The Page One

7/24/2019 The Page One

1/202015 Lockheed Marn Corporaon

!"#$% '( )*+%,-%.",#'*/(, 0#121.#23 4%,5#.%- 0#,6-76+,2.#18 21 91'%33#8%1.% :,#5%1 :%/%1-%;

An eBook Presented by:

Lockheed Marn Corporaon


2/20

!"#$% '( )'*+%*+,

9?:@)=9?< ## #

9 A =B7 0C)7 ?0 =?:CDE4 )DF7>)>9G97C=4 09!C94NO G?>7 =BC< =B7 F?==?G H9!C94N Q

JA B?M ?>!C


3/20

91',($".'#(1

Businesses of all sizes in every industry have grownincreasingly concerned about cybersecurity, but nonemore so than the nancial services sector. Much of anancial organizaons valuable informaon is storedelectronically, more systems and databases are inuse, and use of the Internet and mobile technologiesfor data transmissions is growing exponenally. Therisk of a cyberaack is immense.

Beyond protecng data such as customer records,clearing and trading informaon or condenal

documents, nancial services organizaons havethe hey challenge of safeguarding their systemsand networks as well as the nancial assets theyhold. While the nancial, reputaonal, and legalramicaons of a security breach for an individualrm may be signicant, if several instuonswere to be aacked simultaneously, the blowto market condence and the naons nancialstability would be disastrous.

The implicaons are so great that the U.S.Director of Naonal Intelligence has rankedcybercrime as the top naonal security threat,saying the risk is higher than that of terrorism,

espionage, and weapons of mass destrucon.!The systemic danger posed by cybercrimesagainst the nancial services industry has raisedconcerns of regulators around the globe.

Their concerns are jused. According tothe 2015 Industry Drill-Down Report fromWebsense, the nancial services sectorencounters aacks 300 percent more frequentlythan other industries.#In just the rst half of 2015alone, the Identy The Resource Center tallied30 known breaches in the nancial sector.3

While cyber intrusions have grown moresophiscated over the last ve years, banksand nancial services organizaons have foundthemselves also encumbered with challenginginiaves to improve prot margins, meetcustomer demands, and comply with newregulaons. As they focused on these iniaves,they became more vulnerable to a variety ofsophiscated and persistent cyberaacks.

Business leaders have acknowledged the wake-upcall. According to the 2015 Travelers Business RiskIndex, 80 percent of leaders in the banking andnancial services sector cite cyber risks as theirtop concern, overshadowing compliance, legal,and economic concerns.$Many have taken stepsto strengthen their cybersecurity posture, butthe industry will connue to be challenged by thespeed of technological change and the increasinglysophiscated nature of cyberthreats. The war againstcybercrime in nancial services has just begun.

In order to thwart emerging aacks, an eecvedefense requires a connuous eort based on anunderstanding of those threats and the ability todynamically adapt to an adversarys methods. Thebest defense is an intelligent defense.

The goal of this guide is to help security leadersunderstand the risks cyberaacks present to theircompanies, who and what they are up against in theworld of cybercrime, and why their organizaonsare vulnerable. It presents a cybersecurity modelfor organizaons to detect, migate, and eecvelyadapt to advanced cyberthreats.

CYBER

RISKS/

DATA

BREACHES

How much do you worry about this threatening you business?

GREATEST RISK CONCERNS FOR THE BANKING AND

FINANCIAL SERVICES INDUSTRY

LEGAL

LIABILITY

COMPLYING

WITH LAWS

BROAD

ECONOMIC

UNCERTAINTY

IMPACT OF

GLOBAL

ECONOMY

MEDICAL

COST

INFLATION

FINANCIAL

ISSUES

RISKS TO

CORPORATE

REPUTATION

INCREASING

EMPLOYEE

BENEFIT

ATT

RE

T

80%

65%63% 62%

53%51% 50%

48%

44%

SOURCE: 2015 Travelers Business Risk Index

9?:@)=9?<


4/20


5/20

In early 2015, a Russian cybergang was prosecuted forinltrang more than 100 banks, nancial instuons,electronic payment plaorms, and nancial processingrms in 30 countries.%Through a series of advancedpersistent threat (APT) aacks, the hackers penetratedinternal systems and began slowly and quietly

manipulang account balances, seizing control ofATMs, and moving money out of bank accounts.Total losses are expected to reach $1 billion as theinvesgaon connues.&

Money has been and will connue to be aleading movator for criminals to target nancialorganizaons; however, stealing customer idenes,condenal documents, and even employee recordscan be an objecve as well. The global economic crisis,increased exposure to foreign intelligence enes, andthe propagaon of digital data have resulted in therise of malicious aacks from a larger pool of threatactorshackvist groups movated by polical or

social agendas and naon-states seeking to createsystemic chaos in the nancial markets. Anothergrowing threat to the nancial services industry aremalicious and unwing company insidersemployees,contractors, suppliers, and even trusted businesspartners who have authorized access to systems and/or sensive informaon.

