Risk
3/21/2011
04:00 PM
Connect Directly
LinkedIn
Google+
Twitter
RSS
E-Mail
50%
50%

How Wall Street Works With The Feds

Banks and other financial firms learn to share sensitive cybersecurity information with federal agencies.

For the most part, the relationship between the federal government and financial services industry isn't one built on mutual trust. The government has been criticized for being too hands-off, even permissive, but it's hardly a close-knit partnership.

When it comes to cybersecurity, however, the dynamic is different. Financial services companies are sharing information about sensitive IT security issues with the government, and federal agencies are sharing data and intelligence on cybersecurity threats with banks, brokerage firms, and other Wall Street institutions.

The broker of this public-private exchange is the Financial Services Information Sharing and Analysis Center (FS-ISAC). Created in 1999 after a presidential directive called for information sharing between the feds and the private sector, FS-ISAC has a security operations center and a Web portal that its members use to monitor computer threat feeds from a variety of commercial and government sources.

FS-ISAC members use the portal to submit details on cyberattacks they have experienced, including how the attacks were detected and their companies responded. Submissions to the portal, for example, might provide the IP addresses associated with the source of attempted intrusions, and they often center on topics such as fraud activity and malware analysis. This information is shared within the industry, as well as with the Treasury Department, FBI, Secret Service, and Department of Homeland Security.

FS-ISAC isn't a government entity, nor is it overseen by a federal agency. It's a nonprofit owned by its private-sector member companies and run by a board of directors drawn from its membership.

The Web portal serves as a clearinghouse of information such as alerts and bulletins from US-CERT and the Homeland Security and threat feeds from security vendors such as VeriSign. FS-ISAC also uses it to send bulletins with best practices and other information to members.

The portal can be customized to present the alerts and advisories of most interest to members. Dan DeWaal, first VP and chief security officer with Options Clearing Corp. (OCC), the world's largest equity derivatives clearinghouse and a founding member of FS-ISAC, says his information security team monitors threats and system vulnerabilities, while his business continuity team examines feeds that deal with physical and operational issues.

Previous
1 of 3
Next
Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7896
Published: 2015-03-03
Multiple cross-site scripting (XSS) vulnerabilities in HP XP P9000 Command View Advanced Edition Software Online Help, as used in HP Device Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Tiered Storage Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Replication Manager 6.x and 7.x before ...

CVE-2014-9283
Published: 2015-03-03
The BestWebSoft Captcha plugin before 4.0.7 for WordPress allows remote attackers to bypass the CAPTCHA protection mechanism and obtain administrative access via unspecified vectors.

CVE-2014-9683
Published: 2015-03-03
Off-by-one error in the ecryptfs_decode_from_filename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux kernel before 3.18.2 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted filename.

CVE-2015-0656
Published: 2015-03-03
Cross-site scripting (XSS) vulnerability in the login page in Cisco Network Analysis Module (NAM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCum81269.

CVE-2015-0890
Published: 2015-03-03
The BestWebSoft Google Captcha (aka reCAPTCHA) plugin before 1.13 for WordPress allows remote attackers to bypass the CAPTCHA protection mechanism and obtain administrative access via unspecified vectors.

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.