Financial Institutions, Merchants, and the Race Against Cyberthreats

Financial Institutions, Merchants, and the
Race Against Cyberthreats

© 2013 RSA. All rights reserved. Reproduction of this report by any means is strictly prohibited.

Financial Institutions, Merchants, and the Race Against Cyberthreats

October 2013

TABLE OF CONTENTS
INTRODUCTION .............................................................................................................................................. 3
FINANCIAL INSTITUTIONS AND MERCHANTS: THE TARGETS ......................................................................... 4
CYBERTHREATS: THE TOP TROUBLEMAKERS .................................................................................................. 7
HACKING ................................................................................................................................................... 7
PHISHING .................................................................................................................................................. 8
MALWARE ................................................................................................................................................. 8
MOBILE .............................................................................................................................................. 10
DISTRIBUTED DENIAL OF SERVICE ........................................................................................................... 11
UPPING THE ANTE ........................................................................................................................................ 13
RSA ADAPTIVE AUTHENTICATION AND RSA SILVER TAIL ........................................................................ 14
CONCLUSION ................................................................................................................................................ 15
ABOUT AITE GROUP...................................................................................................................................... 16
AUTHOR INFORMATION ......................................................................................................................... 16
CONTACT ................................................................................................................................................. 16
ABOUT RSA ................................................................................................................................................... 17

LIST OF FIGURES
FIGURE 1: TYPE OF ORGANIZATION RESPONSIBLE FOR CYBERTHREAT ACTIVITY .......................................... 5
FIGURE 2: CYBERTHREAT COUNTRY OF ORIGIN ............................................................................................. 6
FIGURE 3: NUMBER OF UNIQUE NEW ONLINE MALWARE STRAINS .............................................................. 9
FIGURE 4: NUMBER OF UNIQUE NEW MOBILE MALWARE STRAINS............................................................ 10


2


October 2013

INTRODUCTION
The cyberthreats that menace the global economy are multiplying at an alarming rate. These
threats come in the form of malicious software code, waves of distributed denial of service
(DDoS) attacks, and insidious corporate espionage, all designed to provide financial or political
benefit to criminals. While no aspect of the global economy is immune to attack—everyone from
government entities to utilities to e-commerce merchants has hit the headlines with big
breaches over the last year—this white paper will focus on two of the most lucrative targets for
the organizations behind the attacks: financial institutions (FIs) and merchants.
One of the challenges in defending against the onslaught of attacks is the many different players
and attack vectors. International organized crime rings seek financial gain; nation-states,
individuals, and crime rings are engaged in espionage against governments and businesses; and
hacktivists hope to make headlines. There are no clear dividing lines between players' causes,
either; many times, the place where hacktivists leave off and fraudsters begin is none too clear.
There are a few common elements in the threats and the defenses employed by FIs and
merchants, however.
•

The threats are escalating more quickly than banks or businesses can deploy defenses
against them. The bad guys don't have to make a business case in order to innovate and
deploy new technology, whereas the forces of good usually do. With new malware being
deployed constantly (more than 150,000 unique new strains each day in Q1 2013), it's
very difficult for the good guys to keep pace.

•

The username/password combination as an authenticator is officially broken. With
myriad database breaches over the last year compromising tens of millions of
usernames and passwords, and consumers exercising very little care or caution, the sole
relevant use of this combination is now that of a database look-up mechanism.

•

Nobody is ever 100% secure. The threat environment is simply moving too fast. Rather
than bulletproof security, organizations need to focus on ways to make the cost of
breaching their security more trouble than the data that could be obtained is worth,
using a layered, risk-based approach to maintain the balance between security and
customer experience.

To understand the rapidly evolving global threat environment, Aite Group had more than 100
conversations between August 2012 and July 2013 with banks, merchants, vendors, and
investigators in the cybersecurity space. This white paper details the myriad threats and presents
current and planned solutions for FIs and merchants.


