CYBERSECURITY 2016: PREPARING FOR THE FUTURE MONEY MANAGEMENT INSTITUTE NETMEETING JANUARY 20, 2016

ADVANCING THE FUTURE OF INVESTMENT ADVISORY SOLUTIONS 2

Upcoming MMI Events

2015

2016 Sales & Marketing Leadership Summit February 17-18, 2016 | Palm Beach, FL Eau Palm Beach 2016 Annual Convention April 20-21, 2016 | Washington, DC Marriott Marquis

Panelists

Mark Connelly, Chief Information Security Officer

Vince Skinner, Vice President of Security

Ernie Smith, Vice President, Technology

Matt Steel, Vice President, Information Security

Cybercriminals Did Not Rest During 2015… It’s been a watershed year for cybercrime - 2015 US State of Cybercrime Survey

Financial services encounters security incidents 300 percent more frequently than other industries - 2015 Industry Drill Down Report

…and the Reactions Were Varied

Increased Concern Over Cybercrime in 2016

69% 2014

87% 2015

18th Annual Global CEO Survey 2015

59% 2014

76% 2015

2015 US State of Cybercrime Survey

The Principal Threats Institutions are Facing and their Sources

Sources: PWC, 2015 US State of Cybercrime Survey RSA, Cybercrime 2015, An Inside Look at the Changing Threat Landscape

The cybercrime-as-a-service marketplace continues to mature

Mobile provides a larger attack surface

Cybercriminals seek more bang for the buck and increase large-scale retail & financial attacks

Threats continue to grow more targeted and more advanced

Risk Assessment and Mitigation Strategies

“The bad guys are smart, well equipped, and determined. There’s no reason that the good guys can’t be the

same.” - Mandiant

Trends in Threat Detection • Intelligence-driven security approaches which can

operate in mobile and cloud environments

• Greater use of behavioral analytics

• Smart device capabilities

Source: RSA, Cybercrime 2015, An Inside Look at the Changing Threat Landscape

Developing a Recovery Plan to Minimize Damage in the Event of a Breach

FS-ISAC Recommendations • Use well documented recovery plans to begin the process of

restoring systems and networks • Utilize multiple backups that have been maintained

separately and restore data to alternate system • Use snapshots of storage to minimize data loss and plan for

other ways to record transactions that have occurred during the incident

• Consider a Bare Metal Rebuild in the event of a catastrophic event

• Document all procedures, maintaining forensics in order to share threat indicators with industry and government partners

Source: FS-ISAC, Best Practices for US Financial Institutions, 2015

Questions & Answers

REUTERS/Russell Cheynelivepic

REUTERS/Randall Hill

Speed Round

REUTERS

ADVANCING THE FUTURE OF INVESTMENT ADVISORY SOLUTIONS 13

Upcoming MMI Events

2015

2016 Sales & Marketing Leadership Summit February 17-18, 2016 | Palm Beach, FL Eau Palm Beach 2016 Annual Convention April 20-21, 2016 | Washington, DC Marriott Marquis