Hands-On Cybersecurity for Finance
Identify vulnerabilities and secure your financial services from security breaches
Dr. Erdal Ozkaya
Milad Aslaner
BIRMINGHAM - MUMBAI
Hands-On Cybersecurity for Finance
Copyright 2019 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
Commissioning Editor: Vijin Boricha
Acquisition Editor: Heramb Bhavsar
Content Development Editor: Nithin George Varghese
Technical Editor: Komal Karne
Copy Editor: Safis Editing
Language Support Editor : Storm Mann
Project Coordinator: Drashti Panchal
Proofreader: Safis Editing
Indexer: Pratik Shirodkar
Graphics: Tom Scaria
Production Coordinator: Arvindkumar Gupta
First published: January 2019
Production reference: 1310119
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham
B3 2PB, UK.
ISBN 978-1-78883-629-6
www.packtpub.com
This book is dedicated to: my wonderful wife, Arzu, my better half, who helps me to be me. I am who I am today because of her, my son Jemre, my best friend and supporter and My daughter Azra, my best friend and my source of energy.
Dr. Erdal Ozkaya
This book is dedicated to the three most important women in my life: my mother, Hasine, who has always looked after me; my sister, Aylin, who helped me to become a better person; and my better half, Salpie, who made me realize what is truly important in life.
Milad Aslaner
mapt.io
Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.
Why subscribe?
Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals
Improve your learning with Skill Plans built especially for you
Get a free eBook or video every month
Mapt is fully searchable
Copy and paste, print, and bookmark content
Packt.com
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.packt.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at customercare@packtpub.com for more details.
At www.packt.com , you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks.
Foreword
As cybercrime continues to be a growing threat to critical-business infrastructure, global economies, and financial stability, there is a need for vigilance across all sectors, geographies, and industries. There are many techniques, tools, and technologies that financial services organizations can employ to protect their infrastructure, data, and people from a compromise. On occasion, it appears as if there is a surfeit of such techniques, tools, and technologiesand the number of available solutions is overwhelming to even the largest global organizations, and even more so to those who do not have mature, well-funded, and well-staffed security organizations. In this book, Dr. Erdal Ozkaya and Milad Aslaner explore the many different aspects of building a comprehensive and segment-specific offense and defense against current and emerging threats to global financial services organizations. Their objective is to reduce the complexity and focus on the fundamentals of cyber resilience and good cyber hygiene by means of practical advice. As global threats continue to increase in volume and complexity, it is often important to make certain we are doing the basics well. The advanced tools will be valuable, but our ability to construct and operate a scalable and sustainable security program with relevant processes, people, and tools is what will allow us to be successful over the long term. Both of the authors have relevant, boots-on-the-ground experience to share, and I encourage you, the reader, to read this book with a pragmatic view of what is possible today, while regarding it as a building block for the future success of your security program.
Ann S. Johnson
Corporate Vice President, Microsoft
Contributors
About the authors
Dr. Erdal Ozkaya is a leading cybersecurity professional skilled in business development, management, and academics. He spends his time securing the cyberspace and sharing his knowledge as a security adviser, speaker, lecturer, and author. Erdal is passionate about reaching communities and creating cyber-aware campaigns. He leverages new and innovative approaches and technologies to holistically address information security and privacy needs for people and organizations worldwide. He has co-authored many cybersecurity books as well as security certification courseware and exams for different vendors. Erdal is also a part time lecturer at Australian Charles Sturt University.
My special thanks to all my family and friends for sharing their feedback and helping me be better. When I look back at my life so far, you are always a part of my best memories. You have always been there when I needed you, and I promise that I will be there when you need me. I will not mention any names specifically as I do not want to risk forgetting any of you. You know who you are.
Milad Aslaner is a security professional with over 10 years' experience in product engineering and management. He has published white papers and books on social engineering, the practical application of cybersecurity, and cybersecurity in the financial services industry, with a technical focus on EDR, TVM, incident response, and real-world exploitation techniques. During his time at Microsoft since 2012, he has led the commercial software engineering team for the Surface Book and Laptop, and built security features such as SEMM. As a senior security program manager, he aims to transform strategic enterprise customer requirements to realize new scenarios, thereby safeguarding Microsoft customers against the evolving threat landscape.
Next page