3


October 2013

FINANCIAL INSTITUTIONS AND MERCHANTS: THE
TARGETS
The financial services value chain—everyone from the consumer all the way up to the
merchant—consists of lucrative and high-profile targets for the many entities intent on chaos
and financial gain. Figure 1 shows a breakdown of the types of entities responsible for the bulk
1
of 2012 data breaches, as measured in the Verizon Data Breach Investigations Report:
•

Organized crime rings are responsible for 55% of attacks. They are highly structured,
operating as efficient businesses with similar profit and margin objectives as those in
the legitimate economy.

•

State-affiliated entities are responsible for 21% of attacks. These attacks often have
very different methods and motives than those initiated by organized crime rings,
for whom near-term financial gain is the primary impetus. Attacks sponsored by
nation-states are often looking for intelligence rather than credentials or card data.
This intelligence can be obtained via external attacks that plumb the depths of
databases, seeking political or financial advantage (e.g., for insider trading), or via
internal employees leaking information (Edward Snowden is the current poster child
of this category).

•

Lone hackers, who are in it for either individual financial gain or the thrill of the
chase, still initiate a small percentage (8%) of cyberthreats. This group represents a
decreasing minority as the penalties become more severe and the barriers, higher.

•

Hacktivists such as Anonymous and Izz ad-Din al-Qassam Cyber Fighters (the group
responsible for the high-profile and highly successful waves of DDoS attacks
launched against U.S. FIs in September 2012) have certainly garnered plenty of
headlines as a result of their attacks. This classification represents a fairly small
portion of actual breach activity, however: only 2%. Hacktivist groups are typically
more interested in headlines than in financial gain, and they have spent more time
executing disruptive attacks such as DDoS than in actual breach activities.

•

Former and current employees are an insidious threat. While only 1% of breaches
appear to be linked to insider activity, the methodology for this measurement was
binary, requiring that responsibility for breaches be assigned to only one category.
Another section of the Verizon data breach report permitted multiple root causes to
be assigned, and this measurement indicates that insiders are responsible for as
much as 14% of the breaches, highlighting the extent to which the categories are
intertwined (e.g., organized crime rings bribing or otherwise inducing the
participation of insiders).

•

Many of the attack vectors are simply unknown, even after an FI discovers a breach.
This reality highlights the complexity associated with cyberthreats, which can linger

1. Verizon Data Breach Investigations Report, 2013, http://www.verizonenterprise.com/DBIR/2013/

4


October 2013

undetected for months or years, thus exacerbating their impact. Once discovered,
the data trail is often so complex that it is impossible to detect its origin.
Figure 1: Type of Organization Responsible for Cyberthreat Activity
Variety of External Actors

Unknown, 13%
Former employee,
1%
Activist, 2%
Unaffiliated, 8%

State-affiliated,
21%

Organized crime,
55%

Source: Verizon Data Breach Investigations Report, 2013

Figure 2 provides an overview of the countries behind the cyberthreats. Different types of
threats tend to emanate from different regions. The vast majority of China's activity is
espionage-related, while virtually all of Romanian and other Eastern European nations' activity
results in direct attacks on payment cards and online banking activity.


5


October 2013

Figure 2: Cyberthreat Country of Origin
Origin of Top 10 External Actors

China

30%

Romania

28%

United States

18%

Bulgaria
Russia

7%
5%

Netherlands

1%

Armenia

1%

Germany

1%

Colombia

1%

Brazil

1%

Source: Verizon Data Breach Investigations Report, 2013

Much of the data that cybercriminals glean from illicit attacks on the financial services value
chain is monetized via underground Web forums. This is the digital underworld where crime
rings transact, exchange data (for a price), and trade secrets and insights into how to best pilfer
from legitimate enterprises. These forums are essentially the Facebook for bad guys, where trust
and a social network are the means for gaining admission and staying in the club. Transactions
can be consummated in a number of ways, either via exchanges of funds set up via the forum
itself or via instant messaging facilities such as Jabber. Payment can take place via traditional
banking mechanisms, although digital currencies, such as Bitcoin, the erstwhile Liberty Reserve,
and WebMoney, are increasingly favored due to their untraceable nature and the relative ease
with which they can be converted to hard currency.