According to a security survey of the nancial servicessector, almost half (46 percent) of security specialistscited abuse or misuse by internal employees orcontractors as their most predominant cause ofbreaches.'A disgruntled or cash-strapped insider maybe easily persuaded to expose sensive informaon or

use it for personal gain, misuse his/her access to internalnetworks and systems, or create backdoor accounts toprovide direct access to sensive informaon.

One of the 10 largest banks in the world lost controlof 27,000 customer les, potenally worth millionson the black market, to an employee who was alleg-edly planning to sell the stolen informaon.8At a largeinsurance company, an IT staer was caught aempngto sell the idenes of nearly 60,000 employeesinformaon he had stolen from the companysdatabaseand commied credit card fraud.(

Despite the number of publicized aacks, manyincidents go unreported because the stakes are high.What is reported is escalang at an alarming rate. TheFederal Bureau of Invesgaon (FBI) reports that newcases of trade-secret the have increased 39 percentsince 2010, and economic espionage cases have morethan doubled in the past 18 months.!)

Last years hacking of a leading nancial instuoncompromised the personal account informaon of 76

million households and seven million small businesses.

This event accelerated eorts by federal and state

authories to push banks and brokerage rms to put

more stringent procedures and safeguards in place.!!As

a result, banks and nancial organizaons are invesng

in stronger rewalls, encrypon technology, and other

network security measures to keep out intruders.!#

Nonetheless, given the large pool of threat actorsdriven by a wide range of moves, nancial servicesrms must do more than simply strengthen their IT

systems. Winning the war against cyber criminalsrequires organizaons to embrace cybersecurityas a strategic business funcon, rather than anIT funcon, and adopt an Intelligence DrivenDefense methodology. This approach addressesthe threat landscape rather than security incidents,and it connuously evolves to provide eecve,predicve security based on the security status ofthe organizaon and the threats it may face. Anorganizaon that can avoid and migate threatsno longer has to devote its security resources toreacng to incidents. That organizaon becomesmuch more secure and protected against thethreats of today and those of tomorrow.

Attackers seek to

compromise systems

to commit theft ornancial fraud.

Attackers intend to steal

sensitive information to

sell to be used by athird party.

Attackers carry our a groups

goal to destroy an institutions

economic stability or damage itsreputation by compromising

information or systems.

Politically Driven Espionage Driven Financially Driven

Employee, contractor,

supplier or business

partner with system access

steals information or

sabotages systems.

Insiders

Seeks secrets or

intellectual property

to help their host

nation gain strategic

advantage.

Nation States

Range from lone

actors to large crime

organizatons. Goal is

to steal identities

and money.

CybercriminalsHacktivists

Sabotage systems

to make a political

or social statement.

Cyber Crime Actors

Criminal Motives

=B7 0C)7 ?0 =?:CDE4 )DF7>)>9G947)@>9=D 0?> 09G4


6/20


7/20

Safeguarding data (customer records, clearing andtrading informaon, or condenal documents) isa priority of nancial services organizaons, butthey must also protect their systems, networks,and the nancial assets they hold. They have agreater number of crown jewels to steal, and

so face more threats than many other industries.Following are nine of the most concerning threats:

1. !"#$%&'" )'*+,+-'%- ./*'$-+ 0!).+1.APTs use undetected, connuous computerhacking processes to gain access to a high-value organizaons network. Phishingemails or other tricks to fool employees intodownloading malware are a common pracce.When the unauthorized person gains access,they oen go undetected for a long period ofmequietly stealing data, comming fraud,destroying an instuons economic stability,

*+ undermining its reputaon.As menoned earlier, numerous banks, nan-cial instuons, electronic payment plaorms,and nancial processing rms in 30 countries(including the U.S.) were inltrated by Russianhackers running an APT known as Carbanak.The data the resulted in more than 160 millionstolen credit card numbers, stolen idenes,and hundreds of millions of dollars in losses.13The criminals did not need prior knowledgeof the inner workings of the target banks.Instead, they used the APT to capture low-quality video of employees keying in data and

used the informaon to withdraw an esmat-ed $1 billion from ATMs around the world.!$

2. 2%+,"'* $%" 2%-'*%$3 ./*'$-+.Any employee, contractor, supplier, or businesspartner who has authorized access to systemsand/or sensive informaon has the opportunityto do irrevocable harm to a company. This threathas grown more substanal with the increased

use of personal devices in the workplace, personalemail, and cloud-based and USB storage devices.Intenonally or unintenonally, insiders canundermine systems, open them to maliciousintrusion and engage in fraud, the, or marketmanipulaon.

