DTCC and FS-ISAC light a beacon in the fight against cyber-invaders

DTCC and FS-ISAC light a beacon in the fight against cyber-invaders

The US Financial Services Information Sharing and Analysis Center (FS-ISAC) and the Depository Trust and Clearing Company (DTCC) have developed a centalised utility for financial firms to post and share information related to cyber-attacks and security threats.

The joint venture, named Soltra, has been established to collect, distill and speed the transfer of threat intelligence from a myriad of sources to help safeguard against cyber attacks.

Over 125 FS-ISAC members and representatives from other critical sectors, government entities and the private sector contributed to the requirements, architecture and design of the Soltra Edge platform, which is currently undergoing user-testing and will be available for general uptake in late 2014.

"Today, most cyber threat information is provided manually to users from various, unconnected industry sources. Because of this, on average, it can take firms seven hours to evaluate each threat," states Mark Clancy, CEO of Soltra, CISO of DTCC andboard member of FS-ISAC. "With Soltra Edge, one organisation's incident becomes everyone's defense. The solution will enable clients to send, receive, and store cyber security threat intelligence in a streamlined and automated format, enabling these firms to deploy safeguards against a potential cyber attack."

Soltra Edge was named after one of the best-known medieval beacon fire networks in Europe that warned of invaders.

Bill Nelson, president of Soltra and president and CEO of FS-ISAC, says: "Today's threat intelligence sharing must occur at network speeds. It needs to reduce the workload for security analysts and for smaller organisations. It needs to be available for all critical sectors in order to share information within each sector and also cross-sector to increase resiliency from cyber threats."

Comments: (1)

A Finextra member
A Finextra member 25 September, 2014, 10:47Be the first to give this comment the thumbs up 0 likes

This fantastic initiative is one of several in a wave of proactive collaboration across the financial services industry to tackle the threat of cyber crime.

As Nelson says, intelligence sharing mus happen at network speeds and yet more needs to be done not only to advise of threats but share defence solutions at the same speed as the intelligence.

A similar initiative announced recently brings the 4,500 banks represented by the EBF together with Europol's EC3, the European Cybercrime Centre to share intelligence about financial crime.  the BBA's Financial Crime Alert Service is due to launch early next year to provide real time alerts across the industry. Again, a much needed move but there is more the security and financial technology industries must do to protect our financial institutions.  We need to arm the banks with the weapons to fight the criminals, not just tell them that they are approaching.


Some simple measures, protecting web domains from cache poisoning and pfishing attacks could act as a strong first line of defence.