6


October 2013

CYBERTHREATS: THE TOP TROUBLEMAKERS
Bad guys create turmoil and steal money and data in a number of ways. Hacking, phishing,
malware, and DDoS attacks are chief among the cyberthreats causing trouble for FIs and
merchants. Unfortunately, these problems only promise to get worse. As the United States
migrates to EMV and the highly lucrative counterfeit card business largely dries up for organized
2
crime rings, attacks on digital channels will only intensify.

H AC K I N G
Hacking consists of brute-force attacks in which the bad guys poke and prod to discover portions
of systems and networks that are inadequately secured. At many large organizations, the data is
spread across multiple databases in many different spots throughout the network. Sometimes,
where the data architecture is highly sophisticated and mindful of the value the data represents,
this is by design. All too often, however, this sprawling data architecture is the product of
decades of iterative product development and operational efforts that have resulted in data
stored in isolated pockets and systems across the enterprise. This ad hoc architectural approach
proves incredibly difficult to secure on an ongoing basis. Many times, the back door that
cybercriminals are looking for is opened by an oversight in a new product release. Cybercriminals
also identify vulnerabilities in commonly used programming languages, such as Java or Adobe,
and use those vulnerabilities as their way in.
While card numbers and personally identifiable information (PII) remain highly desirable,
criminals also actively target login credentials, cognizant of the fact that an estimated 55% of all
3
consumers use the same set of login credentials across all of their online relationships. Many ecommerce companies do encrypt those passwords in their databases, but the encryption is
often a simple hash function, designed more for transaction speed than high-grade security.
Many companies will also "salt" the passwords, modifying the password hash with a random
string of data. This makes the passwords more difficult to crack en masse, but they are still by no
means invincible.
When those credentials are compromised and decrypted, criminals typically load them into
automated bots and direct them against as many online properties as possible. For this reason—
due to the many database breaches in which credentials have been compromised—many of the
e-commerce merchants that Aite Group interviewed saw a sharp uptick in account takeover
fraud in 2012.

2. For more details on the U.S. migration to EMV, see Aite Group's report, EMV: A Roadmap and
Guidebook for the U.S. Market, June 2013.
3. Ofcom Adult Media Use and Attitudes Report, 2013.

7


October 2013

PHISHING
Phishing is a tried and true means of inducing end users to reveal their online credentials. Emails
with Web links are sent to end users in an attempt to get them to click the link and input their
credentials into the resulting Web page, which is hosted by the criminals for the express purpose
of harvesting credentials. While various industry groups have made concerted efforts to educate
consumers about the risk, and despite the success of cross-industry initiatives such as the AntiPhishing Working Group in combating phishing, this attack vector is still quite successful for
cybercriminals.
This success has bred a number of equally, if not more successful, variants. Spear phishing, for
example, is a more targeted and effective form of phishing in which attackers send highly
targeted emails designed to compromise user credentials by either directing recipients to a
bogus website or enticing users to download malware to their computers. Many of the data
breaches that include email addresses are later leveraged in spear phishing campaigns. Spear
phishing is more effective than traditional phishing because the criminal knows that the
consumer has a relationship with a particular brand (e.g., Zappos), so he or she can tailor a very
convincing email that will induce the consumer to click through.
Phishing is not limited to the online environment, either. Criminals have extended their phishing
to include SMS to mobile devices, an attack form known as "smishing." Rogue apps in mobile
app stores, purporting to be the mobile banking app for a particular bank or e-commerce brand,
are also increasingly common. One FI executive interviewed for this white paper stated that her
FI is detecting and taking down an average of 300 rogue apps per month that imitate the FI's
brand.

