Book Image

Hands-On Cybersecurity for Finance

By : Dr. Erdal Ozkaya, Milad Aslaner
Book Image

Hands-On Cybersecurity for Finance

By: Dr. Erdal Ozkaya, Milad Aslaner

Overview of this book

Organizations have always been a target of cybercrime. Hands-On Cybersecurity for Finance teaches you how to successfully defend your system against common cyber threats, making sure your financial services are a step ahead in terms of security. The book begins by providing an overall description of cybersecurity, guiding you through some of the most important services and technologies currently at risk from cyber threats. Once you have familiarized yourself with the topic, you will explore specific technologies and threats based on case studies and real-life scenarios. As you progress through the chapters, you will discover vulnerabilities and bugs (including the human risk factor), gaining an expert-level view of the most recent threats. You'll then explore information on how you can achieve data and infrastructure protection. In the concluding chapters, you will cover recent and significant updates to procedures and configurations, accompanied by important details related to cybersecurity research and development in IT-based financial services. By the end of the book, you will have gained a basic understanding of the future of information security and will be able to protect financial services and their related infrastructures.

Related Content you might be interested in

Current Title:

Small book image
Hands-On Cybersecurity for Finance
Dr. Erdal Ozkaya | Milad Aslaner
Jan, 2019 | 308 pages
Small book image
Cybersecurity - Attack and Defense Strategies
Erdal Ozkaya | Yuri Diogenes
Jan, 2018 | 384 pages
Small book image
Cybersecurity – Attack and Defense Strategies.
Erdal Ozkaya | Yuri Diogenes
Dec, 2019 | 634 pages
Small book image
Cybersecurity – Attack and Defense Strategies, 3rd edition
Yuri Diogenes | Erdal Ozkaya
Sep, 2022 | 570 pages
Table of Contents (20 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Disclaimer
Free Chapter
1
Introduction to Cybersecurity and the Economy
Introduction to Cybersecurity and the Economy
What is cybersecurity – a brief technical description?
The scope of cybersecurity
General description of hacking groups and cyber espionage
Cybersecurity objectives
Financial repercussion of reputational damage caused by cyber attacks
Digital economy and related threats
Summary
Further reading
2
Cyber Crime - Who the Attackers Are
Cyber Crime - Who the Attackers Are
Introduction to cyber crime
Threat actors
Summary
3
Counting the Costs
Counting the Costs
The cost of a cybersecurity attack
Breakdown of the costs of a cyber attack
Breakdown of the cost of securing an organization
Bonus
Summary
Further reading
4
The Threat Landscape
The Threat Landscape
Threats against end customers
Threats against financial institutes
Summary
5
Phishing, Spamming, and Scamming to Steal Data and Money
Phishing, Spamming, and Scamming to Steal Data and Money
Phishing scams
Spamming
Summary
Further reading
6
The Malware Plague
The Malware Plague
Malware categories
Malware trends
Malware infection vectors
Summary
7
Vulnerabilities and Exploits
Vulnerabilities and Exploits
Detecting vulnerabilities
Exploitation techniques
Exploitation delivery
Summary
Further reading
8
Attacking Online Banking Systems
Attacking Online Banking Systems
Online banking benefits for financial services
The online banking process
Attack techniques
Summary
Further reading
9
Vulnerable Networks and Services - a Gateway for Intrusion
Vulnerable Networks and Services - a Gateway for Intrusion
Vulnerable network protocols and network intrusions
Attacking web servers and web-based systems
Hacking wireless networks
Vulnerable network devices
Summary
Further reading
10
Responding to Service Disruption
Responding to Service Disruption
Cybersecurity incidents
Fundamentals
Incident response and management
Summary
Further reading
11
The Human Problem - Governance Fail
The Human Problem - Governance Fail
Business versus security
Failing security management
Careless online behavior
Insider threats
Technological transformation of financial services
Failure in implementing security policies
Summary
Further reading
12
Securing the Perimeter and Protecting the Assets
Securing the Perimeter and Protecting the Assets
Network models
Endpoint security
Summary
Further reading
13
Threat and Vulnerability Management
Threat and Vulnerability Management
Vulnerability management strategy
Defining vulnerabilities in a few steps
The root cause of security issues
Vulnerability management tools
Implementation of vulnerability management
Best practices for vulnerability management
Assess yourself
Understanding risk management
Defense in depth approach
Summary
Further reading
14
Audit, Risk Management, and Incident Handling
Audit, Risk Management, and Incident Handling
IT auditing
Risk management
Incident handling
Summary
Further reading
15
Encryption and Cryptography for Protecting Data and Services
Encryption and Cryptography for Protecting Data and Services
Encryption
Encryption today
Protecting data and services with cryptography
Examples of encryption algorithms
Encryption challenges
Summary
Further reading
16
The Rise of the Blockchain
The Rise of the Blockchain
Introduction to Blockchain technology
Cryptocurrencies
Blockchain challenges and future
Summary
Further reading
17
Artificial Intelligence and Cybersecurity
Artificial Intelligence and Cybersecurity
Threat landscape evolution
Artificial Intelligence
Artificial Intelligence-powered cybersecurity
Summary
Further reading
18
The Quantum Future
The Quantum Future
Evolution of the quantum technology
The quantum technology race
Quantum technology breakthroughs
Impacts of the quantum technology
Summary
Further reading
19
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Detecting vulnerabilities

In 2014, Microsoft's Trustworthy Computing (TwC) division started the Secure Development Lifecyle (SDL) initiative. With this, the tech company introduced a software development process that's used by Microsoft itself to maintain costs and increase the reliability of software with regards to security-related bugs. The following diagram illustrates this process:

Tech companies and governments started working together to deliver a platform for a responsible vulnerability disclosure process. In addition, many tech companies started rewards programs, offering money for newly discovered vulnerabilities. As an example, Google started the Google Vulnerability Reward Program (VRP) where the reward for qualifying bugs ranged between $100 to $31,337 US dollars.

There have been many attempts to standardize vulnerability management. One of the most common...

Previous Section
End of Section 2
Next Section