Over the past couple years, Business Email Compromise (BEC) attacks have wreaked havoc on businesses from all industries and of all sizes around the world. One of the most notable examples being the Bangladesh Bank heist. As cybercriminals evolve however, they are starting to advance these tactics to create a new, more nefarious type of attack. This webinar will describe this new attack method, Business Process Compromise (BPC), and explain how cybercriminals’ understanding of how organisations process financial transactions is being used to increase their payout. While a BEC attack might yield a hundred thousand pounds by luring an innocent employee to transfer money to a criminal’s account, hacking directly into a financial transaction system could result in far greater financial windfalls for criminals.
Join this webinar to hear several real-world examples highlighting how BPC works and specific steps that your organisation can take to recognise and defend against Business Process Compromise. The speakers will demonstrate how security technologies like application control can lock down access to mission-critical terminals while endpoint protection detects malicious lateral movement.
Presented by
Morton Swimmer,
Senior Threat Researcher, Trend Micro Forward Looking Threat Research (FTR)
Dr Morton Swimmer is a founding member of the digital community CARO.org and a researcher in the field of Malware and security since 1988. He is also the Technical Editor at Virus Bulletin. Over the years, he has worked in academia as well as industry working for IBM Research, S&S International (now Intel), Intel Security and currently Trend Micro. In his role at Trend Micro as Senior Threat Researcher is he responsible for research on dark markets, hacker groups, as well as in-depth analysis of malware and supporting law enforcement.
Tiernan Connolly,
Senior Manager, EY Cyber Threat Management
Tiernan Connolly is a senior manager in EY’s Cyber Threat Management practice with over 12 years’ experience in the financial and consulting sectors.
He has a broad and deep knowledge of the domestic and international dimensions of cyber security, threat intelligence, strategy, risk and governance, and has played a lead role in developing industry intelligence-sharing initiatives and frameworks.
In his role at EY, he designs and delivers industry-leading security solutions through integrated managed and bespoke security services.
