Fraud Summit

London

September 23, 2014 - London Marriot Hotel Grosvenor Square

ISMG's Fraud Summit is a one-day event focused exclusively
on the top fraud trends impacting organizations and the
mitigation strategies to overcome those challenges.
SPEAKERS
Rafael Abreu

Rafael Abreu
International Sales Manager, GAS Tecnologia, Diebold

Matt Anthony

Matt Anthony
Vice President of Marketing, Pindrop Security

Seth Berman

Seth Berman
Executive Managing Director, Stroz Friedberg

David Duncan

David Duncan
Chief Marketing Officer, Webroot

Alisdair Faulkner

Alisdair Faulkner
Chief Products Officer, ThreatMetrix

Tom Field

Tom Field
Vice President - Editorial, ISMG

Shona Harper

Shona Harper
Chief Privacy Officer for Europe and Asia-Pacific, TD Bank

Ian Howells

Ian Howells
CMO, Argyle Data

Neira Jones

Neira Jones
Independent Advisor & International Speaker

Tracy Kitten

Tracy Kitten
Executive Editor, BankInfoSecurity & CUInfoSecurity

Mark Lazar

Mark Lazar
Global Vice President, Fraud and Identity Solutions, Verint

John Lyons

John Lyons
CEO, International Cyber Security Protection Alliance

Rohan Massey

Rohan Massey
Partner, McDermott Will & Emery UK LLP

Marco Morana

Marco Morana
SVP, UK Financial Institution

Graham Mott

Graham Mott
Head of Development, LINK Scheme

Uri Rivner

Uri Rivner
Head of Cyber Strategy, BioCatch, BioCatch

Steve Strickland

Steve Strickland
Academy Founder and Senior Police Lead, City of London Police

Jeremy Strozer

Jeremy Strozer
Exo-Endoparacologist, Carnegie Mellon University CERT Insider Threat Center

John Walker

John Walker
Director of CSIRT and Cyber Forensics, Cytelligence

SCHEDULE
08:00am – 09:00am

Registration, Breakfast & Exhibits

09:00am – 09:30am

State of Global Fraud: Dealing with Today’s Crimes and Anticipating Tomorrow’s

The last five years have seen an explosion of technological innovation which brought many opportunities for business growth. Combined with the associated changes in socio-economic behaviours, the pace of change has also brought new risks and opportunities for criminals to become even more innovative.

Whilst providing a whistle-stop tour of the current fraud landscape in Europe, this thought-provoking presentation will provide answers to questions many are grappling with:

  • What are the current fraud trends and what has changed?
  • Is there a balance between generating income and managing fraud?
  • What do we need to look out for when trying to manage fraud in the next few years?
  • How should organisations evolve to keep ahead of the criminals?

Moderator: Patrick Vowles - Content Director, ISMG;

Presenter: Neira Jones - Independent Advisor & International Speaker;

09:30am – 10:00am

2014 Faces of Fraud Survey Presentation - Special European Edition

We’ll start the day with a detailed review of BankInfoSecurity’s latest “Faces of Fraud” survey focused on the European market. Receive insights and expert analysis of such topics as:

  • How are the areas of retail, payment card, in person, insider and mobile fraud evolving?
  • Which aspects of the new legislation are most impactful in fighting fraud?
  • Today's most predominant and damaging fraud incidents impacting banking institutions and their customers;
  • New anti-fraud investments institutions are making to thwart the fraudsters and satisfy the demands of regulatory agencies

Panelists: Tom Field - VP Editorial, ISMG; John Lyons - CEO, International Cyber Security Protection Alliance;

10:10am – 10:40am

Call Centre Fraud: The Latest Scams and Strategies

Contact centres increasingly are the key “soft” targets for fraudsters who impersonate legitimate customers to alter or obtain information. This information is then used to facilitate direct and cross-channel fraud, which can be very difficult to tie back to the call-centre entry point. How do fraudsters conduct these attacks, and how can financial institutions fight back with voice biometrics and other technology solutions? Learn:

  • How can I protect my call centres from attack?
  • The social engineering techniques fraudsters use to deceive call-centre staff;
  • How this information leads to direct or cross-channel fraud – and why it’s so tough to track;

Moderator: Tom Field - VP Editorial, ISMG;

Presenter: Matt Anthony - Vice President of Marketing, Pindrop Security;


Developments in ATM Fraud

The battle between fraudsters and the ATM operators is ongoing and apparently never ending. Initial successes with the first generation of anti-skimming devices lead to the growth of “back to basic” techniques which require the minimum technology and organisational support. Now, as new defence mechanisms counter the low-tech, a new wave of high tech devices are coming on stream as well as super hi-tech techniques like malware and system hacking attacks which involve long term investment, detailed technical skill and the organisation to run multi-country operations in a very short space of time.