4$+' ,% )5,%-6A system administrator at oneof the worlds largest banks developed a logicbomb to disable much of the banks network.The employee had made numerous nancialbets on the companys stock and meant to tankits value.!%

3. 7'%,$3 58 9'*#,&' !--$&:+ 077591.These threats are dened as any aackintended to compromise the availability ofnetworks and systems and are of concern tonancial corporaons operang consumer-facing websites or trading systems. Suchaacks ood a network with phony conneconrequests, making it unavailable to processlegimate user requests.

According to a recent Verisign report, thenancial services industry is experiencing anincrease in DDoS aacks that camouage othertypes of network intrusions. While intrusion-

response teams focus on DDoS migaon,aackers have a greater chance of gengpast rewalls unnoced to conduct data andnancial the.!&

4. !&&5;%- .$:'5#'*+. Cybercriminals havequickly discovered how to exploit nancialand market systems that interface with theInternet, such as the automated clearing house(ACH) systems, card payments, and markettrades. Exploing system users rather thanthe systems themselves earns criminals accessto exisng bank or credit card accounts ornancial systems, and allows them to carry outunauthorized transacons. According to a recentreport on cybersecurity in the banking sector,almost half (46 percent) of instuons report-ed account takeovers as the most frequentcyber intrusion acvity they experience.!'

One U.S. bank was held liable for $560,000in fraudulent transfers made from one of itsbusiness account holders aer their bankaccount credenals were compromised by a

How banks are affected

HOW ADVANCED PERSISTENT THREATS ATTACK BANKS

1. InfectionIntercepting the clerks screens

2. Harvesting Intelligence 3. Mimicking the staff

Attackerbackdoor sentas an attachment

Hacker

100s of machines infectedin search of the admin pc

Bankemployee

Emailwith exploits

Credentialsstolen

ADMIN

CASHTRANSFERSYSTEMS

Online bankingMoney was transferredto fraudsters accounts

E-payment systemsMoney was transferred

to banks in China

and the U.S.

Inating accountbalances

The extra fundswere pocketed via a

fraudulent transaction

Controlling ATMsOrders to dispense cashat predetermined times

=B7 =B>7C=4 09!C47)@>9=D 0?> 09G4


8/20

targeted phishing aack.18The courts ruled thatthe bank should have been able to idenfy andstop the fraudulent transfers.

5. 9'&;*,-,'+ $%" $%:,%= >*'$&/'+DMeeng customer demands for greater mobilebanking capability has opened nancial instuonsup to another cyber threat. Cybercriminals have

quickly gured out how to exploit the vulnerabiliesin mobile technology by using malicious websites,text messages or mobile applicaons to gain accessto a users credenals and account informaon.

One of the newest mobile-wallet paymentsystems, Apple Pay,, was hit earlier this year bya wave of fraudulent transacons using stolencredit card numbers.#%The aack exposed a glaringweakness in mobile payments: the lack of two-factor authencaon.

9. )$@A'%- 4$*" 9:,AA,%=.A skimmer ed to the outside or inside of an ATM,

POS device or gas staon pumps enables a criminalto collect card numbers and personal idencaonnumbers. The stolen data is usually sold or usedto make fake cards to withdraw money from thecompromised accounts. As companies connue toroll outand consumers embracenew electronicand wireless payment systems, criminals are quicklyadapng. Hackers have already designed Bluetooth-enabled wireless skimmers to instantly downloaddata when in range of the wireless network.

According to a recent FICO report, debit card fraudhas hit a 20-year high.#&Fraud at bank branch ATMsincreased 174 percent over the prior year period,

while o-site ATM machines rose an astounding 317percent.#'A 2013 heist demonstrated how quick andprotable these aacks can be: Thieves in New Yorkwithdrew $2.4 million from 2,904 machines over 10hoursa heist prosecutors claim to be one of thelargest in New York City history.28

Clearly, the threats against the nancial services industryare sizable and signicant, but do organizaons fullyunderstand the risks they face?

!"#$% '(#)*$ +#$$,-( .#%# /)(#01

23 45 +,66,27 .(/,% #7. 0)(.,% 0#).

