Security in payment transactions: making processes and technology secure
Further development of attack patterns as a challenge
16.05.2024 ONLINE
18.06.2024 in Zurich
02.10.2024 ONLINE
Special knowledge
1 day
EUR 1.650,- plus VAT.
Thomas Dirnbauer
Specialist
Security in payment transactions
Thomas Hackner
Managing Director
HACKNER Security Intelligence GmbH
Hannes Lorenz
Security Consultant
HACKNER Security Intelligence GmbH
Content
Payment security is a topic that is constantly evolving and has thus become one of the biggest challenges in corporate treasury. Companies are challenged to protect themselves against increasingly sophisticated attacks - media reports on spectacular attacks confirm that it pays for fraudsters to invest criminal energy in further developing the attacks.
Since we are constantly confronted with new fraud cases in our consulting projects, we always have an up-to-date overview of the latest attack patterns. Together with our long-standing IT security partner, Hackner Security Intelligence, we present these and present the best practices on processes and technology in payment transactions.
Main topics
Basics
- What are the tasks of the cash manager in the company?
- What are the minimum standards to be taken into account in the organizational structure & process organization?
- What are the differences in the accounting or treasury perspective? Which business management approaches do you need to understand?
- What are the requirements vis-à-vis banks?
- What are the current trends in cash management for large and small companies?
"Recognizing "social engineering
- "Phishing attacks" as the starting point of most attacks
- "Vishing" and "SMSishing" easier than ever before
- "Deepfakes" can eyes and ears be trusted?
- "Business Email Compromise" Becomes More Sophisticated
Understanding attack patterns
- "CEO Fraud" and its innumerable further developments
- "Payment diversion" when payment channels change
- "Fake invoice" when the wrong supplier comes forward
Consider technical aspects
- Mapping of separation of functions and dual control principle
- Dealing with administrator rights
- Securing the communication paths between systems
- Tamper-proof transmission of payment files
Close security gaps
- Avoidance of critical overlaps in tasks and rights
- Valid master data as the basis for secure processing
- Manual payments as a "necessary evil
- Special features of personnel payments
- Four-eyes principle and two-way validation - a must or additional effort?
Group of participants
Managers and employees from the finance and treasury departments who are involved in or responsible for the processing of payment transactions and are interested in increasing security.
Targets
After a presentation of the most important attack patterns, the payment transaction process is analyzed in terms of content and technology with regard to critical points and best practices are defined. Finally, participants take part in a demonstration of a practical attack and gain insight into the darknet.
Feedback from our customers
I thought it was good that the view of the attacker was also presented in detail. The practical examples from a process and technical perspective were also very good.
Do you have any questions?
Marc Baumgärtner
Seminar organization
Treasury Training
Other seminars
The new world of payment transactions
Organization and trends around payment transactions
SAP: Cash management and payment transactions
Increased efficiency and automation in S/4HANA
Cash pooling from a legal perspective
Tax and legal aspects of the use of cash pooling
Point-of-sale payments and e-commerce as success factors
Establish customer-oriented payment methods efficiently and with a secure future
Digitalization in Treasury
New technologies and system functionalities
Treasury Audit
Establish and review treasury management policies, guidelines and limit systems