iDEFENSE Outlines Strategies for the Financial Services Industry to Prevent Info Security Loopholes

Business Wire, Oct 22, 2002

Business/Technology Editors

CHANTILLY, Va.--(BUSINESS WIRE)--Oct. 22, 2002

World Bank Report Cites VP of Intelligence Operations

on Steps to Protect Core Financial Systems

iDEFENSE, a provider of security intelligence to some of the world's largest financial institutions, is monitoring increasingly sophisticated threats to financial services information systems, including highly intelligent and structured attacks by well-organized criminal syndicates and state-sponsored hacker groups in Eastern Europe, the Middle East and Asia.

The growing evidence of orchestrated and strategic attacks against the financial services sector and recommendations for defending against them, is the focus of a report from the World Bank, entitled "Electronic Security: Risk Mitigation in Financial Transactions," (http://www1.worldbank.org/finance/ assets/images/ E-security-Risk_Mitigation_In_Financial_Transactions-3.0.pdf).

The ongoing study defines the general state of security initiatives in the industry and emphasizes the need for proactive, aggressive information-based strategies to reduce the exposure to attack in today's fast-growing electronic banking industry. An update, issued to World Bank members last week in advance of setting global policy, includes comments from John Frazzini, iDEFENSE's vice president of intelligence operations.

Frazzini, who joined iDEFENSE earlier this month, spent the last several years fighting cyber-crime for the U.S. Secret Service. To prevent damage from cyberattack, including worms, viruses, denial of service attacks, and ultimately the theft and destruction of data and assets, Frazzini has recommended that financial services companies:

-- establish common methodologies for tracking specific hacker groups

-- monitor cyberthreats still `in the wild,' before they reach critical mass

-- create a network for sharing global intelligence and information-gathering among colleagues and financial institutions

"The threat of the `caffeine-crazed' hacker looking to prove technical prowess is being overshadowed by much more aggressive and powerful hacking syndicates," said Frazzini. "Financial services companies need to cultivate a comprehensive understanding about the major players, what motivates them and where the next strike will come. This is driving an intense interest and demand today for security intelligence."

The Specter of Cyberattacks is Growing -

Recent research by IDC, a Framingham, Mass.-based provider of technology intelligence and market analysis, shows that nearly 57 percent of all cyberattacks in the United States last year occurred in the financial services industry. The number of cyberattack incidents reported also points to a dramatic increase in system breaches and the theft or destruction of data.

"A credible knowledge base of global security threats, vulnerabilities and countermeasures is crucial to ensure that financial sector decision-makers have the information they need to maintain an effective and proactive security posture," said Tom Kellerman, one of the authors of the report and a data risk specialist for the World Bank's Financial Sector Strategy and Policy Group. "Security intelligence companies such as iDEFENSE will play a critical role in any comprehensive security plan."

About the company:

iDEFENSE is the largest independent provider of information security intelligence to the U.S. government and Global 2000 companies, including leaders in financial services, energy and transportation and telecommunications. The company provides actionable, timely and relevant intelligence detailing potential threats, vulnerabilities and security issues directly to the desktops of C-level executives, general counsels, auditors, senior security managers and staff, system administrators and desktop users. The iDEFENSE suite of products provides highly customized intelligence collection and analysis for customers (iMONITOR), detailed technical vulnerability analysis and reporting (iPOWER); customizable global threat and vulnerability reporting (iALERT); and warning and awareness for non-technical desktop users (iAWARE). The company is based in Chantilly, Va. Further information can be found at www.idefense.com or (703) 344-1070.