Treasury Begins Automating Cyber Tip-Sharing with Banks

The Treasury Department has begun automating the flow of cyber threat tips back and forth between financial institutions and the government. The technology upgrade follows heavy assaults on Wall Street networks over the past few years. 

It's been said that this communications technique, made possible by a special programming language, will be key to the Obama administration's efforts to expand information sharing between agencies and private companies. The language is called STIX, a standard co-developed by the Department of Homeland Security and contractor MITRE, which stands for Structured Threat Information Expression or Exchange.

Late last year, the Financial Services Information Sharing and Analysis Center, an industry cyber group, began offering companies free STIX-based software called Soltra Edge that essentially lets computers talk to each other about threats observed. 

This week, Amias Gerety, Treasury acting assistant secretary for financial institutions, said the government also is part of the automated telephone tree. 

"To support the efforts of the sector and better protect its own networks, Treasury is now sharing cyber threat indicators in the Structured Threat Information Expression (STIX) format, which enhances the value of this information by accelerating the process by which it is shared and utilized," he said in a department blog post. "These efforts will allow organizations to automatically generate machine-readable reports and share them with trusted partners who can process the information and rapidly take action to protect against similar threats."

STIX likely would have helped expedite warnings about a 2012 cyber campaign, in which distributed denial-of-service attacks paralyzed a slew of U.S. banks' websites, although no data or systems were breached during the operation. More recently, hackers exposed information on 83 million households and small businesses that held accounts with JPMorgan. 

Earlier this month, a former top DHS cyber official, who now represents the financial services industry, said Soltra Edge will help large enterprises like JPMorgan and firms with few resources. 

"The sector continues to make significant progress toward increasing the speed and reliability of its information sharing efforts through expanded use of DHS-funded open specifications, including Structured Threat Information eXchange," Gregory Garcia, executive director of the Financial Services Sector Coordinating Council, testified at a recent House subcommittee hearing. 

The challenges have long entailed improving the speed, scale and accuracy of information sharing, as well as shortening the period between detection of suspicious activity and threat eradication, he said.

"The Soltra Edge capability developed by the sector removes a huge burden of work for both large and small financial organizations," Garcia told lawmakers. 

It remains to be seen whether other key industries and agencies at risk will go for STIX, including the health care, energy and transportation sectors.