Speaker:
Hector Monsegur, Chief Researcher, Rhino Security Labs - former hacktivist

Formerly known by his online alias "Sabu," Hector Monsegur was once the technical expert behind the Anonymous/LulzSec hacker collectives. As a blackhat, he highlighted critical vulnerabilities in numerous organizations, including governments, military organizations and cybersecurity firms.

Since his arrest in 2011, Monsegur has worked with the US Government, helping to identify key vulnerabilities - and potential attacks - against major federal infrastructure, including the US military and NASA. Now an internationally recognized expert on global cybersecurity issues, Monsegur is a proven offensive security researcher and industry leader. In this keynote session, Monsegur will:

• Detail his transition from black hat to white;
• Discuss his work today as a security researcher, where he helps public and private sector entities avoid being victims of hacks and fraud;
• Participate in an on-stage interview where he will take questions from attendees.

Speaker:
Ron Green, Executive VP & CSO, Mastercard

Ron Green leads a global team that ensures the safety and security of the Mastercard network, as well as internal and external products and services, including business continuity.

In this exclusive Summit appearance, Green will sit for a "fireside chat" interview in which he will address top fraud trends and payment card security, as well as take questions from attendees.

Coverage will include:

• The evolution of the threat landscape;
• Functions of Mastercard's fusion center;
• 2019 initiatives, including next-generation identity management solutions.

Speaker:
Avner Gideoni, Chief Technology Officer of Trusteer, IBM Security

Join a behind the scenes tour of the largest anti-fraud provider research operation. We will discuss how to interlace Machine Learning, cyber threat intelligence, and fraud analysts into agile and accurate fraud prevention.

Taking a use case approach, we will demo a behavioral biometrics detection technology, and discuss how to combine it with device hygiene, fingerprint, phishing detection, spoofing attempts, worldwide fraudster database and many more, to stop fraud and on the same time provide as low as 0.005% alert rate.

Speaker:
Franklyn Jones, Chief Marketing Officer, Cequence

Malicious bot attacks now account for nearly one-third of all Internet traffic. These attacks specifically target the web, mobile and API applications that power today's hyper-connected organizations that rely on the Internet to connect with customers and support business processes. The goal of these bad actors is to disrupt your business for their financial gain. Although their intent is malicious, their content is benign, which makes these attacks very difficult to detect and defend.

Attend this session to learn:

• The basic components of these attacks
• Insights from new research gathered from 200+ large organizations that have experienced bot attacks
• Security strategies for stopping these attacks before they achieve their objectives.

Speaker:
Debra J. Geister, Financial Crimes Strategist, NICE Actimize

With the increasing speed of payments comes more pressure on financial institutions to not only compete but to ensure they have appropriate fraud controls in place to keep pace. Risk is inevitable with a growing faster payments environment, but there are many benefits and technology advancements that provide safeguards for you and your customers.

Join Deb Geister, NICE Actimize Fraud SME, as she discusses:

• How to manage the risk that comes with faster payments, while still providing a competitive, profitable solution
• Balancing risk detection, fraud mitigation and governance
• Internal steps to support fraud operations in a faster payments environment

Speakers:
Brett Beranek, Vice President & General Manager, Security Line of Business, Nuance Communications, Inc.
Jason Costain, Head of Fraud Strategy and Relationship Management, Royal Bank of Scotland

While banks are undergoing digital transformations, one of the ways they communicate is decidedly analog. Because not every customer wants to engage through apps or websites, contact centers still need to answer the phone.

Fraudsters know this too: Armed with personal information, PINs and passwords exposed by data breaches, they're specifically targeting contact centers' voice-based services because they're easier targets than digital channels. They also know that agents trained to be helpful are highly susceptible to social engineering attacks.

Join us as our presenters show how one of the world's largest banks is responding to these challenges. By implementing voice biometrics in the telephony channel, Royal Bank of Scotland has screened more than 18 million inbound calls and produced over 23,000 alerts. About one in every four calls investigated is found to be from a fraudster and, in some cases, RBS has been able to get suspects arrested by providing law enforcement with the information they've collected.

Speaker:
Tim Bedard, Director, Security Product Marketing, OneSpan

Fifty-four percent of survey respondents say their institutions' digital authentication measures are average or below when compared to their peers. And 55 percent rate themselves at average or below when it comes to their institution's current ability to apply the right amount of security to the right transactions at the right time. These are among the key results of The State of Adaptive Authentication in Banking survey.

Attend this session to learn more about the survey results and receive live, expert analysis about:

• How to benchmark where your organization is on the road of adaptive authentication;
• Business benefits to be gained;
• Tools, skills and partnerships to get you there.

