Mon, Jan 22, 2018
A A A
Welcome Guest
Free Trial RSS
Get FREE trial access to our award winning publications
Industry Updates

DTCC calls for increased public-private information sharing to protect capital markets from cyber attacks

Monday, June 04, 2012
Opalesque Industry Update: DTCC testified before a Congressional subcommittee that federal agencies and the financial sector must expand information sharing on cyber-threats to more effectively protect the capital markets from attack. DTCC also called for restarting the Government Information Sharing Framework (GISF), a successful but now-defunct pilot program that targeted cyber espionage as part of this information sharing effort.

Mark Clancy, DTCC Managing Director and Corporate Information Security Officer, told the House Capital Markets and Government Sponsored Enterprises Subcommittee during a June 1 hearing entitled “Cyber Threats to Capital Markets and Corporate Accounts” that the termination of the GISF program in 2011 eliminated a critical source of threat data and analysis for the financial sector.

“While financial institutions have robust information security programs in place to protect their systems from cyber threats, they are not foolproof,” Clancy said. “A critical resource the industry relies upon to help safeguard the system is information sharing between federal agencies and the financial sector. DTCC strongly supports restarting the GISF program, removing its pilot status and expanding its reach within the financial sector to ensure that all resources are working in concert to protect and defend the capital markets from cyber-attack.”

The GISF program commenced in 2010 as a collaboration between the Department of Defense (DoD), the Department of Homeland Security (DHS) and The Financial Services–Information Sharing and Analysis Center (FS-ISAC), the primary group for information sharing between the federal government and the financial sector. It allowed for the sharing of advanced threat and attack data between the federal government and 16 financial services firms that were deemed capable of protecting highly sensitive information. The program was expanded over time to include the sharing of classified technical and analytical data on threat identification and mitigation techniques.

The DoD in effect terminated the GISF program in December 2011, and information sharing through DHS, which was expected to continue, also ceased that month. Since the termination of GISF, several organizations in the financial sector have experienced threat activity from actors first identified to the industry through GISF reporting. A recent FS-ISAC assessment found that these threats will continue to increase in the years ahead.

Clancy credited the GISF program with enhancing the financial sector’s:

  • Access to actionable information to search for similar threat activity in their own networks,
  • Access to contextual information to better understand risk implications of various threats,
  • Ability to adjust assessments of cyber espionage using quantifiable information that had previously been unavailable, and
  • Understanding of the need to develop standards to support the automation of sharing and consuming threat data.

“Information sharing like that which occurred under the program represents the most critical line of defense in managing and mitigating cyber risk today,” Clancy said. “GISF drove innovative new initiatives in the industry and helped reshape the sector’s approach to assessing cyber espionage risks while prompting pilot firms, including DTCC, to revise best practices for managing threat information. It also spurred financial institutions to make significant additional investments in threat mitigation and detection capabilities that otherwise could not have been easily justified due the lack of understanding of the risk to the sector.”

Clancy added that while GISF was successful in many aspects, it should be expanded to include a broader group of financial institutions because the pilot program’s reach and impact were too limited and did not scale to the depth and breadth of the sector.

“Information sharing today occurs at human speed while cyber-threats occur at wire speed,” Clancy said. “Now more than ever, an investment in standards, protocols and methods for the industry to rapidly share and consume threat and observable data is needed.”

DTCC

Press Release

BM

What do you think?

   Use "anonymous" as my name    |   Alert me via email on new comments   |   
Today's Exclusives Today's Other Voices More Exclusives
Previous Opalesque Exclusives                                  
More Other Voices
Previous Other Voices                                               
Access Alternative Market Briefing

 



  • Top Forwarded
  • Top Tracked
  • Top Searched
  1. U.S. economy, inflation and alternative investments to dominate 2018 markets, says family office Wilmington Trust[more]

    Komfie Manalo, Opalesque Asia: The emergence of a late-cycle economy in the U.S., the mystery of inflation and growth from a domestic and global perspective, and the potential for alternative investments to prosper against a backdrop of rich valuations, low yields, and higher volatility are the t

  2. Performance - Some hedge funds deliver double-digit gains for 2017, Brevan Howard's hedge fund suffers biggest annual loss in 2017, Crispin Odey's flagship hedge fund plummeted about 20% in 2017, Profits fall 90% at ex-Morgan Stanley banker's hedge fund, Fannie-Freddie overhaul might mint hedge fund riches, losses[more]

    Some hedge funds deliver double-digit gains for 2017 From Reuters/Investing.com: A handful of hedge funds ended 2017 with double digit returns, their investors said, at a time the $3 trillion industry took in fresh money and posted its best returns in years, industry data show. Act

  3. Investing - Hedge funds start 2018 with record $19 billion bet on the euro, Hedge fund Kora Management invests in Satin Creditcare[more]

    Hedge funds start 2018 with record $19 billion bet on the euro From Reuters.com: Hedge funds have kicked off 2018 with their biggest bet ever on the euro rising, a clear vote of confidence in the single currency but, with positioning so stretched, one which could backfire in the near ter

  4. News Briefs - Mobius to retire from Franklin Templeton, Authorities decrypt smart phone of Princeton grad charged with killing Manhattan hedge fund dad, Investigators seize (more) antiques from hedge-fund billionaire Michael Steinhardt's collection[more]

    Mobius to retire from Franklin Templeton Emerging markets pioneer Mark Mobius will be stepping down as executive chairman of the Templeton Emerging Markets Group (TEMG) and formally retire from Franklin Templeton on 31 January. He will also be relinquishing his post as portfolio manager

  5. Comment - Seeding arrangements: Structure, approach, and the current market[more]

    From international law firm K&L Gates: Private fund growth has exploded over the last several years. While some areas are hotter than others, overall the industry has seen substantial growth. Existing managers have been able to launch larger funds and new managers have been able to successfully ente