.png?width=155&height=26&name=Logo%20(2).png "FS-ISAC Logo"){kind=small}
Along with many top executives from the financial sector, FS-ISAC CEO Steve Silberstein spoke at SWIFT’s Sibos conference, hosted this year in London. His talk focused on the past, present, and future of cybersecurity intelligence sharing. With cyber criminals growing ever more sophisticated, sharing intelligence and best practices have never been more vital. Nothing less than the security of the financial system is at stake.
Below are the key points of his talk.
An Army Of One Will Not Win the Cyber War
Why has one of the most competitive industries in the world - financial services - decided to unite forces and start sharing cybersecurity intelligence?
Because the challenge at hand is complex, borderless, and most importantly, has the power to erode trust in the global financial system.
It is genuinely impossible to win this war with just one: one individual, one institution, one country.
Intelligence Sharing Goes Way Back
Intelligence sharing is not new; in fact it’s been integral to the advancement of society throughout history.
For example, Copernicus discovered that the Earth and the rest of the known planets revolved around the Sun. Galileo took Copernicus' ideas to the next level with telescopic observations and then championed the truth, despite the controversy, charges of heresy, and a lifetime of house arrest.
Another example took place in Bletchley Park, the first modern cyber fusion center where women played a critical role. This intelligence sharing across borders helped the Allies break the codes needed to win World War II.
FS-ISAC: The First 20 Years
From launching our threat intelligence committee and monthly threat calls to establishing our trust model, the Traffic Light Protocol (TLP), in the early days of FS-ISAC we worked to bring a highly competitive industry together for the common good.
Then we went global, signing country level partnerships with Japan and the Netherlands, and opening offices in London and Singapore.
Later, we created subsidiaries like FS-ARC and Sheltered Harbor, and built bridges with government and regulators, including the CERES Forum and our recent MOU with Europol.
All this has meant that when faced with a global threat like NotPetya, the industry turned to us to learn more. We convened 3000 members on one call, which helped clarify doubts and determine the appropriate course of action for institutions around the world.
Global Growth
To reach this scale, as an industry we had to overcome competitive, geographical and cultural barriers like never before. Since its opening in 2017, our London hub supports members in more than 30 countries.
Our Singapore hub supports 15 countries in the Asia Pacific region. Since its opening, we've hosted 40 member meetings in the region.
In the last two years, attendance of our signature CAPS exercise has increased 40% in Europe and Asia Pacific.
Expanding our Definition of Sharing
As the sector has matured, sharing has evolved to span the full lifecycle of cybersecurity, far beyond just after-the-fact reporting. From security design and architecture to threats and vulnerabilities to best practices and exercises, the sector now cooperates to make strong cybersecurity an organizational lifestyle, integral to the way the sector does business.
New technologies like ultra-secure messaging, machine to machine interfaces for better speed, and focused communities of interest to conduct cyber exercises support the mission.
The Professionalization of Cyber Crime
However, as the industry matures, so too are criminals professionalizing their craft.
We have software as a service, they have “cyber-attacks-as-a-service.” We use AI for identity and access management, they use it for voice and image construction, taking identity theft to the next level.
The dark web is their Amazon and bitcoin is their currency.
Extremely nimble and organized, they share as needed, across geographies and channels, to orchestrate complex attacks spanning multiple jurisdictions.
The Answer: #DareToShare
The only way to stay ahead of the criminals is to share more, and share smarter. So FS-ISAC is building out our peer-to-peer network with a multi-channel model.
We enable digital and in-person sharing. We know face time is key to building trust, so we hold community events to help the sector develop the kind of relationships that can effectively make the industry stronger and more agile.
We need that trusted network to be able to hone in on new and evolving threats, to act quickly and ably as a sector, to maintain our customers trust in us and in the financial system as a whole.
We need every institution around the world to join us, to protect the global economy and maintain the trust.
Because an an army of one will not win the cyber war.
Will you #DareToShare?