Moderator: Tracy Kitten - Executive Editor, ISMG;

Presenter: Graham Mott - Head of Development, LINK Scheme;

10:40am – 11:00am

Break

11:00am – 12:00pm

Creating Actionable Intelligence and the Advances in Threat Information Exchange

Collecting security and fraud related data from multiple sources can often just result in creating a very large pool of unrelated facts. But begin to add context to that data and you now have information. Triangulate multiple pieces of information together and you can create intelligence, indicative of a real and active threat. This session will answer questions such as:

  • How can I create Actionable Intelligence from data feeds?
  • How will emerging threat information exchange specifications such as TAXII/STIX effect our ability to collect and share standardized threat information with the broader community.
  • How do I best select and combine internal context and event information with the various open source and commercial external threat intelligence feeds available?

Moderator: Tracy Kitten - Executive Editor, ISMG;

Presenter: Marco Morana - SVP, UK Financial Institution; Alisdair Faulkner - Chief Products Officer, ThreatMetrix;


Attacking Payment Card Fraud Where It Is Most Vulnerable - Voice Biometrics In the Call Center

See how the detailed analysis of millions of voice-based transactions has produced a “signal in the noise.” From large-scale analysis, clear patterns emerge of how stolen payment card information is actually qualified, updated and adapted for monetization. This process is most often carried out by social engineering at the call centre. In a large, real-world deployment, voice biometrics learned these patterns and drastically reduced losses.

The session will focus on a case study of global card issuers who have tried a unique application of voice biometrics through their call center to mitigate fallout from breaches. The session will answer questions such as:

  • What does the fraud cycle look like following a data breach, i.e., the path from breach to wholesale distribution of stolen identities in “card shops” into the hands of professional fraudsters?
  • How is the call center an important touch point in the fraud lifecycle, including online or counterfeit fraud?
  • What are the attack vectors and patterns over time of fraudsters following a breach? The session will provide detailed measurements on fraudster behavior at global financial institutions.
  • How is voice biometrics in the call center able to recognize compromised accounts early in the fraud cycle? Can that preempt fraud losses and customer exposure?

Moderator: Tom Field - VP Editorial, ISMG;

Presenter: Mark Lazar - Global Vice President, Fraud and Identity Solutions, Verint;

12:00pm – 1:00pm

Luncheon

1:00pm – 2:00pm

Identities: A Journey From Anonymous Bitcoins to Verified Authentication


Part 1: Bitcoin Fraud – The Perfect Crime

Bitcoin, a next-generation crypto-currency whose origin is shrouded in mystery, is receiving growing attention from cybercriminals and is perhaps the largest real-world testing lab for the effects of trust on consumer and business demand. This fascinating presentation will demonstrate how Bitcoins are acquired and exchange hands, and show how Bitcoin digital wallets can be easily compromised. We’ll also see:

  • What sort of malware targets Bitcoin, and is two-factor authentication enough?
  • Why is the Bitcoin economy a better target than online banking?
  • What can we learn from it when considering other next-generation payment schemes?

Presenter: Uri Rivner - VP, Business Development & Cyber Strategy, BioCatch;


Part II: Do They Know Who You Are? Musings on Identity & Authentication

Whether mobile, at work or at leisure, our digital footprint has increased many folds over the last ten years, and with the average person having 26 password-protected accounts but only five different passwords, it is no wonder that ID theft represented 60% of all UK fraud in 2013.

Whilst providing a whistle-stop tour of the current industry landscape, this thought-provoking presentation will provide answers to questions many are grappling with:

  • What are the current trends for identity and authentication?
  • How can the tensions between generating income and managing fraud be addressed?
  • What predictions can we make for effectively managing identities in the next few years?
  • What pitfalls should be avoided?

Presenter: Neira Jones - Independent Advisor & International Speaker;


Insider Fraud Detection - The Appliance of Science

See the startling results of meticulous analysis of hundreds of real life insider attacks and learn about new technologies that are able to detect the anomalous behavior patterns often before fraud occurs.

The analysis results clearly indicate that contrary to the majority of headlines, stealthy insiders pose a huge fraud risk to organizations, flying far under the radar for extended periods of time. These insiders are often senior, trusted staff with privileged access to accounts and valuable data. Alternately, innocent employees become pawns when they fall victim to social engineering or targeted attacks that lead to fraud.

The following questions will be answered:

  • How can I predict and or detect an internal attack
  • What is the ratio of internal to external fraud attacks and their associated value?
  • What types of attack do internal actors carry out and why?

Moderator: Tracy Kitten - Executive Editor, ISMG;

Presenter: Jeremy Strozer - Exo-Endoparacologist, Carnegie Mellon University CERT Insider Threat Center;

2:00pm – 2:20pm

Break

2:20pm – 3:20pm

Online Banking Fraud Detection – Lessons from Brazil

Online Banking provides great conveniences to end users and its usage is increasing daily. Fraudsters are constantly developing new attacks for this service, so the security of this sensitive information it provides access to is constantly being put to the test. As the headlines show, our ability to reliably ensure the availability, integrity, confidentiality and increasingly the privacy of information is often shown to be inadequate. As the reliance upon this transaction channel increases, security mechanisms used to protect it have not kept pace with the sophistication of malicious tools developed to attack it and the security industry is constantly being challenged to respond while still allowing flexibility and mobility.

