Financial group lays security groundwork

The financial industry group working with the Treasury Department on protecting the nation's critical systems has identified its top priorities and is beginning to carry them out.

Treasury is the lead agency for coordinating all critical infrastructure protection plans between the federal government and the financial and banking industry, just as other agencies have been designated as the leaders for their respective industries under Presidential Decision Directive 63, which calls for federal agencies to develop plans to protect key information systems.

Less than a year after PDD 63, the financial industry's initiative is well underway, said Gregory Baer, deputy assistant secretary for financial institutions policy at Treasury, at a panel discussion held today by American Banker and the Banking Industry Technology Secretariat.

This week the financial industry group, led by sector liaison Steve Katz, chief information security officer at Citigroup, is meeting to split into four task groups.

One will establish and determine the roles for a CEO/CIO/CFO-level council within the industry; another will define what protecting critical infrastructure means; the third will determine sector vulnerabilities—how to share information within and outside the group and how to mitigate those vulnerabilities; and the fourth will work on research and development for future needs.

"We are in the same place today looking at cyberthreat as we were five years ago looking at Y2K," Katz said. Information security is an issue that must be addressed—and quickly, he said. "We don't have a lot of time to get this right."

Featured

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Congratulations to the 2020 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

  • Cybersecurity
    cybersecurity (Rawpixel/Shutterstock.com)

    CMMC clears key regulatory hurdle

    The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

Stay Connected