Information sharing and collaboration
The Cybersecurity Information Sharing Act was written into law in 2015, but here we are five years later, and I am not so sure we’ve fully embraced the original intent of the law.
Are we sharing information on cybersecurity? Sure, I do not really think that is even a question anymore. But are we sharing the right information? Are we sharing information that will help our peers better protect their own organizations and defend against the ever-growing cyber threats?
Ask any banker in information technology and/or information security if they are receiving information
and they will all say that is not the issue. I do not know how else to describe it except to say a tsunami of information floods our inboxes,
tweets and favorite security portals.
The controversy and debate lie
within the details of what to share,
how to best share the information
and who to share it with.
To try and do our part to promote information sharing among our banking community, the Texas Bankers Association introduced TruStar to our community banks in 2019. TruStar is our Threat Intelligence Platform,
which serves as a central repository
for threat data from both external
and internal sources. These sources can be from open sources or from premium intel like FSISAC.
Also, members can submit their
own data to the portal to further enrich the intel available for community banks. It’s not unusual to see information on phishing or ransomware attacks that gives the banks the opportunity to guard against the attacks on their own systems or networks.
We’re also looking for opportunities to further enrich the data by signing up with other data sources, especially in the fraud area. Card skimming activity, bank robberies and ATM thefts are just a few examples of information that our bankers are interested in having available to them. If you are a Texas community bank interested in learning more, please reach out to me at firstname.lastname@example.org. It’s a free service to our community banks.
Also, our peer-to-peer information-sharing and collaboration platform continues to grow in numbers. We have several channels, including cybersecurity, fraud, technology, COVID-19 and threat intel. It’s also a free service for our community banks in Texas. We have bankers participating from many different parts of the business, from information technology to information security and compliance. If you would like to participate, please shoot me an email.
National Cybersecurity Awareness Month
For the 17th year in a row, the National Cyber Security Alliance and CISA have announced October as Cybersecurity Awareness Month. This year’s theme is “Do Your Part. #BeCyberSmart.”
As expected, they encourage individuals and organizations to own their roles in protecting their part of cyberspace, stressing personal accountability and the importance of taking proactive steps to enhance cybersecurity.
This year has seen major disruptions in the way we work, learn and socialize, driving many of these activities online. With our homes, schools and businesses more connected than ever, it’s vital to “Protect It” and #BeCyberSmart.
Learn how to “Protect It” by visiting cisa.gov/ncsam.