M A LWA R E
4

Malware is another favored tactic of cybercriminals, who do their homework and adjust their
tools and techniques rapidly. The number of unique, new strains of malware released by
criminals is growing rapidly. These new forms of malware have new and different signatures and
are able to slip by antivirus and antispyware programs resident on end users' computers (Figure
3).

4. For more details on malware-based attacks, see Aite Group's reports Endpoint Protection: Secure
Browsers, a Key Element of a Layered Strategy, November 2012, and Banks and Businesses in the
Crosshairs: Cybercrime and Its Impact, September 2011.

8


October 2013

Figure 3: Number of Unique New Online Malware Strains
Unique New Online Malware Strains Released Per Year,
2011 to e2017 (In millions)
165.8
138.2
106.3
81.8
58.4
35.6
24.7

2011

2012

e2013

e2014

e2015

e2016

e2017

Source: McAfee Labs, Aite Group

Unfortunately, there is little in the way of disincentive for the crime groups behind the
production of the malware, and much to gain. Here are just a few examples of the lucrative ways
in which malware is used for illicit gain:
•

Corporate account takeover: Man-in-the-Browser (MitB) attacks, deployed in the
form of the ZeuS Trojan, Citadel, and others, have rapidly turned into the bane of FI
fraud executives' existence. These keylogging Trojans are designed to capture online
banking credentials, which are then used to drain the bank accounts of small and
midsize businesses. ZeuS, one of the most successful strains, has spawned numerous
variants, which add additional nuances such as HTML injection and the ability to
take over users' Web sessions to help further elude detection. Trojans are prolific,
thanks to their ability to be automated.

•

Intelligence gathering: Numerous forms of malware are deployed for the express
purpose of gleaning information from the target. This information can be used later,
in more targeted attacks, for insider trading activities or for espionage.

•

Harvesting card data: Point-of-sale (POS) systems are a favorite target of malwaremakers. Once downloaded onto a merchant's computer, the malware enables
cybercriminals to easily access unencrypted card data. One bank investigator Aite
Group interviewed stated that this malware is becoming so prevalent that postbreach forensic investigations are often discovering multiple forms of unrelated
malware on merchants' systems, meaning that the data has been compromised and
sold on the black market multiple times by different crime rings.


9


October 2013

Cybercriminals are not limiting their attacks on merchants to credit card-based fraud. To the
extent that rewards, sweepstakes, and coupons are available on a merchant's website,
cybercriminals will program their bots to attack this functionality as well, and endeavor to use it
in ways that are unintended. These business logic abuses impact merchants in a number of
ways. First, there is the hard cost (e.g. paying out a sweepstakes prize to a crime ring who has
submitted hundreds of thousands of entries for the prize). Business logic abuses can also
adversely impact the genuine customer experience, can lead to revenue or data loss, and can
have a negative impact on the merchant's brand. There is an infrastructural cost to consider as
well. The server load imposed by business logic abuses is often more difficult to measure, but
ultimately more costly. The large volumes of traffic caused by bots often requires merchants to
implement extra server capacity to be able to maintain response time and uptime service levels
unless some sort of behavioral analytic technology can be leveraged to detect and block the
devices responsible for the attacks.
MOBILE
While the mobile environment currently has far fewer strains of malware, the mobile malware
population is growing at a much faster rate. In 2011 there were only 792 new strains of malware
deployed; that number jumped nearly twentyfold in 2012, and at the current pace, nearly
90,000 unique strains of malware will be deployed in 2013 (Figure 4). Mobile will continue to be
an area of continued focus and innovation by cybercriminals as the number and value of
transactions originating in the mobile channel continue to increase. Trojans designed to steal
data and compromise banking credentials represent the bulk of the new malware deployed.
More than 95% of mobile malware is directed at the Android platform, a result of the openness
of the Android app store, the popularity of the devices themselves, and the fragmentation of the
supply chain, which makes it very difficult for Google to push the latest security patches and
updates to the end user.
Figure 4: Number of Unique New Mobile Malware Strains
Unique New Mobile Malware Strains Released Per Year,
2011 to e2017

