JPMorgan Chase outlines their efforts to prevent modern bank robberies and cyber attacks through technology, exercises, and education. They operate 3 global security centers 24/7 to protect the firm and clients. In 2016, one of the largest bank heists resulted in $81 million stolen. The bank conducts assessments, exercises, and simulated phishing attacks to identify vulnerabilities and train employees. These initiatives aim to enhance response plans, improve coordination, and increase cyber resilience against the top attack vector of phishing. JPMorgan Chase also performs penetration testing and collaborates across the industry to help secure the entire financial sector.
2. JPMORGAN CHASE - ABOUT US
100+ >243KCountries which we operate Number of Employees
~$5T $2T+Payments daily on behalf of the
firm and its clients and customers
Daily securities traded and settled
#1 26M+Rated mobile banking app, ATM
network and most visited banking
portal – chase.com
Active customers on mobile app
today
3. WE ARE A TECHNOLOGY COMPANY*
>$9.5B ~$3B
Technology budget Dedicated to new initiatives
~$600M 20K+
Spent on emerging fintech solutions Developers
*Statistics are from the 2016 JPMorgan Chase & Co Annual Report
4. This is Cybersecurity
3Global Security Operations Centers
24/7Follow the sun operating model
Protecting the Firm | Protecting our Clients | Leading the Industry
5. Real Attack Case Study
2016
One of the Largest Bank Robberies Ever Reported
• Resulted in theft of $81M USD
• Largest bank heist ever reported
6. Assessments Exercises & Phishing
Determine feasibility of cyber
attacks and identify high risk
vulnerabilities in JPMC
systems through a
combination of manual and
automated cyber
assessments
Delivers cyber tabletops,
drills, and operational “range”
simulations to identify gaps in
cyber response planning,
coordination and
communications as well as
personnel knowledge, skills,
and abilities
Vulnerability Management Training & Awareness
Responsible for the
identification, classification,
remediation, and mitigation of
software and infrastructure
vulnerabilities within the
JPMC environment
Drives improved business
execution through
performance support and
education for our global cyber
operations professionals
The focus of Cyber Assessments and
Remediation is to identify cyber risks,
vulnerabilities, and process deficiencies
through active exercises, drills, and focused
cyber assessments against JPMC
personnel, processes, and technologies.
Once identified, enhancement and/or
remediation is driven via Cyber Hygiene,
training, and awareness initiatives.
Find Stuff…
Fix Stuff
Assessments & Remediation - Overview
7. How People Hack a Bank – Phishing
#1Attack vector that we see industry-
wide
11. Exercises
Tabletop
Exercises
Operational
Drills
Range
Simulations
Discussion-based events where
team members discuss their roles
and responses during significant
cyber disruptions
No-notice “hands-on-keyboard”
events where participants react to
seemingly real-world incidents by
utilizing current plans & capabilities
“Sandboxed” financial network
environment for JPMC Cyber “Blue”
defenders to assess ability to detect,
respond & recover from real-time
attacks by JPMC Red Team
Strengthening Resilience through Continuous Practice
12. DRIVERS OF SUCCESS FOR
Table Top Exercises (TTX):
• Senior Business Leader
Involvement
• Tailored Injects and Artifacts
• Market Simulation Tool
13. DRIVERS OF SUCCESS FOR
Operational Drills:
• No Notice Alerts on
Production Systems
• Use of Trusted Agents
• Multi-day Scenarios
14. Range Simulations
DRIVERS OF SUCCESS FOR
Range Simulations:
• Face to Face Interactions
• Tailored Network
Environments
• Cross Regional
Operational Assessments
• Red Team/Operations
Collaboration
15. What Are We Doing About Potential Cyber
Attacks?
17. Leading the Industry
DRIVING INDUSTRY COLLABORATION:
Financial Systemic Analysis &
Resilience Center (FSARC) will
deliver analysis and solutions that will
benefit the entire sector from the
smallest community institutions to the
largest commercial banks.