Primode

Primode
Primode

Contents
Contents

Overview 3-4 Insights & Surveys Overview 9

Primode- About us 5-6 Markets and Trends 10

Products and Services 7 SIS summary 11

Database Overview 8 SIS benefits 12

2
 Executive
Executive Summary-
Summary- Primode
Primode

Our Mission Statement

To be the trusted intelligence partner of Financial Services risk and security practitioners and managers; enabling them
to seek, assess and secure the right technology to deliver operational risk management goals

intense
intense focus
focus on
on Information
Information Security
Security in
in
Financial
Financial Services
Services

impartial,
impartial, professional
professional advice
advice and
and
consultancy
consultancy due
due to
to total
total vendor
vendor
independence
independence
regular
regular summits
summits and
and surveys
surveys to
to exchange
exchange
insights
insights from
from government,
government, academia
academia and
and
industry
industry

aa portal
portal to
to information
information on
on established
established &
&
new
new technologies
technologies world-wide
world-wide

3
 Executive
Executive Summary-
Summary- Security
Security Intelligence
Intelligence Services
Services Consultancy
Consultancy

what do we do?
we
we offer
offer best
best of
of breed
breed independent
independent information
information security
security consultancy
consultancy
and
and advice to Financial Services clients directly or
advice to Financial Services clients directly or via
via other
other
organisations.
organisations. we
we quickly
quickly assemble
assemble thethe relevant
relevant specialist
specialist (often
(often off-
off-
shore)
shore) team
team according
according to to each
each individual
individual project-
project- this
this lean
lean model
model
results
results in
in lower
lower costs
costs for
for the
the client
client what don’t we do?
our
our focus
focus isis on
on Information
Information Security
Security consultancy
consultancy in in Financial
Financial Services.
Services.
We
We dodo not
not widen
widen our
our scope
scope further
further than
than FS
FS clients,
clients, nor
nor to
to any
any
broader
broader technology
technology consultancy.
consultancy. implementations
implementations and and integrations
integrations
are
are also
also left
left to
to those
those who
who specialise
specialise in
in this
this area
area
the deliverable

aa confidential
confidential report/recommendation
report/recommendation delivered
delivered to
to an
an FS
FS client
client
directly
directly or
or via
via aa service
service organisation
organisation

example of deliverables
-- finding
finding aa specific
specific security
security technology
technology enabling
enabling aa business
business need
need
-- experimenting
experimenting withwith different
different tech
tech alternatives
alternatives before
before making
making aa decision
decision
-- outsourcing
outsourcing stalled
stalled in-house
in-house security
security projects
projects
-- performing
performing duedue diligence
diligence on on proposed
proposed technology
technology solutions
solutions
-- providing
providing advice
advice and
and guidance
guidance onon regulatory
regulatory issues
issues such
such as
as Basel
Basel II
II
-- security
security policy
policy and
and procedure
procedure writing
writing
ways to work together -- hardware
hardware and and software
software testing
testing

-SIS
-SIS fills
fills the
the gaps
gaps in
in your
your IT
IT department’s
department’s expertise
expertise and
and man
man power
power
-- SIS
SIS cancan provide
provide information
information security
security advice
advice to
to develop
develop your
your
business
business case
case in
in aa timely
timely fashion
fashion

4
 Primode-
Primode- about
about us
us

Client

* Nathalie Laumonier
Dr. Edward Klinger SIS Team Head of Market Research
CEO, UK HQ Dimitrios Petropoulos
Zenoki Pong Head of Research & Development
Hong Kong Emerson Tan
Jules Seshens Consultant
United States Paul Targett
Elli Streit Senior Consultant
Israel Operations

Shaffiq Din Nissim Bar-El

Deutsche Bank, Lloyds TSB, GSK Chairman, Comsec Group
Tim Ellis Avi Corfas
Active Voice, Storacall, Hughes Industry @Stake, FutureTense, Compaq
Advisors
Fred Horbeek Leaders Prof. David Reibstein
RaboBank Wharton Business School
John Weste Rene Schuster
VP, Gartner Group Global Head Consulting, HP

* The Client-dedicated “Security Intelligence Services” team is comprised of

resources from Operations, Advisors, and Industry Leaders 5
 Primode-
Primode- about
about us
us

Our products and services Our clients

Our supply side

6
 Products
Products and
and Services
Services

Insights
Insights &
& Surveys
Surveys
Database
Database AA quarterly
quarterly informal
informal peer
peer toto Security
Security Intelligence
Intelligence Services
Services
peer
peer discussion
discussion group
group
Comprehensive,
Comprehensive, global
global online
online (SIS)
(SIS)
promoting
promoting balanced insight into
balanced insight into
database
database of of Financial
Financial Services
Services key
key challenges
challenges andand priorities
priorities
security
security vendors
vendors && corporate
corporate while
while fostering
fostering cooperation
cooperation
intellectual property
intellectual property Primode
Primode SIS
SIS offers
offers unbiased,
unbiased,
across
across the
the Financial
Financial Services
Services independent
independent research
research andand due
due
community
community diligence of INFOSEC technologies
diligence of INFOSEC technologies
with
with no
no vendor
vendor affiliation.
affiliation. We
We
focus on resolving key business
focus on resolving key business
issues;
issues; presenting
presenting best-of-breed,
best-of-breed,
Summits
Summits strategically
strategically aligned
aligned solutions
solutions
discreetly
discreetly and when your
and when your
High
High profile
profile summits
summits bringing
bringing together
together industry,
industry, academia
academia and
and organisation
organisation requires
requires them
them
government
government leaders
leaders toto discuss
discuss security
security related
related challenges
challenges and
and
priorities
priorities of
of Financial
Financial Services
Services professionals
professionals

