Last week’s announcement from the Financial Services Information Sharing and Analysis Center (FS-ISAC) that it is developing an automated way to spread threat intelligence among financial services organizations is the next step in helping to speed up defenses against cyberfraud.
FS-ISAC already does this but in a less-automated way. The thinking is that if one bank is hit by a cybercriminal in one detectable way, another bank could quickly set up a specific defense so that same cybercriminal would be thwarted.
ABA is a partner with FS-ISAC. “The problem we have now is that for so much of that information, we have a hard time to analyze it,” says Doug Johnson, ABA vice president and senior advisor for risk management policy, in an interview with Banking Exchange. “Being able to automate that analytical process is something that financial institutions allocated $3 million for. [Once it is set up] you will get information about threats in a standard format, and that standard format will ‘talk’ to your systems. And your systems, because they will be properly coded, can much more easily make a determination that this particular threat impacts this particular portion of your overall platform. That’s something that there’s a lot of energy around.”
Increasingly, the notion of sharing threat and defense information among financial institution peers, in a secure and trusting manner, is gaining traction as a means to bolster cyber protection. ABA, in fact, sponsors what it calls peer information sharing discussion groups covering fraud loss experiences from checks, ACH, cards, and ATM skimming.
Many other opportunities for sharing and receiving information about ongoing cybercriminal activities are available. The Federal Reserve Bank of Minneapolis offers an 11-page list of government agencies, trade associations, and private entities that offer some sort of information sharing of fraudulent or other illegal activities that may affect financial institutions. While the Bank does not officially endorse any of the listed organizations, it does provide links for more information.
In addition, some bank technology vendors provide opportunities to share threat information and experiences. Just two include:
• Trustwave—Last summer Trustwave established its Trustwave TrustKeeper Community, a moderated social network where small businesses can interact with peers, security experts, financial institutions, and other industry experts. ABA endorses Trustwave for its network security and data protection resources.
• Hewlett-Packard—HP just announced the development of its HP Threat Central, described as a collaborative security intelligence platform that enables community members to share threat data and analysis, providing real-time intelligence on the adversaries, attack vectors, methods, and motivations behind current threats.