Generative AI (GenAI) is changing the cybersecurity landscape at a phenomenal pace, creating both new challenges and opportunities. As cyber attacks become increasingly sophisticated, preventing them requires information sharing. Ann Barron-DiCamillo, Managing Director and Global Head of Cyber Operations at Citi, talks about the difference between traditional attacks and AI-powered threats. Ann, also the current Chair of FS-ISAC's Board, discusses supply chain risks, the importance of information sharing and nurturing the cybersecurity talent pool.
Notes from our Discussion with Ann
(0:50) - GenAI in Cybersecurity
GenAI has helped accelerate time to market. The use of advanced technologies, especially in the financial sector, centers around acceleration. On the cybersecurity front, the opportunities are reversed. With acceleration, there’s a growing need to ensure we are not bypassing validation or losing control. There’s also the need to differentiate between traditional malware and AI-powered threats. ChatGPT has resulted in the merger between security tool capability and business logic, allowing security teams to reverse engineer the use of AI to find vulnerabilities quicker.
(4:51) - Threat Actors Using AI
95% of breaches begin with a phishing email and threat actors are adopting highly sophisticated phishing techniques. The emails no longer have obvious errors, making detection harder and they are combined with more sophisticated payload links. The threat actors pivot so quickly that your controls are unable to catch up before they move on to other things.
(6:18) - Threat Vectors in Focus
Geopolitical factors have infiltrated cybersecurity and hacktivists have become a key attack group.
(8:10) – Recommendations for Firms with Less Sophisticated Defense
Join and engage in a community like FS-ISAC. Information sharing helps institutions with less investment dollars get up to speed with the latest developments. It helps to close the gap between more sophisticated organizations and ones that are still evolving.
(10:13) – Supply Chain Risks
The Cyber Risk Institute (CRI) Profile incorporates the NIST Framework for considering third-party partners. It’s important to have a framework to evaluate third-party providers and elevate their security depending on their criticality to an organization’s operations. It helps if you are sharing information in a community like FS-ISAC because partners, stakeholders and vendors can have open discussions.
(14:39) – Bringing Partners on Board with Cybersecurity
Organizations like Citi must lead by example. There is the need for partners to provide visibility into the state of their network, security practices and control, without violating privacy or creating additional vulnerabilities. Vendors need to be part of the conversation because they have a lot of information. The partnership must be furthered to enhance awareness.
(16:53) – Citi’s Strategic Initiatives in Cybersecurity in the Financial Sector
Citi’s has a number of strategic initiatives, ranging from people strategy to being a threat focused, data-driven organization to providing seamless services to clients, stakeholders and colleagues. One of the focus areas is developing the pipeline of talent in cybersecurity. For this, Citi has scholarships and apprenticeship programs.
(20:27) – Stress and Burnout Among Senior Executives
Organizations must collectively think about how to empower delegation and build teams that can share the load. This helps senior executives have a better work-life balance. Leveraging a hybrid model can also keep senior talent in the industry longer.
(22:44) – Advice to Talent Aspiring for Senior Positions
It’s important to vocalize that you need work-life balance. This also empowers others to create space for their families while pursuing a stressful career. People can also attend events and create a network. It’s a great way to create opportunities for yourself. Embrace ambition.
(25:51) – Where is The Community Heading?
While communities may have a regional component, it does not mean they will not benefit from a global perspective, especially because cyber has no borders. FS-ISAC has created such communities and is well positioned to be a great source of information.
FinCyber Today is a podcast from FS-ISAC that covers the latest developments in cybersecurity, contemporary risks, financial sector resilience and threat intelligence.
Our host Elizabeth Heathfield leads wide-ranging discussions with cybersecurity leaders and experts around the world who bring practical ideas on how to confront cyber challenges in the financial sector, improve incident response protocols, and build operational resilience.
Amid the clutter and noise, FS-ISAC Insights is your go-to destination for clarity and perspectives on the future of finance, data, and cybersecurity from C-level executives worldwide.
© 2023 FS-ISAC, Inc. All rights reserved.
Ann Barron-DiCamillo is Managing Director, Global Head of Cybersecurity Operations at Citi. She is responsible for all cyber operations, including assessment, monitoring and detection, intelligence and incident response and recovery. She oversees...Read More
Vulnerability Assessments and Cloud Security Operations programs, the Cyber Security Fusion Centers, and the Security Operations Centers. As an experienced information security executive with over 20 years of extensive experience in operations and in the delivery of information security services, Ann has gained an excellent grasp of the cyber threat environment and a respected track record of assisting organizations in making balanced and informed risk decisions. Previous to her current role, Ann was Vice President in the technology organization at American Express. In that role, she oversaw cyber intelligence and incident response and was responsible for managing global cybersecurity operations and directing cyber threat intelligence, information security monitoring and security incident response. Previous to her time in the Financial Sector, Ann was the Director of the United States Computer Emergency Readiness Team (US-CERT) at the Department of Homeland Security (DHS). As Director of the US-CERT, she headed DHS’s efforts to improve the nation’s cybersecurity posture, coordinate cyber information sharing and proactively manage cyber risks. Her responsibilities included driving the US-CERT mission, overseeing the 24/7 operations center, analyzing and reducing cyber threats and vulnerabilities, disseminating cyber-threat warning information and supporting incident-response activities with government and critical industry partners. Prior to DHS, Ann held leadership positions with the Departments of Defense and Commerce and was a legislative aide to a former U.S. Congressman. Outside of government, Ann has experience working with system integration firms in software development and applications development. Additionally, Ann was an Adjunct Professor at the Kogod School of Business at American University, where she taught Cybersecurity, Risk Management & Governance at the graduate and undergraduate levels. She is a graduate of Baylor University and earned her Master of Science in Information Systems from American University. In 2016 she completed the Harvard University Kennedy School’s Senior Executive Fellows (SEF) program and has been a Certified Information Systems Security Professional (CISSP) since 2003.
Elizabeth is a storyteller at the intersection of technology and money. Layer in geopolitics and the criminal underworld and you get today's issues in cybersecurity for the global financial system. Crypto. Web...Read More
3.0. Quantum. AI. Ransomware. Privacy. Regulation. Zero-days. Supply chain attacks. Developing new and diverse talent. How to protect the future of money. These are the topics Elizabeth asks top executives and experts in the field about on FinCyber Today.