11,864,379

5,158,426

1,612,008
792

14,259

89,556

403,002

2011

2012

e2013

e2014

e2015

e2016

e2017

Source: McAfee Labs, Aite Group

10


October 2013

The pain in the mobile channel is manifesting in different ways for FIs and merchants. Merchants
have not locked down the mobile channel to the extent that FIs have from a functionality
perspective, and as mobile transaction volume rises, many merchants are seeing a spike in fraud
related to the mobile channel as well. One merchant interviewed by Aite Group just launched its
mobile app in May 2012 and is already seeing fraud rates that are many multiples higher than
those in its online channel. Another merchant reports chargeback rates in its mobile channel
that are twice that of its online channel. A third merchant is bracing for an influx of mobile fraud;
it is preparing to deploy its native app, which will effectively expose the application
programming interfaces (APIs) for all to see, thus presenting fraudsters with a whole new range
of attack possibilities. There are a couple of significant challenges inherent in the exposed APIs:
•

Man-in-the-Middle attacks will become a much bigger threat, as cybercriminals have a
proven ability to use the exposed elements to recreate the app and insert themselves in
the transaction stream.

•

Visibility into the API will enable the fraudster to mass enroll large quantities of accounts
or feed fraudulent orders en masse into the merchant's system. This is a problem of
scale that most merchants aren't prepared to address—even when the problem is
detected, it takes a fraud analyst five to 10 minutes on average per order to roll back the
order. A large attack that feeds 10,000 bad orders into the system in this way would be
akin to a denial-of-service attack on a merchant's fraud operation, essentially paralyzing
the operation.

The merchant experience could be a harbinger of things to come for FIs. FIs are not yet seeing
much fraud that can be solely attributed to the mobile channel—most of the losses are the
result of cross-channel fraud, in which the credentials are harvested from the mobile channel
(often via phishing or smishing), and then used online. Risk has been contained by limiting the
risk level of transactions that can be performed from the mobile channel. For higher-risk
transactions that are enabled, the risk is contained via velocity controls and rules. This
containment strategy has a limited shelf life, however, as FI customers increasingly expect the
mobile channel to have the same capabilities as online.

D I ST R I B U T E D D E N I A L O F S E R V I C E
The DDoS stakes have officially been raised. The waves of DDoS attacks against major U.S.
financial institutions that started in September 2012 have been unprecedented in size and scale.
They successfully brought down the websites of some of the biggest financial brands, resulting in
irritated customers and overwhelmed call centers.
Using a combination of "zombie" devices (i.e., devices compromised by malware and controlled
by the hacktivists) and application servers to form a botnet, perpetrators were able to flood
bank websites with a high volume of traffic, at times exceeding 30 million packets per second.
The attacks used legitimate IP addresses and combined a mix of attack vectors, simultaneously
targeting both infrastructure and application layers. The initial DDoS attacks contained 10 times
the volume of a typical denial of service attempt, and major brand-name banks all saw their sites
go down. The Izz ad-Din al-Qassam Cyber Fighters claimed credit for the attacks, a claim that
carries credibility since the attacks were publicly announced prior to the websites crashing. The

11


October 2013

group has not only unleashed subsequent waves of attacks but has also effectively created a
roadmap for other groups intent on disrupting commerce, garnering headlines, and creating new
opportunities for fraud.
As banks build plans to defend against this new form of attack, their efforts need to focus both
on shoring up the online channel and on understanding the collateral impact on other channels.
When a critical channel goes down, other channels—particularly the call center—feel the
impact. Fraud-mitigation capabilities should be a particular area of focus; fraud filters need to be
able to handle the higher volume that will flow through the call center. The call center already
represents a point of vulnerability for many FIs, with many fewer lines of defense than the online
and mobile channels typically employ. When a flood of traffic hits the call center, there are many
opportunities for fraudsters to take advantage of the chaos and slip fraudulent requests in with
the genuine. If FIs are unprepared, it will be all too easy for these requests to slide through
5
undetected.
While merchants have largely been exempt from these attacks thus far, they are by no means
immune, especially as banks have strengthened their Web defenses and are harder to take
down. To the extent that their brand is high profile and successful, merchants should consider
themselves targets and ensure they have a solid DDoS contingency plan in place.

