Sharing info to help fend off cyberterrorism

Wall Street IT executives are hammering home the point that hacking and cyberterrorism is a mounting threat best fought by the private sector and government through creation of a centralized way of alerting and disseminating information about attacks — most likely via a private Web site.

Stephen Clifford, managing director of interactive marketing at Salomon Smith Barney Holdings Inc. in New York, echoed the concerns of countless IT managers when he told attendees at the Security Industry Association’s Internet Trends & Strategy Conference: “What keeps me up at night is security and keeping up with the hackers out there.”

A panel made up of representatives of the U.S. Secret Service, the National Infrastructure Protection Center and the Financial Services Information Sharing and Analysis Center (FS/ISAC) pressed attendees at a cyberterrorism workshop to work toward a common goal of sharing information about probes and attacks on their technology infrastructure.

The FS/ISAC, a New York-based private organization, charges companies a minimum US$7,000 annual fee for alerts and access to information about hacking and cyberterrorism threats.

Stanley Jarocki, vice president of IT security engineering at New York-based Morgan Stanley and chairman of the FS/ISAC, said there is a marked difference between hackers — who play games — and cyberterrorists, who are supported by governments and have almost unlimited resources to do damage to the financial services’ communities infrastructure.

Jarocki said companies must either join the FS/ISAC’s service or create a secure, central Web site on which they can share information anonymously.

C. Warren Axelrod, director of information security at the Pershing Division of Donaldson, Lufkin & Jenrette Securities in New York, also pointed out that the biggest cyberterrorism threat comes from “someone infiltrating your organization and using that power to do damage.”

“The ways firms can protect themselves is to share the information with each other without broadcasting it,” Axelrod said.

Bob Weaver, an agent with the U.S. Secret Service’s New York Electronic Crimes Task Force, agreed. He said almost 70 per cent of the more than 900 people the agency has arrested in New York in connection with intranet attacks, “are insider threats.”

Weaver recommended that companies adopt background checks for employees based on the sensitivity of the position within the organization.

“On the backside of this is negligence suits by insurance companies, based on the fact that you didn’t have due diligence or best practices in place,” he said.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now