Recently Splunk and Finanz Informatik Technology Service, a provider of IT outsourcing and a finance cloud service, attended a Banking Lounge event, and also had the honor of speaking.
This post is a copy from the review of the event at FI-TS.
FI-TS organized the Banking Lounge on Cybercrime in Frankfurt together with BANKINGCLUB and Splunk. Around 50 interested banking experts came to Bloomberg LP, to listen to talks from Splunk and FI-TS and network.
Welcome to Bloomberg
Before the presentation started, almost all participants took part in the guided tour through the rooms of Bloomberg LP. Werner Kolb, Sales Manager at Bloomberg for 15 years, welcomed us and showed us the offices on the 18th floor. Bloomberg is well known for Bloomberg TV and their hardware. The Bloomberg keyboard and monitor is also famous. Back in the seminar room, which has a spectacular view over the banking metropolis, Werner Kolb introduced us to the Bloomberg Terminal and spoke about “Daily Business” and the philosophy at Bloomberg.
Who are these cyber-criminals and how can you protect yourself?
Dirk Emminger says that cyber security should be the focus theme of the management and supervisory boards of banks and insurance companies.
The scenarios of Cybercrime
Dirk Emminger, sales manager at FI-TS started his presentation with a short movie. It illustrated a scenario, in which a gang copied credit card information by reading the ATM with the help of a mobile app. The person who has previously taken money from the cash point has unfortunately given the gang their account details. Asked the question: “Who believes that this is not real?” – only three participants raised their hands. All the others, including me, could easily imagine that such a thing is technically possible. In fact, when the answer was revealed, we could breathe a sigh of relief, because it was a fictitious example.
Who are the attackers? They are states, hacktivists, insiders or collar criminals. They all have their reasons, and “earning money” is top of the list.
Dirk Emminger sees the challenges for banks and IT service providers being stagnant IT budgets. The traditional protection technology fails when it comes to new types of attacks because the targets are broad and more complex. Therefore Dirk Emminger recommends making Cybersecurity a focus-theme for management and supervisory boards of banks and insurance companies.
Splunk and Big Data
The next important topic of the event was how Big Data can be used in the discovery and defense of cybercrime attacks. Matthias Maier, product marketing manager at Splunk, presented to us the Big Data platform in the field of security. Splunk is a start-up company from San Francisco. Because existing security tools are no longer sufficient to ward off cyber crime, Big Data is used for detecting anomalies. Selective attacks can be detected at an early stage and data theft can be prevented. How does it exactly work? If we think about the product Splunk Enterprise, customers transfer their information to the locally installed Splunk systems. The software generates an index of all machine data, from log files of the server through customer databases to network hardware. This index is updated dynamically and shows the system administrator the various stages of threats. With these insights, organizations can track the situation and correlate events with searches. The insights can be nicely shared in a visual way.
Matthias Maier mentioned some fraud examples around IP addresses and logins. Splunk software can reveal where the most failed login attempts took place and where the person logged in.
If one person logs in in Mexico and half an hour later in Taiwan, you’ll know: something is wrong.
Splunk can not only uncover fraud attacks. The software is also used in the application area to track business trends. Matthias Maier ended his presentation by illustrating the huge potential of Big Data, especially in the banking and insurance industry. In the end all banks (like Google, Facebook and Amazon) have a lot of information about their customers.
Q & A session
There were many questions relating to cybercrime and the Splunk platform. Unfortunately, I cannot list them all, but I have picked three examples:
- “What does the council says if logins are monitored?” – Answer: That’s a good question, but safety regulations must comply with the law. BaFin claims to journalise the accesses by privileged users.
- “Is it critical to give your data to outsourcing service providers?” – Answer: No, because most of these data are also used by the outsourcing service providers. FI – TS is subjected to exactly the same strict data protection provisions as their customers.
- “Is monitoring in the sense of – Can you see how often a sales guy calls the customer back and how often he gets in touch with him – possible?” (Audience laughs). – Answer: It’s possible, but we clearly refuse performance-related monitoring in companies.
The wonderful location of Banking Lounge with FI-TS and Splunk at Bloomberg.
After the presentations concluded, the event went on with its networking part. There were lively discussions with a beautiful view over the skyline of Frankfurt. Matthias Maier didn’t even get anything to eat, because he had to answer so many questions. In the end, security had to tell us to leave, because with such current topics you can easily forget the time.
Thanks again to all participants for the active interest, to our speakers for the great presentations, the BANKINGCLUB for the perfect organization and Bloomberg with Werner Kolb for providing the wonderful location.