#00287%$ ,$ /(6,(-(. %2 /( 0#8$(. /'

1#09()$ :12 /)29( ,7%2 %1( )(%#,6()*$

7(%:2)9 8$,7; 62;,7 0)(.(7%,#6$ $%26(7

3)2+ # 1(#%,7; #7. 0226,7; $87C=4 09!C47)@>9=D 0?> 09G4


9/20


10/20

The number of high-prole intrusions and databreaches within the nancial services industrydemonstrates that cyberaacks are a very realand costly concern, both domescally and abroad.According to the Ponemon Instute, the annualaverage cost per U.S. company of a successfulcyberaack increased to $20.8 million in thenancial services industry, surpassed only bythe defense, energy and ulies sectors.#(

The hey price tag is due in part to the amount ofme it takes an organizaon to resolve or containcybercrimes. The Ponemon Instute found, acrossmulple industries, it took an average of 45 days toresolve cyberaacks with an average cost of $35,647per day and totaling a whopping $1,593,627 overthe 45-day remediaon period.30However, beforean aack can be resolved it must be idened.

The Ponemon Instute study revealed that 8,%$%&,$3+'*#,&'+ 5*=$%,E$-,5%+ -$:' $% $#'*$=' 58FG "$@+ -5 ,"'%-,8@ $% $--$&:.31

It should come as no surprise that companies aredolling out more to prevent breaches. There aresimply more cyberaacks, the cost to invesgateand remediate breaches has risen, and companiesare losing more customers aer data breaches

(and subsequently revenue). In fact, according tothe Ponemon Instute, between 2013 and 2014 theaverage loss of customers who were directly aectedby a data breach increased an alarming 15 percent.32

Beyond the nancial consequences and lostcustomers, organizaons can be impacted bydata breaches in other ways:

Damaged brand reputaon and lost investorcondence when a sensive data breachis exposed

Issuance of regulatory nes for insider tradingor non-compliant use of customer data

Lost clients (and subsequent lost revenue)when condenal contracts, pricingagreements or strategies are leaked

Legal repercussions when condenallyagreements are broken

Increased security risk when knowledge of anenterprises business pracces, systems, anddatabases are known

Loss of crical and high-value personnelwhen salaries, perks, or employment contractdetails are shared

Loss of compeve posion when intellectualproperty is stolen

Business disrupon when cricalinfrastructure(s) are destroyed orcompromised

Clearly, stronger eorts by the nancial servicesindustry to thwart cyberaacks are needed, butwhats holding them back?

!?1()( #)( $,+


11/20


12/20


13/20

cybersecurity iniaves with resources and soluons thattake a more holisc approach. This approach goes farbeyond a return on investment (ROI) model; it considersthe cost of lost reputaon and market share versusoverhead, nes and lost revenue resulng from a breach.

7YW(-%$ +*


14/20


15/20

Security is no longer a one-size-ts-all soluon.Instead, companies must take a holisc approachto creang programs that work. Technologiesevolve and create new threats and vulnerabiliesfor organizaons to address. As such, securityorganizaons need to evolve in order to combat

emerging cyber adversaries.Present-day cybersecurity risk management pracceswithin the nancial services industry are primarilydriven by compliance requirements and managedas an IT funcon. This approach, unfortunately,focuses on security controls and vulnerabilies,creang highly reacve (rather than proacve)operaonal environments. When vulnerabiliesand incidents are found they are handled at amicro level rather than using the intelligence todevelop larger-scale threat scenarios and paerns.

Todays threat landscape requires organizaons to

take a proacve approach to security, rather thanmerely reacng to threats, helping to address thembefore they cause harm. This level of cybersecuritymaturity supports an Intelligence Driven Defenseposturethe leveraging of intelligence to becomeproacve and predicve rather than maintaining areghter approach.

The organizaonal goal should be to mature the sec-urity posture to one of a defense driven by intelligence.Achieving that goal requires a thorough examinaonof tools, processes, and procedures currently in placeto determine if they are properly defending againstsophiscated threats and protecng the enterprise.

This is a journey Lockheed Marn embarked on overa decade ago with its own cybersecurity operaonsto adapt to the evolving landscapewe developedIntelligence Driven Defense branded cyber tech-nologies, skill sets, and tradecra to forfy ourcomputer systems across our enterprises.

Four levels of cybersecurity maturity are found intodays organizaons.

1. >$+,& 9'&;*,-@ MB'*$-,5%+have a foundaonof network hardware, soware and limited faultmonitoring systems including IPS, IDS, rewalls,and SIEM systems. These tools keep a rm insu-lated from 80 percent of known threats. Howev-er, they largely fail against advanced persistent

threats and do lile to idenfy dangerous insiders.2. 45AB3,$%- 9'&;*,-@ MB'*$-,5%+build on basic

security by introducing specic procedures anddocumentaon pracced by a network operaoncenter or a security operaon center (SOC). Thefocus is to deploy more rapid migaon of cyberintrusions and create a reacve defense posture.Oen signicant gaps exist in placed controls.

3. 9;+-$,%$C3' 9'&;*,-@ MB'*$-,5%+align theprocedures and documentaon with industrybest pracces or regulatory compliancestandards for the domain. These are dedicated

facilies that defend the enre enterprise andrespond to all forms of security threats. Thesetradional centers serve well in responseto tradional aacks, but todays threatlandscape requires organizaons to take apredicve approach to security so threats maybe addressed before they cause harm, versusmerely reacng to them.