In this session you will learn:

  • How to establish a holistic view of the online banking fraud process
  • How to identify each phase of the “fraud chain” and how each are linked
  • How to use a multi-channel security mechanisms to protect end users while carrying out online transactions

Moderator: Tracy Kitten - Executive Editor, ISMG;

Presenter: Rafael Abreu - International Sales Manager, GAS Tecnologia, Diebold;


Adversarial Machine Learning for Fraud Detection - How can organizations benefit from the pioneering work of the NSA and Facebook

How is technology evolving to analyze multiple and massive streams of data in real time to detect fraudulent activity. The NSA has pioneered data collection techniques at a staggering scale, potentially monitoring all activity for an entire country. Facebook has pioneered adversarial machine learning fraud detection into an “Immune System” that can carry out tens of billions of checks per day to find patterns where the fraudsters are purposefully trying not to create any. We will discuss how the combination and augmentation of these technologies with deep packet inspection enables organizations to deploy them and we will learn how such a solution could:

  • Analyze sparsely populated data sets but that may have millions of distinct features
  • Learn what a negative pattern is where none existed before
  • Perform this analysis in real time and at a massive scale

Moderator: Tom Field - VP Editorial, ISMG;

Presenter: Dr. Ian Howells - CMO, Argyle Data;

3:30pm – 4:30pm

Fraud Investigations & Navigating the European Legal Landscape

Part I: Fraud Investigations: How to Work Effectively with Law Enforcement and Government

Public sector organizations need to better understand the driving forces, priorities and procedures within the organizations they “protect,” but equally as important is that the private sector organizations reciprocate and understand the how, what and why of the law enforcement/public body process.

This mutual understanding of each other’s missions is pivotal to positive and impactful collaboration. The session will examine a number of high-profile cases identifying best practices and a framework for how lasting relationships can be built, along with the positive impact on organisational and operational objectives.

Presenter: Steve Strickland - Academy Founder and Senior Police Lead, City of London Police;

Part II: Navigating the European Legal Landscape

As anti-fraud and anti-corruption laws are being enforced aggressively on both sides of the pond, companies and public bodies are faced with sometimes conflicting requirements to comply with. Balancing corporate ethics, requests for data or requirements to retain data, and data protection regulations can be challenging. We live in an information society, and data is a valuable asset – but it also carries risks for those who process it. The CEOs of the many companies who suffered major data breaches recently have learned the hard way that being equipped with the knowledge to make the right decision when it comes to data is not only an advantage, but a necessity. Meanwhile, in boardrooms across the world, privacy makes its way into the top list of corporate risks.

Join this panel of experts to:

  • Identify the challenges of complying with sometimes diverging requirements (e.g. fraud investigation, whistle-blowing vs data protection and electronic disclosure vs data protection);
  • Hear practical solutions and share your experience;
  • Learn how the current EU reform of data protection legislation might impact you;
  • Determine how can you prepare for the changes.

Panelists: Rohan Massey - Partner, McDermott Will and Emery; Seth Berman - Executive Managing Director at Stroz Friedberg; Shona Harper - Chief Privacy Officer, Europe & Asia Pacific, TD Bank Group;


Mobile Fraud - Understanding the Unknown and Reaping The Rewards of Mobile Banking

Mobile banking is growing out of its infancy and experts predict it will soon be the dominant banking and payments channel. With the vast array of endpoints being utilized, multiple threat vectors are being introduced, how are the threats of rogue mobile apps, mobile malware and SMiShing evolving? What vectors are unknown and how do we prepare for them? What are the risks inherent in mobile payments? This session reviews these emerging mobile malware threats, their impact on banking institutions and the latest technology solutions to help mitigate the risks.

Moderator: Tracy Kitten - Executive Editor, ISMG;

Panelists: David Duncan - Chief Marketing Officer, Webroot; John Walker - Director of CSIRT and Cyber Forensics, Cytelligence;

4:30pm – 5:00pm

Closing Remarks

Speakers: Patrick Vowels - Content Director, ISMG; Tom Field - VP Editorial, ISMG;

5:00pm – 6:00pm

Cocktail Hour/Networking in Exhibit Area

VENUE
London Marriott Hotel Grosvenor Square

Grosvenor Square
London, W1K 6JP United Kingdom

The London Marriott Hotel Grosvenor Square's prime location puts the best of Mayfair and London at your doorstep. Minutes away from Buckingham Palace and Hyde Park in the heart of London and just 5 minutes walk away from Bond Street Tube station on Central and Jubilee Line

Travel & Directions Info >

SPONSORS

The ISMG Fraud Summit Series is made possible through the support of it's sponsors:

ThreatMetrix
Verint
SUPPORTING PARTNERS
ACT Canada Cyber Safety by Design HTCIA Informatica Security and Privacy ISC2 Marketing Partner Information Security Forum ISSA Marketing Partner OWASP - Partner Fraud Summit San Francisco 2014
Register today to reserve your seat.
Register Now

Need to justify your attendance? Download our ROI guide that outlines the benefits.