Mondo Visione Worldwide Financial Markets Intelligence

FTSE Mondo Visione Exchanges Index:

CCData-468x60x2.jpg BT_Radianz_468x60_Jul23 FEAS 30th Anniversary Conference

From Our Man At The 31st Annual FIA Futures & Options Expo - Tom Groenfeldt: The Feds Play A Big Role In Cybersecurity

Date 06/11/2015

Ronald Reagan liked to say the most terrifying words in the English language are “I'm from the government and I'm here to help.”

For financial firms under a cyber attack, however, the federal government has significant valuable resources, said David Taylor, associate director of market oversight at the CFTC.

Perimeter defense alone is not enough to protect a firm, Taylor said. The consensus is that sooner or later everyone will be breached.

The U.S. Treasury contracted with the Institute of Defense Analysis to identify the most critical issues, he said.

“It wasn’t so much the confidentiality, but the integrity and availability. If the data is corrupted and incorrect, it becomes very hard to figure out where your positions are and how to start over.”

The Financial Services Information Sharing and Analysis Center (FS-ISAC) is the global financial industry's resource for cyber and physical threat intelligence analysis and sharing. It was created by and for members and operates as a member-owned non-profit entity. Taylor said it has 6,500 members, up 50 percent since 2013. It watches for cyber and physical threats and shares the information among members.

“We get information from members, anonymous sources, from private sector threat information feeds, government as well as open sources. From that we generate alerts and we can come up with best practices,. We develop more documentation on threats, and it all feeds into training, workshops and exercises.”

Legislation that has passed both houses of Congress but has yet to be adopted in final form, encourages financial services to share threat information such as signatures and IP addresses.

“Sooner or later,” Taylor said, “you will have a cyber intrusion, and the time to prepare for what to do when that happens is not when it happens, but before.”

Firms should develop a response plan and practice it so they will know what to do when an intrusion occurs.

Feds have capabilities that can be extremely useful in cyber, and they are willing to help, but they have to be asked. You can set that up ahead of time and customize it for what happens.”  

 

MV 120 X 600 Hard to Reach BT_Radianz_120x600_Jul23.jpg FEAS_2025_MondioVisione_120x600-banner