National Cyber Defense Financial Services Workshop Report

From Cybersecurity Wiki
Jump to navigation Jump to search

Full Title of Reference

National Cyber Defense Financial Services Workshop Report

Full Citation

Nat'l Cyber Def. Fin. Servs. Workshop, Nat'l Cyber Def. Initiative, Helping Form a Sound Investment Strategy to Defend Against Strategic Attack on Financial Services (O. Sami Saydjari et al. eds.) (2009). Web AltWeb



Key Words

Computer Network Attack, Identity Fraud/Theft, Intelligence Infrastructure/Information Infrastructure, Interdependencies, National Security, Outreach and Collaboration, Research & Development, Risk Modeling, Software Vulnerability, Sponsored Attacks, State Affiliation,


Executive Summary

The National Cyber Defense Initiative ad hoc group organized this workshop to better understand the nature of high-impact, large-scale attacks on the banking and finance sector, approaches to addressing those classes of attacks, and ways that industry, academia, and government can work together on such approaches. The National Science Foundation and Department of Homeland Security Science and Technology co-sponsored the event in cooperation with the Department of the Treasury and experts from the Financial Services Sector Coordinating Council for Critical Infrastructure Protection and Homeland Security (FSSCC).

The group concluded that high-impact, large-scale attacks that target the entire sector are theoretically possible and underanalyzed. A continuing dialogue on defending against such attacks and how to effectively address them in cooperation with government would be productive and useful. The group also concluded that banking and finance sector problems are unique and important and require basic research in modeling and analyzing large-scale interdependent financial systems and in constructing inherently recoverable distributed computation.

Key Recommended Research Directions

Analytical Models

Model large-scale banking and finance sector systems and their transaction flows and interdependencies using a new monitoring infrastructure that measures and analyzes the properties of these systems, including instability, security, hidden dependency, and cascading effects. Use such models to understand the infrastructure at a network and transaction level and the mapping between the two to inform the dependency analysis. Conduct simulations and exercises to better understand the impact of events. Initially focus on high-impact transaction systems to simplify the problem.

Collaborative Situational Awareness/Understanding

Define information-sharing requirements and methods between organizations (government, intra-industry, academic), taking into account the need for recovery and privacy (through anonymization techniques, for example) as well as the risk-reward calculation in sharing certain types of information. Specifically, define real-time information sharing with academia to obtain additional help and with intelligence agencies to improve situation understanding so that both communities can understand enough of what is happening that they can effectively respond to high-impact threats.


Develop methods to create more secure and resilient transactions under the load of high-impact attacks. Create inherently resilient architectures. Collaborate with academics in select spots within the secure transaction space. Develop data-centric protection strategies such that the data’s integrity and provenance are preserved despite attacks.


Improve identification and authentication capabilities for people, devices, and digital objects in such a way to make high-impact, large-scale attacks more difficult to accomplish.

Leverage Research

Leverage existing research for possible application to banking-and-finance-sector-critical problems such as those above and those identified in the FSSCC Research Agenda. Develop models for more effective interactions between banking and finance sector experts and academics interested in these classes of problems. Leverage existing models with government as a catalyst. Establish a standing “semiformal” advisory council of academic researchers who would meet regularly with and advise and assist the FSSCC R&D Committee to set research priorities and identify projects that may be conducted in collaboration with academia and government.

Additional Notes and Highlights

Expertise Required: Acronym Tolerance: Moderate, Financial Services Infrastructure: Moderate

Related workshop reports:


1 Introduction   
 1.1 Background  
 1.2 Purpose and Goals  
 1.3 Participation  
 1.4 Intended Audience  
 1.5 Opening Problem Statement  
2 Establishing Common Ground  
 2.1 Understanding the Banking and Finance Sector  
 2.2 A Research and Development Agenda Foundation  
 2.3 Unique Characteristics of Banking and Finance Sector  
 2.4 Importance to National Leadership  
3 Problem Elaboration  
 3.1 Focus  
 3.2 Changing Threat Environment  
 3.3 Results from a Banking and Financial Sector Exercise  
 3.4 Hypothetical Attack Scenarios  
4 Challenges and Approaches  
 4.1 Prevention  
 4.2 Detection and Response  
 4.3 Recovery and Reconstitution  
5 Innovative Industry-Government Partnership Models  
 5.1 Exemplary Partnership Models  
 5.2 Discussion  
6 Next Steps  
Appendix 1 National Cyber Defense Financial Services Workshop Agenda  
Appendix 2 TRUST Program—An Example of Related Research  
Appendix 3 Prevention Details  
Appendix 4 Detection and Response Details  
Appendix 5 Recovery and Reconstitution Details  
Appendix 6 Organization and Attendees