IT Brief New Zealand - Technology news for CIOs & IT decision-makers
Story image
Supply chain and ransomware threats drove increase in cyber intelligence sharing
Mon, 27th Sep 2021
FYI, this story is more than a year old

Cyber intelligence sharing community FS-ISAC announced global cyber intelligence sharing among its member financial firms increased by 60% in the period from August 2020 to August 2021, driven by supply chain and ransomware threats.

2021 saw a disturbing rise in supply chain and ransomware threats, with large-scale, high-profile attacks such as Kaseya and Colonial Pipeline across the globe targeting major firms along various supply chains. Under the threat of this surge in attacks, many institutions have begun to invest more heavily in intelligence sharing and collaboration to thwart continually evolving threats.

Large scale threats resulted in record-breaking peaks of intelligence sharing across all regions: North America; Latin America; Europe, UK, Middle East and Africa; and Asia Pacific.

To increase global collaboration and encourage cybersecurity talent development, FS-ISAC launched its Global Leaders awards. This year, cybersecurity professionals from American Express, Banco Falabella Chile, Australia's IAG, and UBS were recognised with the award for outstanding cyber intelligence sharing efforts.

“With the increase in sophisticated cross-border cyber criminal campaigns against the financial sector and its supply chain, sector-wide global collaboration has become a risk management imperative,” says Steven Silberstein, CEO of FSISAC. “Intelligence and best practice sharing across our community and platforms has reached new heights, spurred by the high-profile events of the last 12 months. We commend the members who go above and beyond to protect the financial system at large.

“American Express is deeply interconnected with the other players in the global financial system,” says Fred Gibbins, chief information security officer at American Express.

“We believe it is our critical responsibility to share intelligence and best practices with our peers to help the industry to protect and defend against emerging cyber threats. We are honoured to be recognised by FS-ISAC and appreciate the collaboration between all the members for our collective protection.

“In Latin America we benefit from intelligence that is shared by global US and Europe-based firms as well as from our neighbouring countries,” says Juan Carrasco, head of cybersecurity at Banco Falabella Chile.

“By monitoring attacks in Argentina and Brazil, we were able to predict and thwart a cyber attack in Chile. This attests to the power of cross-border intelligence sharing in mitigating cyber risk.

Member nominations took place from the last week of March until June 30. Nominations were vetted by FS-ISAC's Global Intelligence Office for impact and quality of contributions and narrowed down to three finalists per region. The FS-ISAC Board of Directors, composed of CISOs at leading financial firms around the world, voted on one winner from each region.

“Meaningful threat intelligence gives our security team at IAG an advantage over the attackers and reduces cyber risk,” said Craig Hall, threat analytic cell manager at IAG.

“Recently, we were able to identify a threat actor who methodically attacked Australian financial institutions in alphabetical order throughout the day. By sharing the criminal's tactics, members throughout the region knew when they were likely to get hit and were therefore able to defend against attacks.

“As a global firm, UBS monitors the global cybersecurity landscape to proactively detect and mitigate risks,” said Corsin Camichel, cyber threat intelligence regional lead at UBS.

“Sharing intelligence and best practices with our peers and regional counterparts is fundamental to staying ahead of emerging cyber threats. I am honoured by this award and will continue to share with my colleagues and peers around the world.

In addition to helping detect and prevent cyberattacks, sharing by larger financial institutions based in markets with stricter and more comprehensive regulation helps strengthen the cybersecurity programs of smaller or less resourced firms around the world, benefitting the full financial ecosystem.