National Cyber Defense Financial Services Workshop Report
Full Title of Reference
National Cyber Defense Financial Services Workshop Report
Full Citation
Nat'l Cyber Def. Fin. Servs. Workshop, Nat'l Cyber Def. Initiative, Helping Form a Sound Investment Strategy to Defend Against Strategic Attack on Financial Services (O. Sami Saydjari et al. eds.) (2009). Web AltWeb
Categorization
- Resources by Type: US Government Reports and Documents, Industry Reports
- Threats and Actors: States, Groups, Financial Institutions and Networks, Communications
- Issues: Metrics, Risk Management and Investment, Information Sharing/Disclosure,
- Approaches: Regulation/Liability, Private Efforts/Organizations, Government Organizations, Deterrence, Technology
Key Words
Computer Network Attack, Identity Fraud/Theft, Intelligence Infrastructure/Information Infrastructure, Interdependencies, National Security, Outreach and Collaboration, Research & Development, Risk Modeling, Software Vulnerability, Sponsored Attacks, State Affiliation,
Synopsis
Executive Summary
The National Cyber Defense Initiative ad hoc group organized this workshop to better understand the nature of high-impact, large-scale attacks on the banking and finance sector, approaches to addressing those classes of attacks, and ways that industry, academia, and government can work together on such approaches. The National Science Foundation and Department of Homeland Security Science and Technology co-sponsored the event in cooperation with the Department of the Treasury and experts from the Financial Services Sector Coordinating Council for Critical Infrastructure Protection and Homeland Security (FSSCC).
The group concluded that high-impact, large-scale attacks that target the entire sector are theoretically possible and underanalyzed. A continuing dialogue on defending against such attacks and how to effectively address them in cooperation with government would be productive and useful. The group also concluded that banking and finance sector problems are unique and important and require basic research in modeling and analyzing large-scale interdependent financial systems and in constructing inherently recoverable distributed computation.
Key Recommended Research Directions
Analytical Models
Model large-scale banking and finance sector systems and their transaction flows and interdependencies using a new monitoring infrastructure that measures and analyzes the properties of these systems, including instability, security, hidden dependency, and cascading effects. Use such models to understand the infrastructure at a network and transaction level and the mapping between the two to inform the dependency analysis. Conduct simulations and exercises to better understand the impact of events. Initially focus on high-impact transaction systems to simplify the problem.
Collaborative Situational Awareness/Understanding
Define information-sharing requirements and methods between organizations (government, intra-industry, academic), taking into account the need for recovery and privacy (through anonymization techniques, for example) as well as the risk-reward calculation in sharing certain types of information. Specifically, define real-time information sharing with academia to obtain additional help and with intelligence agencies to improve situation understanding so that both communities can understand enough of what is happening that they can effectively respond to high-impact threats.
Resiliency
Develop methods to create more secure and resilient transactions under the load of high-impact attacks. Create inherently resilient architectures. Collaborate with academics in select spots within the secure transaction space. Develop data-centric protection strategies such that the data’s integrity and provenance are preserved despite attacks.
Authentication
Improve identification and authentication capabilities for people, devices, and digital objects in such a way to make high-impact, large-scale attacks more difficult to accomplish.
Leverage Research
Leverage existing research for possible application to banking-and-finance-sector-critical problems such as those above and those identified in the FSSCC Research Agenda. Develop models for more effective interactions between banking and finance sector experts and academics interested in these classes of problems. Leverage existing models with government as a catalyst. Establish a standing “semiformal” advisory council of academic researchers who would meet regularly with and advise and assist the FSSCC R&D Committee to set research priorities and identify projects that may be conducted in collaboration with academia and government.
Additional Notes and Highlights
Expertise Required: Acronym tolerance: Moderate, Financial Services Infrastructure: Moderate
Related workshop reports: http://ncdi.nps.edu/
Outline:
1 Introduction 1.1 Background 1.2 Purpose and Goals 1.3 Participation 1.4 Intended Audience 1.5 Opening Problem Statement 2 Establishing Common Ground 2.1 Understanding the Banking and Finance Sector 2.2 A Research and Development Agenda Foundation 2.3 Unique Characteristics of Banking and Finance Sector 2.4 Importance to National Leadership 3 Problem Elaboration 3.1 Focus 3.2 Changing Threat Environment 3.3 Results from a Banking and Financial Sector Exercise 3.4 Hypothetical Attack Scenarios 4 Challenges and Approaches 4.1 Prevention 4.2 Detection and Response 4.3 Recovery and Reconstitution 5 Innovative Industry-Government Partnership Models 5.1 Exemplary Partnership Models 5.2 Discussion 6 Next Steps Appendix 1 National Cyber Defense Financial Services Workshop Agenda Appendix 2 TRUST Program—An Example of Related Research Appendix 3 Prevention Details Appendix 4 Detection and Response Details Appendix 5 Recovery and Reconstitution Details Appendix 6 Organization and Attendees