4. 2%-'33,='%&' 7*,#'% 7'8'%+' services canhelp evolve a tradional SOC into a securityintelligence center (SIC). People and technologyare sll crucial elements, however both areevolved and tailored to support a mature

posture. Intelligence Driven Defense is drivenby organizaonal collaboraon, intelligenceand event analysis, and early threat detecon.Threat intelligence is consumed, produced andused to strengthen the nancial instuonssecurity posture with a predicve capability thatputs the organizaon in a posion to respond toevolving threats before they occur.

When assessing a rms cyber-security maturity, LockheedMarn examines 15 key processareas of an organizaonsoperaons and rates them ona four point scale. Downloadour sample 4.0 CybersecurityMaturity Self-Assessment

Scorecardfor an outline of keyconsideraons for each processarea and descripon of an ideal4.0 state.

!

"

#

$

!"#$%&'%()* !*,"-&$.

/'$*))&0*',* 1-&2*' 1*3*'#*%&'()*+),'

%&-.*+),'

&'.*+),'

/.0)*

Automation and efficient process integration

Cyber intelligence integrated in operations

Procedures and documentation

4567)&%'$ !*,"-&$.

8%#&, !*,"-&$.Foundational security technologies

!"#$%&'( *+"%,'&*-! . #(/"%!"#$%&'( 0,'$%&'(

B?M ?>!C47)@>9=D 0?> 09G4
http://cyber.lockheedmartin.com/cybersecurity-maturity-self-assessment-tool-scorecardhttp://cyber.lockheedmartin.com/cybersecurity-maturity-self-assessment-tool-scorecardhttp://cyber.lockheedmartin.com/cybersecurity-maturity-self-assessment-tool-scorecardhttp://cyber.lockheedmartin.com/cybersecurity-maturity-self-assessment-tool-scorecardhttp://cyber.lockheedmartin.com/cybersecurity-maturity-self-assessment-tool-scorecardhttp://cyber.lockheedmartin.com/cybersecurity-maturity-self-assessment-tool-scorecard


16/20

713#-'#18 '[% B%3W (/ 4%.",#'* 7YW%,'-

Mixing new digital banking pracces with tradionalcybersecurity can quickly overwhelm security teamsrelying on a reacve approach. Geng the right advicecan help rms realize the benets of new cybersecu-rity models while eliminang or migang new risks.As such, many organizaons are enlisng the help ofsecurity organizaons like Lockheed Marn to under-stand todays sophiscated threats and bring experseand industry best pracces to their security operaons.

Lockheed Marn leverages decades of cybersecurityto deliver intelligence-driven soluons and services thatassist organizaons as they evolve to ght the threatsof today and build to scale for the threats of tomorrow.Here is a ve-step approach that uses Lockheed Marnservices and tools to help organizaons evolve theirsecurity pracces and stay ahead of adversaries.

C--%-- D(", =[,%2' R,(/#3%

Understanding how your instuons acvies, connec-ons and operaonal procedures might put the company

at risk is an important rst step. Our Assessment Services

help organizaons assess their cybersecurity maturity

level and understand their level of preparedness to take

on adversaries. For example, in the event of 100 dierent

aacks, how many would be successful and how many

would be idened and blocked? We work with your secu-

rity teams to idenfy threats to informaon or informaon

systems, determine the likelihood of a threat occurrence,

and idenfy where system vulnerabilies exist.

:%5%3(W 2 R,('%.'#(1 4',2'%8*

When threats, vulnerabilies, and risks have beenidened, the next step is to ensure appropriatesafeguards are in place to migate an aack orbreach. Using Intelligence Driven Defense soluonsresult in a more cost-eecve and ecient overallsecurity response based on an understanding of theorganizaons security prole, the threat landscapein which it operates, and improved situaonalawareness. Our Professional Servicesteam assistsin establishing and implemenng a strategic visionthat incorporates the requirements for an eecveenterprise security posture. We use our proprietaryCyber Kill Chain to analyze intrusions, extractindicators, and create a tailored strategy andimplementaon plan that will achieve the mostsensive defensive goals. This includes developinga concept of operaons plan; allocang requiredresources including people, training, and security tools;and establishing locaons for security operaons.

=,2#1 D(", 76W3(*%%-

Strengthen your employee training programwith our comprehensive user-awareness program,The I Campaign. This program helps organizaons

improve their security culture by establishing a baselineof exisng risky behavior through the use of simulatedphishing tesng and training, educang employees onindividual responsibility, and measuring improvements.

