FS-ISAC And DTCC Announce Soltra, A Strategic Partnership To Improve Cyber Security Capabilities And Resilience Of Critical Infrastructure Organizations Worldwide

PRESS RELEASE

New York and Reston, VA – SEPTEMBER 24, 2014 -- The Financial Services Information Sharing and Analysis Center (FS-ISAC), an organization focused on sharing critical cyber security threat information worldwide, and The Depository Trust & Clearing Corporation (DTCC), the premier post-trade market infrastructure for the global financial services industry, today announced the formation of a strategic joint venture to develop and market automation solutions that advance cyber security capabilities and the resilience of critical infrastructure organizations, including financial services firms and others worldwide.

The joint venture, named Soltra(TM), has been established to deliver software automation and services that collect, distill and speed the transfer of threat intelligence from a myriad of sources to help safeguard against cyber attacks. Soltra leverages FS-ISAC’s 14 years of information-sharing and analysis for critical infrastructure as well as DTCC’s expertise in high-scale, high-reliability, critical infrastructure for data processing. A true cross-industry initiative, over 125 FS-ISAC members and representatives from other critical sectors, government entities and the private sector contributed to the requirements, architecture and design of Soltra’s automation software, the Soltra Edge(TM) solution.

Soltra to Create Solution To Deliver Actionable Intelligence

Named after one of the best-known medieval beacon fire networks in Europe that warned of invaders, Soltra Edge will connect and streamline the flow of threat intelligence between communities, people, and devices by processing large amounts of threat data, improving efficiencies and enabling immediate action to counter the threat and mitigate risk.  Soltra Edge is currently being tested by users and will be generally available in late 2014.

The solution has been designed to scale to support thousands of organizations and distill large amounts of data into actionable intelligence that is easy to understand and use. It leverages open standards including Structured Threat Information eXpression (STIX™) and Trusted Automated eXchange of Indicator Information (TAXII™). The solution will include the platform, infrastructure and ecosystem to help individual organizations of all sizes, other Information Sharing and Analysis Centers (ISACs), Computer Emergency Response Teams (CERTs), industry bodies and private sector vendors to come together to streamline threat information sharing using STIX and TAXII.

“Today, most cyber threat information is provided manually to users from various, unconnected industry sources. Because of this, on average, it can take firms seven hours to evaluate each threat,” states Mark Clancy, CEO of Soltra, CISO of DTCC and Board Member of FS-ISAC. “With Soltra Edge, one organization’s incident becomes everyone’s defense. The solution will enable clients to send, receive, and store cyber security threat intelligence in a streamlined and automated format, enabling these firms to deploy safeguards against a potential cyber attack.”

“As a joint venture, Soltra has assembled a world-class team and support from some of the most respected companies in the world in order to architect and build a solution for tomorrow’s information sharing,” says Bill Nelson, president of Soltra and president and CEO of FS-ISAC. “Today’s threat intelligence sharing must occur at network speeds. It needs to reduce the workload for security analysts and for smaller organizations. It needs to be available for all critical sectors in order to share information within each sector and also cross-sector to increase resiliency from cyber threats.”

“We believe that combating cyber threats requires partnering across companies and industries—that we are all in this together,” said Sean Franklin, Vice President of Cyber Intelligence, American Express Company and Board Member of FS-ISAC.  “Automating the exchange of threat information will play a vital role in creating a robust community defense strategy that benefits participating members.”

About DTCC

With over 40 years of experience, DTCC is the premier post-trade market infrastructure for the global financial services industry. From operating facilities, data centers and offices in 15 countries, DTCC, through its subsidiaries, automates, centralizes, and standardizes the post-trade processing of financial transactions, mitigating risk, increasing transparency and driving efficiency for thousands of broker/dealers, custodian banks and asset managers worldwide. User owned and industry governed, the firm simplifies the complexities of clearing, settlement, asset servicing, data management and information services across asset classes, bringing increased security and soundness to the financial markets. In 2013, DTCC’s subsidiaries processed securities transactions valued at approximately US$1.6 quadrillion. Its depository provides custody and asset servicing for securities issues from 139 countries and territories valued at US$43 trillion. DTCC’s global trade repository processes tens of millions of submissions per week. To learn more, please visit dtcc.com, or follow us on Twitter: @The_DTCC

About FS-ISAC

The Financial Services Information Sharing and Analysis Center, formed in 1999, is a member-owned non-profit and private financial sector initiative. It was designed and developed by its member institutions. Its primary function is to share timely, relevant and actionable physical and cyber security threat and incident information to enhance the ability of the financial services sector to prepare for, respond to, and mitigate the risk associated with these threats. Constantly gathering reliable and timely information between its members, and from financial services providers, commercial security firms, government agencies, law enforcement and other trusted resources, the FS-ISAC is uniquely positioned to quickly disseminate physical and cyber threat alerts and other critical information. This information includes analysis and recommended solutions from leading industry experts. Please visit our website (www.fsisac.com) for additional information.

# # #