Mark Clancy, Chief Information Security Officer, DTCC and Chief Executive Officer of Soltra
The importance of a collaborative, automated approach to address emerging cyber attacks was highlighted with investment management operations professionals at NICSA’s “Cybersecurity/Managing 21st Century Risk” conference in Boston last month.
The conference, which brought together executives from investment management and mutual funds companies, focused on providing attendees a deeper understanding of the challenges firms face as they navigate the evolving nature of cyber security in today’s digital world.
“We have to use automation to achieve repeatable, measureable outcomes in our collective efforts to defend against increasing instances of cyber attacks,” said Mark Clancy, Chief Information Security Officer, DTCC and Chief Executive Officer of Soltra, in his key note address to conference attendees. “We also need automation to get a head of current and emerging threats by utilizing information about known attacks and using machines to do the heavy lifting to find and counter them quickly.”
Soltra, a joint venture between DTCC and the Financial Services - Information Sharing and Analysis Center (FS-ISAC), is a leading provider of automated cyber security solutions to the financial industry and other sectors worldwide.
In his remarks, Clancy noted that companies are currently confronted with a host of cyber security risks that may not have been considered in the past, and that senior executives are wrestling with the concept of assessing and managing these types of risks.
“We need to have robust architecture that can effectively determine where we are, what we know and what we don’t in terms of the cyber threats we are seeing in the public domain. We also need to move to a model where we do continuous testing of our continuous monitoring, especially as new threats take hold.”
Clancy also sees greater information sharing and collaboration within the financial services industry and with other sectors as key to combating cyber attacks. “We have to share information about what attackers are doing, what the attacks look like and what weaknesses lead to an attack being successful. If you are not in a sharing community, your are, in effect, trading in a market with no access to market data.”
Launching Soltra Edge
Fostering the ability for comprehensive cyber threat information sharing, Soltra launched Soltra Edge, a new automated information-exchange software solution. Soltra Edge collects cyber threat intelligence data from various sources, converts it into an industry standard language and provides real-time actionable intelligence that clients can utilize to defend against potential attacks. The platform is quickly gaining traction, with more than 1,000 institutions in financial services and other sectors downloading Soltra Edge since its launch. In May of 2015, a single content source using Soltra Edge transferred 2.6 Terabytes of information about cyber threats to over 1,700 unique Soltra Edge instances operated by those institutions.
DTCC and Soltra are strong proponents for actively promoting the importance of cyber threat information sharing. Clancy and other senior executives have testified before Congress, participated in regulatory roundtables and are frequent speakers on the topic at a number of industry conferences. Over the next several months, Clancy will be a featured speaker or panelist on the subject of cyber security at conferences that include: