Cyber-threat Sharing Forum fosters open dialogue, non-competitive environment
Financial services organizations share information to thwart cybercrime
The financial services sector is among the most targeted industries in the globe for cybercrime. According to the 2017 IBM X-Force Threat Intelligence Index, the financial industry was attacked more than any other industry last year.
For financial organizations to successfully protect themselves, we recognized cybersecurity had to be an area of strong collaboration across the industry. If a competitor is attacked, there will be ripple effects felt across the entire industry—labels get applied with a broad brush.
That’s why in 2014 the Boston Fed initiated a threat-sharing forum for small- and medium-sized depository institutions, whereby organizations convene biweekly to collectively share information about emerging cyber-threats, solutions, and best practices.
The forum is an environment in which bank executives and technical staff can collectively focus on timely cyber-threats and impactful best practices. The program is not part of the Fed’s supervisory oversight responsibilities; rather, it is a confidential forum in which observations and ideas can be freely exchanged among peer organizations, through the protection afforded by a non-disclosure and participation agreement. Each convening includes a cyber-threat update, an external speaker focused on information security, and best practice and general roundtable discussions.
Today, the forum has over 100 participants from more than 60 small and medium-sized banks from across New England. Participants report faster reaction times during cyber incidents, more proactive risk management, and improved resource management. The trusted peer network has proven invaluable for many, as it is often leveraged to understand potential threats and solutions to cyberattacks.
This open, collaborative approach simply works. A malicious actor often uses the same tactics and techniques that they’ve used to attack one financial institution on the next, and so on. By encouraging information sharing between organizations, we can reduce the window during which these attacks are effective. Threat-sharing makes the attackers work harder, which in turn makes successful attacks less frequent.