NU Online News Service, Jan. 3, 2005, 6:52 p.m. EST
Empire State regulators are promoting a group that can help financial services companies learn about and share information about potential threats to “critical infrastructure.”[@@]
New York State Insurance Superintendent Gregory Serio recently sent a circular letter publicizing the Financial Services Information Sharing and Analysis Center to all companies under his jurisdiction.
Joining the center “is the best way for financial services firms to receive sector-specific information from the federal government,” Serio writes in the circular letter, C.L. Number 13 (2004).
The Clinton administration set up the Information Sharing and Analysis Centers system in 1998, in response to concerns about terrorism, hacker attacks and the Year 2000 problem.
The Bush administration expanded the system in 2003, and now there are centers for 14 different types of critical systems and economic sectors, such as energy, surface transportation and financial services.
Members of the financial services center, FS-ISAC, can use the center to share anonymous reports or attributed reports about information security threats, vulnerabilities, incidents and solutions.
Member organizations also can participate in member meetings, preparedness exercises, regular conference calls and crisis calls, Serio writes.
Although FS-ISAC member companies own the center, and federal regulators have no access to the center incident database, the federal government also uses the FS-ISAC to distribute information about possible threats.
“If your organization is not already receiving FS-ISAC alerts through other sources, the department recommends consideration be given to joining the FS-ISAC to take advantage of the first industry-wide database of cyber and physical security threats, vulnerabilities, incidents, and solutions,” Serio writes.
The circular letter is on the Web at http://www.ins.state.ny.us/cl04_13.htm