وبلاگ بلیان

Understanding Cybersecurity Management in FinTech: Challenges, Strategies, and Trends (Future of Business and Finance)

معرفی کتاب «Understanding Cybersecurity Management in FinTech: Challenges, Strategies, and Trends (Future of Business and Finance)» نوشتهٔ Gurdip Kaur; Ziba Habibi Lashkari; Arash Habibi Lashkari، منتشرشده توسط نشر Springer International Publishing : Imprint: Springer در سال 2021. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.

This book uncovers the idea of understanding cybersecurity management in FinTech. It commences with introducing fundamentals of FinTech and cybersecurity to readers. It emphasizes on the importance of cybersecurity for financial institutions by illustrating recent cyber breaches, attacks, and financial losses. The book delves into understanding cyber threats and adversaries who can exploit those threats. It advances with cybersecurity threat, vulnerability, and risk management in FinTech. The book helps readers understand cyber threat landscape comprising different threat categories that can exploit different types of vulnerabilties identified in FinTech. It puts forward prominent threat modelling strategies by focusing on attackers, assets, and software and addresses the challenges in managing cyber risks in FinTech. The authors discuss detailed cybersecurity policies and strategies that can be used to secure financial institutions and provide recommendations to secure financial institutions from cyber-attacks. Understanding Cybersecurity Management in FinTech Preface Contents About the Authors 1: Introduction to FinTech and Importance Objects 1.1 Introduction to Financial Technology 1.2 Importance of FinTech 1.3 Big Data and Financial Technology 1.4 Impact of FinTech on Global Economy 1.5 FinTech and Banking 1.6 FinTech and Online Banking 1.7 FinTech Evolution 1.8 FinTech Ecosystem 1.9 FinTech Applications 1.10 Chapter Summary References 2: Introduction to Cybersecurity 2.1 What Is Cybersecurity? 2.2 Motivation 2.3 The CIAAA Principle 2.4 Cybersecurity Threats 2.5 Cybersecurity Attacks 2.6 Cybersecurity Analysis 2.7 Why Cybersecurity Matters 2.8 Data Science and Important Data Breachers 2.8.1 Important Data Breaches 2.9 The NSA Triad for Security Assessment 2.10 Data-Centric Security Management 2.10.1 Data-Centric Security Cycle 2.10.2 Characteristics of Data-Centric Security Management 2.10.3 Problems with Data-Centric Security Management 2.11 Chapter Summary References 3: Information Security Governance in FinTech 3.1 What Is Information Security Governance? 3.2 Security Governance Solution 3.2.1 Security Governance Profiling 3.2.2 Security Policies and Standards 3.2.3 Security Strategic Planning 3.2.4 Security Roles and Responsibilities 3.2.5 Security Governance of Assets 3.2.6 Governance Structure Appropriate to the Organization 3.2.7 Third Parties and Suppliers 3.2.8 Information Security Governance Assessment Tools 3.3 Available Information Security Governance Models 3.3.1 Basic Information Security Governance Model 3.3.2 Extended Information Security Governance Model 3.3.3 Comprehensive Information Security Governance Model 3.4 What Is Effective and Efficient Information Security Governance? 