9$%1'#/* =%.[1(3(8* >%#1/(,.%6%1'-

The baseline of any detecon strategy includesmonitoring systems, such as IPS, IDS, rewalls, andSIEM systems. It oen requires more sophiscatedtools to incorporateIntelligence Driven Defensesoluons into an exisng operaons center.Recommendaons may include our Palisadecentralized plaorm, which integrates into exisngsecurity infrastructures to deliver enterprise-widevisibility, awareness and alerng capability. Tozero in on individuals of greatest concern insidethe organizaon, the LM Wisdom Insider ThreatIntelligence(ITI) soluon evaluates employeeaributes, behaviors, and acons based on datamerged from disparate enterprise systems includingperformance reviews, human resource informaon,and counterintelligence from analyst-dened models.

4"WW(,' D(", ?18(#18 7//(,'-

To further assist organizaons with their cybersecurityeorts, we oer several management service soluons.Our AdvancedThreatMonitoringServiceintegratesAPT sensors into your exisng environments to giveour cybersecurity analysts a wider view of IT assets andcrical network infrastructure. If we detect anomalies,

B?M ?>!C47)@>9=D 0?> 09G4

H(.][%%$ G2,'#1 B%3W- !3(+23 0#,6 96W,(5%)*+%,-%.",#'* ?W%,2'#(1-

Despite mulple computer emergency readiness teamsand security operaons centers across its organizaon, amulnaonal banking and nancial services corporaonhad lile insight into internal and external threats.The company turned to Lockheed Marn to develop a

strategic vision for its security operaons and coordinateits disparate security systems.

4(3"'#(1By ulizing Lockheed Marns Cyber Kill Chain, theorganizaons security team was able to idenfy andassess threats in a uniform way. This was a cricalrst step in developing the appropriate strategy andsupporng road map, including the design and creaonof a fusion centeran umbrella program to coordinateall the organizaons security systems. Lockheed Marnfurther assisted the company with integrang its networkand implemenng best-pracce processes and workows.

>%-"3'-The introducon of a proacve, centralized center of

intelligence for all its enterprise assets and data owsimproved the companys hit rate on real cyber threats by20 percent in just six months. Addionally, the companywas able to reduce its global security sta by 15 percent,resulng in signicant cost savings.
http://cyber.lockheedmartin.com/professional-serviceshttp://cyber.lockheedmartin.com/professional-serviceshttp://cyber.lockheedmartin.com/cyber-kill-chainhttp://cyber.lockheedmartin.com/enterprise-solutionshttp://cyber.lockheedmartin.com/intelligence-driven-defensehttp://cyber.lockheedmartin.com/products/threat-intelligence-managementhttp://cyber.lockheedmartin.com/products/insider-threat-detectionhttp://cyber.lockheedmartin.com/products/insider-threat-detectionhttp://cyber.lockheedmartin.com/managed-serviceshttp://cyber.lockheedmartin.com/managed-serviceshttp://cyber.lockheedmartin.com/managed-serviceshttp://cyber.lockheedmartin.com/managed-serviceshttp://cyber.lockheedmartin.com/managed-serviceshttp://cyber.lockheedmartin.com/managed-serviceshttp://cyber.lockheedmartin.com/managed-serviceshttp://cyber.lockheedmartin.com/cyber-kill-chainhttp://cyber.lockheedmartin.com/cyber-kill-chainhttp://cyber.lockheedmartin.com/managed-serviceshttp://cyber.lockheedmartin.com/products/insider-threat-detectionhttp://cyber.lockheedmartin.com/products/insider-threat-detectionhttp://cyber.lockheedmartin.com/products/threat-intelligence-managementhttp://cyber.lockheedmartin.com/intelligence-driven-defensehttp://cyber.lockheedmartin.com/enterprise-solutionshttp://cyber.lockheedmartin.com/cyber-kill-chainhttp://cyber.lockheedmartin.com/professional-serviceshttp://cyber.lockheedmartin.com/professional-services


17/20

we work with your security team to quickly migatethe risk. And nally, we can provide added intellectual

property security by direcng domain name system(DNS) requests to secure Lockheed Marn DNS serversthrough ourDomain Name System Blockingsoluon.

M(,]#18 Z#'[ H(.][%%$ G2,'#1

Cyber technology will connue to evolve to givenancial services organizaons more opportunies togrow their businesses and improve their operaons.But cyberthreats will connue to grow as well. Giventhe sizable nancial, reputaonal, legal, and marketramicaons cyber intrusions can inict, the industrycan no longer aord to defend itself with limited,reacve security approaches. The next evoluon

in cybersecurity is to develop a defense driven byintelligence that employs cung-edge technology,vigilant people, and innovave processes.

