Book Image

Hands-On Cybersecurity for Finance

By : Dr. Erdal Ozkaya, Milad Aslaner
Book Image

Hands-On Cybersecurity for Finance

By: Dr. Erdal Ozkaya, Milad Aslaner

Overview of this book

Organizations have always been a target of cybercrime. Hands-On Cybersecurity for Finance teaches you how to successfully defend your system against common cyber threats, making sure your financial services are a step ahead in terms of security. The book begins by providing an overall description of cybersecurity, guiding you through some of the most important services and technologies currently at risk from cyber threats. Once you have familiarized yourself with the topic, you will explore specific technologies and threats based on case studies and real-life scenarios. As you progress through the chapters, you will discover vulnerabilities and bugs (including the human risk factor), gaining an expert-level view of the most recent threats. You'll then explore information on how you can achieve data and infrastructure protection. In the concluding chapters, you will cover recent and significant updates to procedures and configurations, accompanied by important details related to cybersecurity research and development in IT-based financial services. By the end of the book, you will have gained a basic understanding of the future of information security and will be able to protect financial services and their related infrastructures.

Related Content you might be interested in

Current Title:

Small book image
Hands-On Cybersecurity for Finance
Dr. Erdal Ozkaya | Milad Aslaner
Jan, 2019 | 308 pages
Small book image
Cybersecurity - Attack and Defense Strategies
Erdal Ozkaya | Yuri Diogenes
Jan, 2018 | 384 pages
Small book image
Cybersecurity – Attack and Defense Strategies.
Erdal Ozkaya | Yuri Diogenes
Dec, 2019 | 634 pages
Small book image
Cybersecurity – Attack and Defense Strategies, 3rd edition
Yuri Diogenes | Erdal Ozkaya
Sep, 2022 | 570 pages
Table of Contents (20 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Disclaimer
Free Chapter
1
Introduction to Cybersecurity and the Economy
Introduction to Cybersecurity and the Economy
What is cybersecurity – a brief technical description?
The scope of cybersecurity
General description of hacking groups and cyber espionage
Cybersecurity objectives
Financial repercussion of reputational damage caused by cyber attacks
Digital economy and related threats
Summary
Further reading
2
Cyber Crime - Who the Attackers Are
Cyber Crime - Who the Attackers Are
Introduction to cyber crime
Threat actors
Summary
3
Counting the Costs
Counting the Costs
The cost of a cybersecurity attack
Breakdown of the costs of a cyber attack
Breakdown of the cost of securing an organization
Bonus
Summary
Further reading
4
The Threat Landscape
The Threat Landscape
Threats against end customers
Threats against financial institutes
Summary
5
Phishing, Spamming, and Scamming to Steal Data and Money
Phishing, Spamming, and Scamming to Steal Data and Money
Phishing scams
Spamming
Summary
Further reading
6
The Malware Plague
The Malware Plague
Malware categories
Malware trends
Malware infection vectors
Summary
7
Vulnerabilities and Exploits
Vulnerabilities and Exploits
Detecting vulnerabilities
Exploitation techniques
Exploitation delivery
Summary
Further reading
8
Attacking Online Banking Systems
Attacking Online Banking Systems
Online banking benefits for financial services
The online banking process
Attack techniques
Summary
Further reading
9
Vulnerable Networks and Services - a Gateway for Intrusion
Vulnerable Networks and Services - a Gateway for Intrusion
Vulnerable network protocols and network intrusions
Attacking web servers and web-based systems
Hacking wireless networks
Vulnerable network devices
Summary
Further reading
10
Responding to Service Disruption
Responding to Service Disruption
Cybersecurity incidents
Fundamentals
Incident response and management
Summary
Further reading
11
The Human Problem - Governance Fail
The Human Problem - Governance Fail
Business versus security
Failing security management
Careless online behavior
Insider threats
Technological transformation of financial services
Failure in implementing security policies
Summary
Further reading
12
Securing the Perimeter and Protecting the Assets
Securing the Perimeter and Protecting the Assets
Network models
Endpoint security
Summary
Further reading
13
Threat and Vulnerability Management
Threat and Vulnerability Management
Vulnerability management strategy
Defining vulnerabilities in a few steps
The root cause of security issues
Vulnerability management tools
Implementation of vulnerability management
Best practices for vulnerability management
Assess yourself
Understanding risk management
Defense in depth approach
Summary
Further reading
14
Audit, Risk Management, and Incident Handling
Audit, Risk Management, and Incident Handling
IT auditing
Risk management
Incident handling
Summary
Further reading
15
Encryption and Cryptography for Protecting Data and Services
Encryption and Cryptography for Protecting Data and Services
Encryption
Encryption today
Protecting data and services with cryptography
Examples of encryption algorithms
Encryption challenges
Summary
Further reading
16
The Rise of the Blockchain
The Rise of the Blockchain
Introduction to Blockchain technology
Cryptocurrencies
Blockchain challenges and future
Summary
Further reading
17
Artificial Intelligence and Cybersecurity
Artificial Intelligence and Cybersecurity
Threat landscape evolution
Artificial Intelligence
Artificial Intelligence-powered cybersecurity
Summary
Further reading
18
The Quantum Future
The Quantum Future
Evolution of the quantum technology
The quantum technology race
Quantum technology breakthroughs
Impacts of the quantum technology
Summary
Further reading
19
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

What is cybersecurity – a brief technical description?

Cybersecurity can be summarized as efforts aimed at preserving the confidentiality, integrity, and availability of computing systems. It's the practice of affording security to networks and systems to protect them from cyber attacks.

According the definition of cybersecurity by Cisco, (https://www.cisco.com/c/en/us/products/security/what-is-cybersecurity.html), cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These attacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes.

Implementing effective cybersecurity measures is particularly challenging today because there are more devices than people, and attackers are becoming more innovative.

Cyber attacks have been on the rise and are targeted at accessing, modifying, or deleting data, money extortion, and the interruption of normal services. Cybersecurity is of great concern to today's businesses since there has been a high adoption of information technology to achieve efficiency and effectiveness in business operations. The current business environment is such that there are many devices, systems, networks, and users. All these are targeted by cyber criminals, and multiple techniques have been devised and used against them. Cyber attacks are only becoming more effective and sophisticated. Therefore, cybersecurity is becoming a survival mechanism rather than a luxury for many businesses. Cybersecurity has multiple layers, which cover devices, networks, systems, and users. These layers are intended to ensure that these targets are not compromised by attackers. In organizations, these layers can be compressed into three categories: people, processes, and technology.

People

This is the category that includes users. Users are known to be particularly weak in the cybersecurity chain. Unfortunately, cyber criminals are aware of this and often target them rather than systems during attacks. Users are the culprits in creating weak passwords, downloading attachments in strange emails, and easily falling for scams.

Processes

This category encompasses all the processes used by the organization. These can include business processes, such as the supply chain, that could be exploited by attackers to get malware inside companies. Supply chains are, at times, targeted in organizations that are well secured against other methods of being attacked.

Technology

Technology relates to both the devices and software used by an organization. Technology has been a prime target for cyber criminals and they have developed many techniques to compromise it. While security companies try to keep abreast of the threats facing technology today, it seems that cyber criminals have always had the upper hand. Cyber criminals can source new types of malware from underground markets and use them in multiple attacks against different technologies.

Previous Section
End of Section 2
Next Section