Information Sharing and Analysis Centers can play a bigger role i...

in 2004 to 4,200, said its executive director, Bill Nelson, and it does more for its members than simply provide alerts. The center puts out white papers and briefings, and allows members to make anonymous reports of attempted attacks, encouraging information-sharing among competitors, he said. The financial services center can reach 99 percent of banks and credit unions, according to the ISAC Council. It can warn members of new phishing attacks. Nelson said more phishing attacks are targeting upper-level executives, and the attacks arrive in official-looking documents from a court or the Better Business Bureau. He predicted more attacks on brokerages and the possibility that a nation-state could target the U.S. financial system. The center has made a list of 45 recommendations for its own improvement that it will be implementing, he said. John Sabo, director of global government relations at CA, said it’s important that the centers develop yardsticks for their performance. Jacob Olcott, director of the subcommittee on emerging threats, cybersecurity and science and technology of the House Homeland Security Committee, said the performance of the centers varies, and each industry must look to how its center can function best. Olcott said it’s important for the “geek” community to be able to communicate with policymakers to explain threats. A challenge for Congress is that no single committee has jurisdiction over cybersecurity, he said. But Congress is the only body that can get all the groups responsible for cybersecurity talking, he said. “Congress is the ultimate stovepipe eliminator,” he said. Like Sabo, Mischel Kwon, director of the U.S. Computer Emergency Readiness Team, said cybersecurity worries aren’t new. But the way of looking at those concerns is, she said. “They're not attacking us to attack our machines… They're trying to affect our mission and that makes it most important for us to change the way we look at security.”