For over a decade, Lockheed Marn has been a trustedpartner to nancial services organizaons around theglobe, helping them protect their enterprise assets,intellectual property and employees. Lockheed Marns

holisc approach to cybersecurity oers comprehensivesecurity services and technologies that ensure an

adapve defense strategy and mature security posturethe top choice for the nancial services industry.

Learn more about Lockheed Marns services andtechnology at http://cyber.lockheedmartin.com.

!"2091((. D#)%,7 6(-()#;($ .(0#.(

23 0'/()$(08),%' (H


18/20


19/20

!" Failure to Conduct Proper Email Notications on Account Usage and Changes Costs One Bank Over $400,000, 31 July 2012,

The Fraud Practice, Retrieved from http://www.fraudpractice.com/News-BankClientACHFraudBattles.html.

!# Gordon M. Snow, Cybersecurity: Threats to the Financial Sector, 14 September 2011, Federal Bureau of Investigation, Retrieved from

https://www.fbi.gov/news/testimony/cyber-security-threats-to-the-nancial-sector.

$% Cyber-crime, Securities Markets and Systemic Risk, July 2013 , IOSCO and the World Federation of Exchanges Ofce, Retrieved

from http://www.iosco.org/research/pdf/swp/Cyber-Crime-Securities-Markets-and-Systemic-Risk.pdf.

$!

Dave Lewis, Heartland Payment Systems Suffers Data Breach, 31 May 2015, Forbes, Retrieved fromhttp://www.forbes.com/sites/

davelewis/2015/05/31/heartland-payment-systems-suffers-data-breach /.

$$ Threats to the Financial Services Sector, 2014, PwC, Retrieved from https://www.pwc.com/en_GX/gx/nancial-services/

publications/assets/pwc-gecs-2014-threats-to-the-nancial-services-sector.pdf.

$$ Ivy Schmerken, Morgan Stanley Data Theft Exposes Insider Threat & Need for More Restrictions, 14 January 2015, Information

Week, Retrieved fromhttp://www.wallstreetandtech.com/security/morgan-stanley-data-theft-exposes-insider-threat-and-need-for-more-

restrictions/d/d-id/1318623.

$& Jaikumar Vijayan, Target Breach Happened Because of a Basic Network Segmentation Error , 6 February 2014, Computer World,

Retrieved from http://www.computerworld.com/article/2487425/cybercrime-hacking/target-breach-happened-because-of-a-basic-

network-segmentation-error.html .

$' Hadley Malcolm & Elizabeth Weise, Few Target Victims to Benet From Settlement, 20 March 2015, USA TODAY, Retrieved from

http://www.usatoday.com/story/money/2015/03/19/target-breach-settlement-details/25012949/.

$(

Robin Sidel & Daisuke Wakabayashi, Apple Pay Stung by Low-Tech Fraudsters, 5 March 2015, The Wall Street Journal, Retrieved

from http://www.wsj.com/articles/apple-pay-stung-bylow-techfraudsters-1425603036.

$) Robin Sidel, Theft of Debit-Card Data From ATMs Soars, 19 may 2015, The Wall Street Journal, Retrieved from

http://www.wsj.com/articles/theft-of-debit-card-data-from-atms-soars-1432078912.

$* Robin Sidel, Theft of Debit-Card Data From ATMs Soars, 19 may 2015, The Wall Street Journal, Retrieved from

http://www.wsj.com/articles/theft-of-debit-card-data-from-atms-soars-1432078912.

$" Marc Santoramay, In Hours, Thieves Took $45 Million in A.T.M. Scheme, 9 May 2013, The New York Times, Retrieved from

http://www.nytimes.com/2013/05/10/nyregion/eight-charged-in-45-million-global-cyber-bank-thefts.html.

$# Ponemon Institute Releases 2014 Cost of Data Breach: Global Analysis, 5 May 2014, The Ponemon Institute, Retrieved from

https://securityintelligence.com/cost-of-a-data-breach-2015/.

&% Ponemon Institute Releases 2014 Cost of Data Breach: Global Analysis, 5 May 2014, The Ponemon Institute, Retrieved from


&! New Ponemon Institute Survey Reveals Time to Identify Advanced Threats is 98 Days for Financial Services Firms, 197 Days for

Retail, 19 May 2015, Ponemon Institute, Retrieved from https://securityintelligence.com/cost-of-a-data-breach-2015/.

&$ Ponemon Institute Releases 2014 Cost of Data Breach: Global Analysis, 5 May 2014, The Ponemon Institute, Retrieved from


&& Yishay Yovel, State of BYOD and Mobile Security Report: Latest Insights, Trends and Stats, 16 July 2014, IBM, Retrieved from

http://securityintelligence.com/state-of-byod-and-mobile-security-report-latest-insights-trends-and-stats/.