5. See Aite Group's report, Look Who's Talking: Financial Institutions' Contact Centers Under Attack, April
2013.

12


October 2013

UPPING THE ANTE
The sad reality is that no business can ever truly achieve 100% security. The threat environment
is moving too fast, and the insidious ability of external and internal criminals is too great for any
type of silver-bullet assurance. The strategy that many FIs and merchants are undertaking is to
continue to increment their security infrastructure, with complementary layers of technology
that make it more trouble for the bad guys to penetrate the defenses than the data that the
criminals are seeking is worth. As noted earlier, organized crime rings are behind many of the
attacks, and these highly efficient businesses have the same requirements of profitability that
legitimate businesses do. If it is too expensive to penetrate a target's security layers, the
criminals will usually move on to easier prey. That said, a layered, risk-based combination of
technology and policy can serve as highly effective means of cybercrime deterrence and
detection.
Behavioral analytics is a leading technology used by FIs and merchants alike to serve as the
underpinning of a risk-based approach. Behavioral analytics can be deployed in a variety of ways
to detect anomalous behavior indicative of not only the fraudulent activity itself but also the
reconnaissance tactics that often lead up to the fraud. Through rules and/or analytics, behavioral
analysis tools detect fraud by monitoring the user session to detect suspicious activities or
patterns. Behavioral analysis technologies can also examine Web navigation techniques to
highlight anomalies indicative of suspicious activity.
Behavioral analytics represent a great way to detect pattern anomalies and are a key technology
for FIs seeking to bring their fraud-mitigation technologies down to the transaction level. As with
any tool, there is a certain level of false positives, which is where the importance of layering
comes in (i.e., the ability to prompt the user to perform additional levels of authentication in a
manner appropriate to the transaction). Here are a few examples of behavioral analytics in
action:
•

Bot-based attacks: Automated bots do not behave in the same way as do legitimate
users. They move faster, and navigation patterns will differ from those of a legitimate
Web user. Behavioral analytics can detect these anomalies and either prompt for
stepped-up authentication or just invoke actions to block the offending IP addresses
altogether.

•

Trojan-based attacks: Cybercriminals will often not transact in patterns consistent with
those of a legitimate end user. Behavioral analytics can detect many of the hallmarks of
a Trojan-based attack (for example, a US$200,000 wire transaction is being initiated,
when the typical wire amount for that user is US$20,000) and can execute on either a
series of stepped-up authentication prompts or can block the transaction entirely and
flag it for manual review.

•

DDoS: Hacktivists and cybercriminals will often perform reconnaissance prior to many of
their attacks to study their target and understand points of weakness. DDoS is no
exception, and behavioral analytics can be used to detect these patterns of
reconnaissance, which again have distinct navigational patterns (going to an unusual
combination or sequence of Web pages) and unusual IP address frequencies. During an


13


October 2013

attack, behavioral analytics are instrumental in detecting the offending IP addresses and
shutting them down rapidly.

RS A A DA P T I V E AU T H E N T I C AT I O N A N D R SA S I LV E R TA I L
RSA Adaptive Authentication uses risk-based authentication to measure the risk associated with
a user's login and post-login activities. Using risk modeling and a rules-based approach, a unique
risk score is assigned to each activity. If the score exceeds the risk threshold as determined by
each organization, a user may be asked to provide additional identity assurance such as out-ofband authentication. RSA Adaptive Authentication is currently used to protect more than 350
million users across a number of websites, portals, mobile applications, virtual private networks
(VPNs) and Web access management applications.
RSA Silver Tail utilizes Web session intelligence to help distinguish legitimate user behavior from
suspicious activity within online sessions. Used to identify a number of attacks, including account
takeover, DDoS, password guessing, and business logic abuse threats, RSA Silver Tail captures
and analyzes user clickstreams on a website to build behavioral profiles and compares activity
within each Web session to profiles of legitimate user behavior to identify fraudulent or
disruptive activity.
Together, RSA Adaptive Authentication and RSA Silver Tail provide risk-based security threat
detection—from initiation of a Web session through site navigation to transaction monitoring to
session end. Using proven authentication and fraud detection technology with behavior, velocity
and threat analytics, the combined solutions offer threat and fraud mitigation throughout the
entire Web session.


