitised as a society, this convergence becomes more real
* bad guys go down the path of the least resistance, eg ATM or shopping centre
* a risk may start as a cyber and then turn into physical and vice versa
* speed matters in such events, it reduces risks
* false positives are a big challenge
* we have to keep up in the arms race with our adversaries
* we have to keep in mind the velocity of tech changeand access to technologies on the adversary side, and it’s funded by billions from criminal activities
Ted
* threats are becoming multi-domain
* ripple effects of the Colonial pipeline shutdown were tremendous
* unfortunately, it is the beginning of the trend, that a cyber attack has a severe attack on the physical world
* IoT, OT (operational tech) and traditional IT assets like data centers all face these converging cyber-physical risks
* we work with 2/3 of Fortune 500 and 2/3 of Fortune 100 on the CSO side, and more recently we integrate our product with CISO officers
* across the surface web there are signals when vulnerabilities trendallow to find Common Vulnerabilities and Exposures (CVEs) earlier and pre-CVEs
* across deep and dark web there is a myriad of signals that can range from digital risk, eg phishing, which is no longer only email
* an AI-based platform can really up the capacity to detect actionable intelligence in the public info space
Ted
* Multi-Modal Fusion AI spans multiple disciplines, like natural language processing to video and sound recognition to numerical streams from sensors, eg tempertature sensors
* the ability to fuse all of these inputs - text, video, audio, sensors - is a direction for AI that allows automation
* MMF is a really good framework to think about the art of the possible and new AI methdologies
* there is a lot of buzz about generative AI and the capacity of AI to ultimatelu produce content, and this has a lot of ramifications, from the surface web, new type of fraud and new types of threats, but also for tech like ours, we employ generative AI at the last leg of our product, taking all those blips of data and creating a text-based summary, so generative AI can play a role in multi-format signals
* as we become inter-connected, everything becomes a cyber target, as we head into IoT, eg you call Uber and you use your bank on the go, everything can be exploited
