Mobile Security Trends and Emerging Threats Sandra J.H. Rolnicki - - PowerPoint PPT Presentation

mobile security trends and emerging threats
SMART_READER_LITE
LIVE PREVIEW

Mobile Security Trends and Emerging Threats Sandra J.H. Rolnicki - - PowerPoint PPT Presentation

Feb 15, 2023 119 likes •246 views

Mobile Security Trends and Emerging Threats Sandra J.H. Rolnicki ForenSecure April 28, 2017 Agenda (1) Macro- and Micro-Trends Impacting Mobile (2) Vulnerabilities in the Mobile Ecosystem (3) Threat Actors and Emerging Threats (4) Mobile

slide-1
SLIDE 1

Mobile Security

Trends and Emerging Threats

Sandra J.H. Rolnicki ForenSecure April 28, 2017

slide-2
SLIDE 2

ForenSecure 2017

2

Agenda

(1) Macro- and Micro-Trends Impacting Mobile (2) Vulnerabilities in the Mobile Ecosystem (3) Threat Actors and Emerging Threats (4) Mobile Security Controls and Considerations (5) Conclusion and Q&A

slide-3
SLIDE 3

ForenSecure 2017

(1) Macro- and Micro-Trends Impacting Mobile

3

Macro-trends

Artificial Intelligence & Machine Learning Hyperconnectivity Internet of Things (IoT)

slide-4
SLIDE 4

ForenSecure 2017

(1) Macro- and Micro-Trends Impacting Mobile

What does this mean for ...?

  • Mobile network infrastructure
  • Mobile network operators
  • Mobile device manufacturers
  • Mobile operating systems
  • App developers
  • Organizations (governments, businesses, non-profits)
  • Enterprise-owned device or bring your own device (BYOD)?
  • Individuals

4

Micro-trends

slide-5
SLIDE 5

ForenSecure 2017

(2) Vulnerabilities in the Mobile Ecosystem

  • Network and infrastructure
  • Device and operating system
  • Device configuration
  • App stores and apps

5

Leveraging the SCAN Principle by NowSecureTM

slide-6
SLIDE 6

ForenSecure 2017

(3) Threat Actors and Emerging Threats

  • Insider: From honest mistake to malicious intent
  • Hacktivist: From Robin Hood to Guy Fawkes
  • Cyber-criminal: From petty thief to organized crime
  • State sponsors: Cyber-warfare / Cyber-espionage with intent to destroy or

disrupt

6

Threat actors have different motivations and represent different risks

slide-7
SLIDE 7

ForenSecure 2017

(3) Threat Actors and Emerging Threats

  • Spear-phishing
  • Malware / Spyware
  • Socially engineered attacks
  • Ransomware
  • Botnets using IoT
  • Rise of the “fakes”

7

Emerging threats represent emerged threats that capitalize on macro-trends

slide-8
SLIDE 8

ForenSecure 2017

(4) Mobile Security Controls and Considerations

  • Deterrent
  • Preventive
  • Detective
  • Recovery
  • Corrective
  • Compensating

8

Layered security based on ISO Guide 73: 2009 Risk Management

slide-9
SLIDE 9

ForenSecure 2017

9

(5) Conclusion and Q&A

  • Macro- and micro-trends are driving ubiquity of mobile
  • Opportunities from vulnerabilities are rising for threat actors
  • Macro-trends are leveraged for increasingly sophisticated threats
  • Controls and layered security are more important than ever!

Be ready!

Questions?

slide-10
SLIDE 10

ForenSecure 2017

10

Sandra J.H. Rolnicki is part of the Supervision and Regulation (S&R) Department of the Federal Reserve Bank of Chicago (FRBC), the 7th District of the Federal Reserve System (FRS). She leads a team of risk management professionals who are responsible for assessing inherent and residual Information Technology (IT) and Operational risk at institutions within the 7th District and across the FRS. In addition, Ms. Rolnicki is a member of the instructor team with the FRBC’s STREAM Technology Lab, a hand-on training facility for U.S. and international regulators. She focuses on classes that feature topics such as Mobile Banking, Information Security Vulnerability Management and Virtual Currency. Prior to joining the FRBC, Ms. Rolnicki’s professional experience includes leadership roles in Internal Audit and Quality Assurance in the real estate, investment, telecommunications and consumer electronics industries.

  • Ms. Rolnicki holds a Bachelor of Science degree in Industrial Engineering and a Master of

Science degree in Information Technology, both from Northwestern University’s McCormick School of Engineering. She is currently pursuing a PhD degree in Management Science from Illinois Institution of Technology’s Stuart School of Business.

  • Ms. Rolnicki maintains the following certifications:

· CISSP, Certified Information System Security Professional, (ISC)2 · CRMA, Certification in Risk Management Assurance, The Institute of Internal Auditors · CFE, Certified Fraud Examiner, Association of Certified Fraud Examiners · CISA, Certified Information Systems Auditor, Information Systems Audit and Control Association · CIA, Certified Internal Auditor, The Institute of Internal Auditors

slide-11
SLIDE 11

ForenSecure 2017

11

The opinions expressed in this presentation are those of the presenter, and are not formal opinions of, nor binding on, the Federal Reserve Bank of Chicago or the Board of Governors of the Federal Reserve System. Reference to a product or service provider does not imply endorsement.