Cyber Security INTERPOL WORLD 2017
INTERPOL World 2017
World Economic Forum’s Cybercrime Dialogue ‘Cybercrime Dialogue’ In the company of Jurgen Stock, Secretary General, INTERPOL, Cheri McGuire, CISO, Standard Chartered Bank, Stanislav Kuznetsov, Deputy Chairman of the Executive Board, Sberbank and William Maheu, Senior Director, Qualcomm Cyber Security Solutions. Moderated by World Economic Forum’s Dr Jean-Luc Vez, Head of Public Security Policy and Security Affairs.
What measures are you taking around resilience and information sharing? It is just one aspect. We need to create resilience for mutual aid and collective response. People, process and technology are all critical components and go out to the broader ecosystem. People involve skills, culture, awareness and beyond just employees to customers, clients and vendors. Process involves legal mechanisms for sharing information, privacy and Secrecy Acts. Technology is more of information sharing systems, data forensic systems and public private partnerships. - Cheri McGuire, CISO Standard Chartered Bank
34 | Asia Pacific Security Magazine
We are target number 1 for hackers and are subjected to thousands of attacks against our systems and yet we have to remain secure. We have a model of threat and build our protection system against that threat. This involves the protection of our core systems from a special operations centre and the KPI (key performance indicator) is zero successful attacks. The second core focus is protection of our clients. We see fraud and anti-social media methods which involves contacting clients and tricking them to handing over credentials. We use such things as AI and machine learning in protecting clients. The third point is building a Security Operations Centre (SOC) with IBM support and using AI cognitive models, beta testing and Watson AI system and we are having very, very good results. Trust is also very important and also responsibility. We have to have reliable products and know more about the current and emerging cybercrimes. - Stanislav Kuznetsov, Deputy Chairman of the Executive Board, Sberbank Security is everyone’s responsibility. If we do the architecture correctly and connected devices become sensors for alarms, rather than vulnerabilities, with hardware based
security this will be tremendously powerful. It is incumbent on security professionals to demand an end to end hardware and multi factor authenticated ecosystem. - William Maheu, Senior Director, Qualcomm Cyber Security Solutions Crime fighting involves prevention and investigation. There is nothing new, but the level of threat is expanding at exponential growth and this also provides unprecedented tools. Much of this cybercrime is not being reported to police and we need the information to prevent and investigate. We expect 85-95 per cent is not being reported to police. We need to encourage the reporting to police. The professionalism in the darknet and underground economy which is growing. Anonymisation and encryption is a massive challenge for us and our law makers. Freedom and security is a very important discussion but for law enforcement, it is a problem that we haven't had to have in the past. The nexus between cybercrime and terrorism is still something that needs to be in our focus. Police can be successful in fighting cybercrime and using regional and international platforms like INTERPOL but