Several of the Pindrop team spent the first part of this week at the FS-ISAC conference in Leesburg, VA. FS-ISAC (Financial Services – Information Sharing and Analysis Center) holds two summits a year, gathering the people responsible for running information security at the country’s largest financial institutions. It’s typically at an upscale resort that combines comfort and views with a bit of remoteness – mixing and meeting both formerly and informally is strongly encouraged by the setting and the full agenda.
It’s not a technical conference. While many of the participants are security practitioners and more than capable technically, the topics focus on strategy and long-term trends and planning.
These are what I observed as the “hottest” topics, both in the sessions and out:
- Targeted attacks are now real and present and large financials are becoming accustomed to dealing with them on an ongoing, not exceptional basis. The days of being coy about if breaches had occurred are past.
- Mobile is high on the list of concerns – but we’re still parsing what is the same old problem/solution set and what is truly different. One candidate for being different is that the phones value as an out-of-band solution could go away if it is also the computing platform. We’ll see.
- Attackers are innovative. We heard one example after another of how creative, clever, resourceful the adversaries are. Marshall Heilman at Mandiant spoke of his admiration for the near genius level attack he recently observed. Fortunately, guys like Marshall are pretty creative too and they are on the right side. But the thing to take away was that this is not just a technical problem – it’s a test of our imagination and ability to think like the attackers.
- Info sharing is more important than ever. This might be the theme of this summit. Former FBI Deputy Assistant Director Steven Chabinsky (now with security vendor CrowdStrike), was recognized for his collaborative work with the FS-ISAC. Vendors (including Pindrop) emphasized sharing data across channels, platforms, departments, and industries. Information silos weaken our ability to recognize threats, understand the adversaries objectives and respond to them. This has implications for gathering information (“big data”), acquiring security intelligence from vendors and industry orgs and for deploying platforms to facilitate aggregation, assessment and communication.
- Related to the info sharing issue was the inclusion of the largest financials into the ranks of critical national infrastructure, at least in practice. Not only are they too big to fail, they’re too important to fall.
For Pindrop, we’re seeing more understanding of what we do. We’re also seeing more awareness of phone fraud issues within banks, as evidenced by the number of new projects across these large institutions. FI’s are looking to keep social engineers and ID thieves out of the call center in order to reduce losses and reduce call time expense. They also want to make it easier and more secure to authenticate customers. And they want to detect niche attacks like telco traffic pumping and call forwarding.
That’s good news for us. It reinforces that we’ve been focusing on the right things. Of course, it’s also a challenge – can we do even more and can we do it even better? Challenge accepted.
One more thing. One of the reasons these events are so successful is the great team at FS-ISAC. Great logistics and execution, great schedule adherence, highly responsive and just generally excellent hosts, connecting people on a one-on-one basis for the entire event.