14


October 2013

CONCLUSION
With the knowledge that 100% security can never be assured in the face of cyberthreats, the
strategies of leading FIs and businesses instead focus on making the effort to breach their
security more trouble than the underlying data is worth (or more difficult to garner than it is to
compromise the bank or business down the street). Here are a few suggestions for FIs and
merchants:
•

Look for tools that can be leveraged in different ways to solve multiple problems.
While there is no such thing as a one-size-fits-all tool when it comes to security,
tools such as behavioral analytics can be leveraged in various ways to solve different
problems.

•

Encrypt sensitive data both in storage and in transmission. This includes PII as well
as credentials.

•

Build a robust feedback loop so that in the event that your security is compromised
you can quickly assess how and why, and adjust your defenses accordingly.

•

Don't put all your eggs in one basket. Cybercriminals have proven adept at
bypassing virtually every form of online fraud mitigation and authentication when
deployed as a single point solution. To be effective in the war against cybercriminals,
FIs need to adopt a layered approach that protects not only the session but also the
transaction itself.

•

Continue to perform ongoing risk assessments. It's important to stay abreast of the
latest malware capabilities and understand how current defenses can (or cannot) be
effective against them.

•

Proactively interface with marketing and technology. Ensure you have input and
buy-in from all stakeholders when new functionality is planned via online and
mobile channels so you have preparation time instead of being in a reactive mode
after its introduction.


15


October 2013

ABOUT AITE GROUP
Aite Group is an independent research and advisory firm focused on business, technology, and
regulatory issues and their impact on the financial services industry. With expertise in banking,
payments, securities & investments, and insurance, Aite Group's analysts deliver comprehensive,
actionable advice to key market participants in financial services. Headquartered in Boston with
a presence in Chicago, New York, San Francisco, London, and Milan, Aite Group works with its
clients as a partner, advisor, and catalyst, challenging their basic assumptions and ensuring they
remain at the forefront of industry trends.

AU T H O R I N FO R M AT I O N
Julie Conroy
+1.617.398.5045
jconroy@aitegroup.com

C O N TAC T
For more information on research and consulting services, please contact:
Aite Group Sales
+1.617.338.6050
sales@aitegroup.com
For all press and conference inquiries, please contact:
Aite Group PR
+44.(0)207.092.8137
pr@aitegroup.com
For all other inquiries, please contact:
info@aitegroup.com


16


October 2013

ABOUT RSA
RSA, The Security Division of EMC, is the premier provider of intelligence-driven security
solutions. RSA helps the world's leading organizations solve their most complex and sensitive
security challenges: managing organizational risk, safeguarding mobile access and collaboration,
preventing online fraud, and defending against advanced threats.
Combining agile controls for identity assurance, fraud detection, and data protection, robust
Security Analytics and industry-leading GRC capabilities, and expert consulting and advisory
services, RSA brings visibility and trust to millions of user identities, the data they create, the
transactions they perform, and the IT infrastructure they rely on. For more information, please
visit www.RSA.com and www.EMC.com.


17

Financial Institutions, Merchants, and the Race Against Cyberthreats

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (15)

Similar to Financial Institutions, Merchants, and the Race Against Cyberthreats

Similar to Financial Institutions, Merchants, and the Race Against Cyberthreats (20)

More from EMC

More from EMC (20)

Recently uploaded

Recently uploaded (20)

Financial Institutions, Merchants, and the Race Against Cyberthreats