Expanding Global Threat Data SharingFS-ISAC Ramps Up International Efforts
"Threats are increasing; they are global in nature," Nelson says. "Those who are launching attacks against U.S. firms are attacking global firms. The adversaries aren't distinguishing."
In the wake of distributed-denial-of-service attacks waged against leading U.S. banking institutions, FS-ISAC, the Financial Services Information Sharing and Analysis Center, is continuing to ramp up cross-bank and cross-border information sharing, Nelson says in an interview with Information Security Media Group.
FS-ISAC, which promotes information sharing among public and private sector entities with an interest in securing the financial services infrastructure, is expanding to Europe, where it has established a presence in London. And expansion into other international markets, including Asia, is a focus for this year, Nelson adds.
"We've made some inroads ... in Europe [where] there are some major banks that have all been attacked with DDoS attacks," he says. "We've been able to share information with them that helped. ... We are all in this together, and we need to protect the financial services sector," Nelson says.
When U.S. banking institutions were under DDoS siege in late 2012, FS-ISAC encouraged the U.S. financial-services industry to communicate and share information, often in real-time, about the new attack vectors as they were identified, Nelson says.
That industry collaboration helped banking institutions stave off online outages and adequately protect themselves, he adds.
"The valuable piece of it was, institutions, as they were being attacked, could report on what the attack looked like," he explains. "We pushed out information about the characteristics of the attacks, and provided information related to what was working and what was not working."
Through the formation of the DDoS Response Team, FS-ISAC began collecting attack details from banks that had been targeted. Soon, details about the attacks were being shared with banks outside the U.S. and organizations outside the financial services sector, Nelson says.
During this interview, Nelson discusses:
- FS-ISAC's information sharing model and how it has been affected by cross-border collaboration and sharing;
- How the global nature of cyber-attacks is becoming better understood among regulators and top-level banking executives;
- How the DDoS Response Toolkit, now in its fourth generation, has been used by institutions to mitigate DDoS risks.
Before joining the FS-ISAC, a non-profit association dedicated to protecting financial services firms from physical and cyber-attacks, Nelson was elected vice chairman of the ISAC Council, a group dedicated to sharing critical infrastructure information. From 1988 to 2006, he served as executive vice president of NACHA - The Electronic Payments Association. While at NACHA, Nelson oversaw the development of the ACH network into one of the largest electronic payment systems in the world. He also oversaw NACHA's rule-making, marketing, rules enforcement, education and government relations programs.