7
 Database
Database Overview
Overview

Comprehensive online database of Financial Services IT security vendors & corporate intellectual
property available to registered users and the SIS

Authentication
Authentication // Secure
Secure
FDE
FDE // Data
Data Protection
Protection Secure
Secure Network
Network Management
Management Security
Security Policy
Policy Management
Management
Transactions
Transactions

Network Administration & Security Service: Policy

Encryption / SSL Network Authentication
Protection Management

Privacy / Anti-Piracy Payment Security Hardware and Software Protection Access Control

Standards and Regulation

Database Security Digital Certificates Secure OS
Compliance

Web / email Security Tokens Backup and Recovery

Antivirus Biometrics Risk Assessment Tools

Internet / Web Application

Virtual Private Networks
Security

Wireless
Wireless Security
Security Management
Management Perimeter
Perimeter Security
Security Operational
Operational Integrity
Integrity

Vulnerability Assessment &

Wireless LAN Firewall DOS Tools
Scanning

Mobile Business Management Terminal Services Intrusion Detection Systems

Authentication

8
 Insights
Insights and
and Surveys
Surveys Overview
Overview

Q1 2003 Infosec Insight Forum

Primode’s Q1 2003 Insight Forum reveals numerous IT security challenges that practitioners and managers are
concerned in the Information Security environment. One of the issues discussed is Internal IT security; it is the major
pre-occupation of IT Security Managers whereas external issues are considered to be well covered. Additionally,
effective communication between the IT Security function and business units continues to be a major challenge. These
issues raise challenges for vendors to address as they approach banks

Q4 2002 Infosec Insight Forum

Primode’s Q4 2002 Insight Forum reveals a number of distinctive challenges facing financial service institutions. While
Members agree on a wide range of issues, there are also distinct and differing opinions

1. Identity Theft and Authentication, a growing concern for FS players. Customer interaction is migrating from in
person to remote access; this increases the risks of doing business with unauthorised parties

2. Wireless Banking is rapidly growing in emerging markets and in conjunction with the Internet

3. Application Layer Security – most banks do not think of locking down web applications and databases during
development and rely solely on infrastructure security

4. Security Information Management – requires useful information from the flood of raw data and alerts that
are generated by security devices

9
 Markets
Markets &
& Trends-
Trends- the
the hot
hot topics
topics

• Identity Theft – Fastest growing financial crime on the financial services industry and credit card fraud is driven by
Identity Theft, this is emerging as the second-biggest driver of card fraud after the loss or theft of a credit card

• Wireless Banking – is rapidly growing in emerging markets and in conjunction with the Internet

• Application Layer Security – most banks do not think of locking down web applications and databases during
development and rely solely on security infrastructure

• Security Information Management - requires useful information from the flood of raw data and alerts that are
generated by security devices

• Internal vs. external Security - 60%-80% are likely to be internal threats and 20% external. Since external
threats are difficult to control they tend to get publicised. Internal incidents are easier to keep under wraps and in any
event will probably be denied by the bank

• Cost Issues & ROI - proper investment in IT security is a must and that implementing higher level of security is
important; however, the cost issues need to be carefully managed and justified

• Cyber Crime - The percentage of fraudulent transactions on the web has remained steady for some time at about
one percent. While that seems low, it’s still 15 percent higher than fraud in the off-line world

• Rise in InfoSec Market and Regulations - Security regulations, such as the Gramm-Leach-Bliley Act, DPA, Straight
Through Processing, and Basel II require enterprises to balance practicalities vs compliance

10
 Security
Security Intelligence
Intelligence Services
Services (SIS)
(SIS) summary
summary

• What are Security Intelligence Services (SIS)?

- An intelligence service resolving tactical security-related business issues facing financial services clients
• What kinds of problems does SIS solve? Some examples:
- Finding a specific technology to enable a pressing business need;
- Experiment with different technology alternatives before making a decision;
- Outsource a stalled in-house market research project;
- Perform due diligence on a proposed technology solution;
- Provide advice and guidance on regulatory issues such as Basel II compliance
• How long is a project?
- A few days to several weeks depending on the nature of the work
• What is the deliverable?
- A confidential report/recommendation
• Who does the work?
- A dedicated SIS team of seasoned professionals tapping into our hub of industry, government, and academic
experts
• How much does it cost?
- Competitive, flexible rates
• Who uses SIS?
- Banks, insurance companies and all other financial services related entities
• Why should I use SIS?
- Low risk due to short term commitment- “in and out” team delivers results when you need them;
- Lower total cost compared to using in-house resources;
- Higher quality compared to using generalised research supermarkets;
- Unbiased compared to tied integrators and affiliated consultancies;
- Fast and meaningful results due to nimble, dedicated team and singular focus;
- Immediate and continuous access to top industry experts and database
11
 SIS
SIS benefits
benefits

independent
independent advice
advice

“in
“in and
and out”-
out”- there
there when
when you
you need
need us
us

leverages
leverages top
top industry
industry experts
experts

short
short term
term contract
contract

dedicated
dedicated team
team

12
 Contact
Contact

21,
21, upper
upper brook
brook street,
street,
mayfair,
mayfair, london,
london, uk.
uk. w1k
w1k 7py
7py

tt +44
+44 (0)
(0) 20
20 7629
7629 6297
6297
ff +44
+44 (0)
(0) 20
20 7629
7629 6298
6298

ee info@primode.com
info@primode.com

w
w www.primode.com
www.primode.com

13