2020 was a year like no other, for reasons everyone knows. For cybersecurity leaders in financial services, new challenges kept piling on. All of them point to the need for increased sharing across borders to protect against cyber threats.
In January, geopolitical tensions raised questions about whether the global financial system could get caught in the crossfire, and the multiple ways a sophisticated state actor might choose to deploy its arsenal of cyber weapons to destabilize not only a government, but an economy and society.
Then COVID-19 arrived. The lightning-fast digitization of financial products and services and shift to remote working forced security departments to reckon with the loss of control of our perimeter and implementing new security measures across our entire suite of offerings at the same time, all while working from home ourselves.
In the summer, a wave of DDoS and ransomware attacks that started with the New Zealand Stock Exchange and quickly spread around the globe showed us how cyber criminals will use one target to test out their attack strategy and then take aim at other institutions, countries, and industry verticals. We now know that an attack on a bank in Asia could be a harbinger for one on an insurance company in the US or a fintech firm in Europe. Threat actors know no borders; neither must our intelligence sharing and collaboration efforts.
The SolarWinds attack in December reinforced the primacy of third-party risk and how an attack on one large vendor could compromise not only individual firms, but potentially threaten trust in the security of our institutions, public and private alike.
Through it all, FS-ISAC served as a central hub for us to connect and share not only intelligence, but best practices on preventing, combatting, and remediating cyber threats as they happen. With secure chat and intelligence sharing channels, enriched intelligence reports, threat calls, member briefings, summits, and exercises, our members benefit from the experiences and knowledge of their peers in a trusted environment.
The more our members share, the stronger our community, and therefore our global financial system. Already in 2021 we have seen new supply chain attacks, which we can expect to proliferate and evolve quickly. The only way to stay ahead of these ever more sophisticated threat actors is to collaborate. Now more than ever, I encourage all financial institutions to #daretoshare.
In the spirit of #daretoshare, FS-ISAC is launching its Global Leaders Awards program to recognize those who do share not only intelligence, but also best practices and knowledge during our exercises and events. Nominate an outstanding leader in our community today.
© 2021 FS-ISAC, Inc. All rights reserved.
Jerry Perullo serves as the Chief Information Security Officer (CISO) of Intercontinental Exchange, Inc. (NYSE: ICE). Perullo leads the physical and cybersecurity programs for ICE, including the New York Stock Exchange, securing...Read More
critical economic infrastructure across multiple subsidiaries, geographies, and regulatory jurisdictions. Perullo works closely with the US Department of Treasury and the Financial Services Sector Coordinating Council (FSSCC) in addition to many governmental, regulatory, and industry bodies around the world. Perullo was elected Chairman of the Board of Directors of the Financial Services Information Sharing and Analysis Center (FS-ISAC), where he has been an active leader since 2007. Prior to joining ICE in 2001, Perullo led an Information Security practice providing penetration testing and consulting services to the health-care, energy, and data service industries after successfully building an internet service provider in the mid-1990s. Perullo studied computer engineering at Clemson University and earned a BS degree in legal studies from the University of Maryland and an MBA from Georgia State University. He serves on the Industry Advisory Board of the Georgia Tech Institute for Information Security and Privacy (IISP) and has guest-lectured and instructed there and at other universities.