3.5 Integrated Governance Mechanisms 3.5.1 The Role of Governance 3.5.2 Corporate Governance 3.5.3 Principles of Good Governance 3.5.4 Principles of Undertaking Governance Review 3.6 Comprehensive Security Governance 3.6.1 Strategic Integration 3.6.2 Cyber Risk Mitigation Approach 3.6.3 Adaptability and Agility 3.6.4 Reporting Framework for Good Governance 3.7 Effectively Implementing a Sustainable Strategy 3.8 Integrated Governance Framework 3.9 The Integrated Framework Assessment 3.9.1 Governance Structure 3.9.2 Management Structure 3.9.3 Operations/Infrastructure 3.9.4 Compensation/Funds Flow 3.10 A General Information Security Governance Model for FinTech 3.11 Chapter Summary References 4: Cybersecurity Threats in FinTech 4.1 Understanding Cybersecurity Threats 4.2 Understanding the Adversary 4.3 Threat Categories for FinTech 4.4 Threat Actors 4.5 Threat Intelligence 4.6 Structural Approach to FinTech Threat Modeling 4.6.1 Focusing on Assets 4.6.2 Focusing on Attackers 4.6.3 Focusing on Software 4.7 Threat Modeling 4.8 The Best Threat Modeling Methodology for FinTech 4.8.1 STRIDE 4.8.2 Trike 4.8.3 VAST 4.8.4 PASTA 4.9 Chapter Summary References 5: Cybersecurity Vulnerabilities in FinTech 5.1 General Cybersecurity Vulnerabilities in FinTech 5.2 Specific Cybersecurity Vulnerabilities in FinTech 5.2.1 Technology Vulnerabilities 5.2.2 Human Vulnerabilities 5.2.3 Transaction Vulnerabilities 5.3 Assessing the FinTech Cybersecurity Vulnerabilities 5.4 General Policies to Mitigate FinTech Cybersecurity Vulnerabilities 5.5 Chapter Summary References 6: Cybersecurity Risk in FinTech 6.1 What Is Risk? 6.2 What Is the Cybersecurity Risk? 6.3 Cybersecurity Risk Lifecycle 6.4 Risk Assessment 6.5 Risk Analysis 6.5.1 Procedure 6.5.2 Strategies 6.5.3 Models 6.6 Risk Mitigation 6.7 Risk Monitoring and Review 6.8 Challenges in FinTech Risk Management 6.9 Dealing with Uncertainty in FinTech 6.10 Kinds of Uncertainty 6.11 Reducing Uncertainty 6.12 Handling Uncertainty for FinTech Cybersecurity Risk 6.13 Chapter Summary References 7: Secure Financial Market Infrastructures (S/FMI) 7.1 What Is FMI? 7.1.1 Payment Systems 7.1.2 Central Securities Depositories 7.1.3 Securities Settlement Systems 7.1.4 Central Counterparties 7.1.5 Trade Repositories 7.2 Vulnerability of the Systemically Important Payment Systems (SIPS) 7.3 Cybersecurity Issues of Central Counterparties (CCPs) 7.4 Securities Settlement Facilities (SSFs) 7.5 Available Security Mechanisms 7.5.1 X.800 Security Services 7.5.1.1 Specific Security Mechanisms 7.5.1.2 Pervasive Security Mechanisms 7.5.2 NIST 7.6 Security of Various Components in FMI 7.6.1 Financial Risks 7.6.2 Security Objective of each FMI Component 7.7 Chapter Summary References 8: Cybersecurity Policy and Strategy Management in FinTech 8.1 Access Control 8.2 Authentication Systems 8.3 Remote Access Control 8.4 Policy and Strategy 8.5 Prevention and Preparedness 8.6 FinTech Policy and Prevention 8.6.1 Establishing and Using Firewall 8.6.2 Installing and Using Antivirus 8.6.3 Removing Unnecessary Software 8.6.4 Disabling Nonessential Services 8.6.5 Securing Web Browsers 8.6.6 Applying Updates and Patches 8.6.7 Requiring a Strong Password 8.6.8 Visitors and BYOD 8.7 Resilience Policy 8.8 Chapter Summary References 9: Designing Cybersecure Framework for FinTech 9.1 General Cybersecurity Framework 9.1.1 Determining Scope of Information Technology 9.1.2 Determining the Value of Information and Assets 9.1.3 Defining the Cybersecurity Threat Level 9.1.4 Personnel Screening and the Insider Threat 9.1.5 Cybersecurity Awareness and Training 9.2 Available Standard Frameworks 9.2.1 NIST CSF 9.2.1.1 Identify 9.2.1.2 Protect 9.2.1.3 Detect 9.2.1.4 Respond 9.2.1.5 Recover 9.2.2 FFIEC 9.2.2.1 Inherent Risk Profile 9.2.2.2 Cybersecurity Maturity 9.2.3 CPMI-IOSCO 9.2.4 ECB-CROE 9.2.5 FSSCC Cybersecurity Profile 9.2.6 Center for Internet Security (CIS): CIS 20 Controls 9.3 Chapter Summary References 10: Conclusion
دانلود کتاب Understanding Cybersecurity Management in FinTech: Challenges, Strategies, and Trends (Future of Business and Finance)