Cyber Bank Heists: How they happen and what to do to protect against them

July 17, 2018 @ 11:00 EST/16:00 BST | Duration: 30 minutes

The “Bangladesh Bank cyber heist” – which saw $80m disappear from the Bangladesh Bank - is unique in a number of ways. Two years on, the technical complexities and organisational response to this hack continue to provide invaluable lessons for how companies can and must improve their cybersecurity strategies.

By examining the intricacies of both sides of this story, this webinar will cover 3 key observations and the lessons that follow for how organisations can protect themselves in the future. We will consider the attacker Tactics, Techniques, and Procedures (TTPs) and the victim’s initial response upon becoming aware they were the target of a sophisticated attacker.

In this session you will learn:

  • How the malware used was able to circumvent controls and send fraudulent SWIFT messages.
  • How the various stakeholders communicated in the crucial period immediately following incident identification.
  • Key lessons taken from the breach on how organisations can better protect themselves in the future.


Roger Francis
Vice President, Stroz Friedberg, an Aon company

Roger Francis is a Vice President at Stroz Friedberg, based out of the London office. He leads the EMEA Security Advisory practice, working with clients to assess, design, implement, and improve their cybersecurity organisational maturity. He is a seasoned cybersecurity executive with more than 14 years’ of hands-on security consulting experience helping clients protect organisational assets from advanced cyber threats.

Justin Clarke-Salt (moderator)
Co-Founder, Gotham Digital Science & Managing Director, Stroz Friedberg, an Aon company

Justin has over 19 years of risk management, security consulting and security testing experience in the United Kingdom, the United States, and New Zealand. He is the author of several books, a frequent speaker at a number of security conferences and events, and heavily involved in industry groups, including OWASP, for which he was the London chapter leader for seven years before stepping down in early 2016.