&' 2012 DTTL Global Financial Services Industry Security Study, 2012, Deloitte, Retrieved from http://www2.deloitte.com/content/

dam/Deloitte/global/Documents/Financial-Services/dttl-fsi-SecurityStudy2012.pdf.

!"#"$%!& ()*!+&!(,+-%) .$+ .-"/"(-/0 &!+1-(!& .-+2&
http://www.forbes.com/sites/davelewis/2015/05/31/heartland-payment-systems-suffers-data-breach/http://www.forbes.com/sites/davelewis/2015/05/31/heartland-payment-systems-suffers-data-breach/http://www.forbes.com/sites/davelewis/2015/05/31/heartland-payment-systems-suffers-data-breach/https://www.pwc.com/en_GX/gx/financial-services/publications/assets/pwc-gecs-2014-threats-to-the-financial-services-sector.pdfhttps://www.pwc.com/en_GX/gx/financial-services/publications/assets/pwc-gecs-2014-threats-to-the-financial-services-sector.pdfhttps://www.pwc.com/en_GX/gx/financial-services/publications/assets/pwc-gecs-2014-threats-to-the-financial-services-sector.pdfhttp://www.wallstreetandtech.com/security/morgan-stanley-data-theft-exposes-insider-threat-and-need-for-more-restrictions/d/d-id/1318623http://www.wallstreetandtech.com/security/morgan-stanley-data-theft-exposes-insider-threat-and-need-for-more-restrictions/d/d-id/1318623http://www.wallstreetandtech.com/security/morgan-stanley-data-theft-exposes-insider-threat-and-need-for-more-restrictions/d/d-id/1318623http://www.computerworld.com/article/2487425/cybercrime-hacking/target-breach-happened-because-of-a-basic-network-segmentation-error.htmlhttp://www.computerworld.com/article/2487425/cybercrime-hacking/target-breach-happened-because-of-a-basic-network-segmentation-error.htmlhttp://www.computerworld.com/article/2487425/cybercrime-hacking/target-breach-happened-because-of-a-basic-network-segmentation-error.htmlhttp://www.reuters.com/article/2015/05/19/ma-arbor-networks-idUSnBw195417a%2B100%2BBSW20150519http://www2.deloitte.com/content/dam/Deloitte/global/Documents/Financial-Services/dttl-fsi-SecurityStudy2012.pdfhttp://www2.deloitte.com/content/dam/Deloitte/global/Documents/Financial-Services/dttl-fsi-SecurityStudy2012.pdfhttp://www.reuters.com/article/2015/05/19/ma-arbor-networks-idUSnBw195417a%2B100%2BBSW20150519http://www.reuters.com/article/2015/05/19/ma-arbor-networks-idUSnBw195417a%2B100%2BBSW20150519http://www.computerworld.com/article/2487425/cybercrime-hacking/target-breach-happened-because-of-a-basic-network-segmentation-error.htmlhttp://www.computerworld.com/article/2487425/cybercrime-hacking/target-breach-happened-because-of-a-basic-network-segmentation-error.htmlhttp://www.wallstreetandtech.com/security/morgan-stanley-data-theft-exposes-insider-threat-and-need-for-more-restrictions/d/d-id/1318623http://www.wallstreetandtech.com/security/morgan-stanley-data-theft-exposes-insider-threat-and-need-for-more-restrictions/d/d-id/1318623https://www.pwc.com/en_GX/gx/financial-services/publications/assets/pwc-gecs-2014-threats-to-the-financial-services-sector.pdfhttps://www.pwc.com/en_GX/gx/financial-services/publications/assets/pwc-gecs-2014-threats-to-the-financial-services-sector.pdfhttp://www.forbes.com/sites/davelewis/2015/05/31/heartland-payment-systems-suffers-data-breach/http://www.forbes.com/sites/davelewis/2015/05/31/heartland-payment-systems-suffers-data-breach/


20/20

For more informaon on cybersecurity soluons.

Email: [email protected]

Phone: 855-LMCYBER

hp://cyber.lockheedmarn.com

PIRA# CMK201510005 Version 1.0

LOCKHEED MARTIN, LOCKHEED, the STAR design, LOCKHEED MARTIN CYBER KILL CHAIN, CYBER KILL CHAIN,

LM WISDOM, THE I CAMPAIGN, PALISADE and INTELLIGENCE DRIVEN DEFENSE trademarks used throughout are

registered trademarks in the U.S. Patent and Trademark Oce owned by Lockheed Marn Corporaon.

!"#$% '( )*+%,-%.",#'*/(, 0#121.#23 4%,5#.%- 0#,6-

76+,2.#18 21 91'%33#8%1.% :,#5%1 :%/%1-%;
http://cyber.lockheedmartin.com/http://cyber.lockheedmartin.com/