Cybersecurity

At JPMorgan Chase, threat detection takes the wide view

“Oftentimes, there’s a blended line between what is a state actor and what is a criminal actor,” CISO Pat Opet tells IT Brew.
article cover

JPMorgan Chase

· 3 min read

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

Banking cybersecurity needs an international point of view, and that includes sharing information both within and beyond the sector.

That’s the philosophy behind how JPMorgan Chase CISO Pat Opet approaches his job.

“We believe very much in sharing necessary intelligence across the community, so that all organizations, particularly those in financial services, who are our peer group, can benefit,” Opet told IT Brew.

The bank security veteran began his career at Lockheed Martin in 2005 before joining JPMorgan nine years later, where he first worked to help define strategy and improve cyber defense capabilities. He ran the banking company’s security engineering team until taking over the CISO position in June 2021.

Global development. The lessons Opet learned at Lockheed, specifically those relating to nation state actors, are helping him strategize for the needs of a large financial institution.

Cyber training at Lockheed focused on countering the development of hacking capabilities that nation state adversaries were investing in. Opet’s job at Lockheed was “to help organizations respond and prepare themselves to defend their organization for a more complex cyber ecosystem,” he said.

By the nature of its size and importance, JPMorgan is a component of the nation’s critical infrastructure and a component of the global financial market as a whole, he said. That makes it the kind of private sector key infrastructure that criminal actors and nation state adversaries alike will want to target.

“Oftentimes, there’s a blended line between what is a state actor and what is a criminal actor,” Opet said. “And as we continue to go forward in a geopolitical atmosphere that’s very destabilizing, I think you’ll see more entrance from nation state actors into the critical infrastructure sectors.”

How-to guide. In his time defending against attackers, Opet has learned a number of lessons on what to do and when. He shared some of the strategies and techniques he’s deployed over the years with IT Brew. Perhaps unsurprisingly as a cybersecurity head, the JPMorgan CISO focused on prevention and defense.

“Whether you’re talking about something with AI, or whether you’re talking about traditional cybersecurity activity—fixing vulnerabilities, explicitly those that are on the perimeter network, or understanding how well the network is defended, using multi-factor authentication—a lot of the basics still come into play,” Opet said.

Failures in these areas, Opet continued, are often to blame for attacks. And as security teams close the gaps, threat actors are moving forward with new tactics that aim to use social engineering and other creative attack techniques to break into systems, “whether it’s the social engineering of help desks, or whether it’s abusing modern forms of MFA to provide push to authorize functions.”

“So as a community, it’s just important that we continue to understand some of the core basics and strengthen those,” Opet said. “As organizations grow in sophistication, we certainly put a lot of prioritization into, I'll say, both threat intelligence and red teaming—for us threat intelligence is kind of the core foundation of our program.”

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.