Speaker:
JP Blaho, Market Insights Leader, Arbor Networks

In a time when artificial intelligence is proliferating corporate environments, being able to identify fraudulent activities coming from a person or from a machine has become a challenge. Even though the orchestrated fraud has a bad actor, the manner and actions taken to go undetected are advanced. Security operations struggle to correlate this data between humans and machines. Disparate applications, infrastructures and security platforms have exacerbated this dilemma.

In this session, we will discuss how supplementing existing defense postures from the Enterprise edge defends against network fraud by having:

• Visibility from a global perspective all the way to your unique network;
• Understanding of the latest orchestrated attacks;
• Insight into a pragmatic approach to optimize defenses against fraud.

Speaker:
Jason Clark, Insider Threat Researcher, Carnegie Mellon University CERT Insider Threat Center

The CERT Insider Threat Center at Carnegie Mellon University is one of the world's leading authorities on detecting insider fraud, and it has just released Version 6 of its Best Practices to Mitigating Insider Threats.

As part of this research, the center addresses how to detect and prevent insider fraud, as well as how to map insider threat programs to existing standards such as the NIST Cybersecurity Framework.

Attend this session to learn:

• The latest research on insider fraud
• How "accidental insiders" are enabling fraud schemes
• How to map your insider fraud/threat program against industry standards, including the NIST Cybersecurity Framework.

Speaker:
Roger Piqueras Jover, Research Scientist and Senior Security Architect, CTO Security Architecture team, Bloomberg LP

Mobile communication networks and, by extension, smartphones, have become an inherent and necessary platform for most enterprises. However, despite the general consensus of staying away from unprotected WiFi access points, there is a mainstream misconception that cellular networks are fully secure.

But the security research community has identified a number of vulnerabilities in both GSM and LTE that can be exploited with popular open-source implementations of the cellular stack and under $2000 worth of hardware.

This talk will explore:

• The main protocol vulnerabilities in mobile networks, from GSM to LTE, and how can they be leveraged by hackers and fraudsters.
• The impact of these network vulnerabilities in the context of fraud and privacy.
• Preventive measures to consider against these threats.

Speaker:
Myke Lyons, Global Director of Security Transformation, ServiceNow

Email fraud and phishing continue to be an effective attack vendor as they are relatively inexpensive and take advantage of the weakest link in your security program: your users. Combatting these attacks is slow and labor intensive as security analysts typically spend hours trying to determine if an email and its contents are truly malicious.

Security Automation, Orchestration, and Response (SOAR) is the ideal technology to apply to phishing and fraud use cases. SOAR can relieve your analysts of the repetitive, mundane, and manual part of the response process, allowing analysts to focus on solving problems, not cutting, pasting, and waiting for results. Come to this session to learn more about SOAR and proven, practical use cases to help you quickly respond to these types of attack at scale.

Speaker:
Ondrej Krehel, Cybersecurity & Digital Forensics, LIFARS LLC

When a total of $580 Million left two Cryptocurrency exchanges after a sophisticated compromise, LIFARS team was engaged in an investigation that involved FBI, US Secret Service, Europol, DHS, IRS and DOJ. This session will take you exclusively inside that investigation and discuss:

• Cryptocurrency fraud schemes, including real stories from the trenches;
• AML issues with bankers, hidden assets, payments by drug lords and ransomware;
• Blockchains role in tracking the transactions - and its limits.

Speaker:
Jeffrey Dant, Managing Director, Fraud Operations and Intelligence - Financial Crimes Unit, BMO Financial Group

As the fraud threat continuously changes, financial institutions must be able to adapt to the threat in order to protect assets and customers. While organizational changes and shifts are part of business, integration of multiple disciplines through dedicated Fusion Centers allows dynamic change in posture, while minimizing unnecessary organizational change. Jeff Dant of Citi's Global Consumer Bank will walk through the journey from the beginning to current state of Citi's Fraud Fusion Center. He will include the vision, the need, implementation, and significant lessons learned along the way.

Speakers:
Dora Gomez, FSO, IT Advisory - Financial Crimes, Fraud and Compliance, Ernst & Young
Kenneth Citarella, Senior Managing Director of Investigations, Guidepost
Rodrigo Figueroa, Head of Fraud Risk Management Oversight, PayPal

Organizations lose an estimated 5% of their annual revenue to fraud. Clearly, an organization that focuses on assessing fraud risks is better prepared to deter and prevent fraud incidents. How confident are you that your organization has an effective and comprehensive fraud risk assessment?

Our panel of anti-fraud experts will discuss the evolving fraud risks organizations are tackling and how they are mitigating them. Among the topics:

• Current fraud trends;
• How these incidents affect our consumer/clients and our own organizations;
• New strategies to assess, detect and prevent evolving fraud schemes.