Privacy rules make it harder to prevent cyber attacks
Restrictions on data-sharing in the USA Patriot Act and at the Financial Services Information Sharing and Analysis Center (FS–ISAC) are hindering efforts to combat cyber attacks, the leader of a cyber crimes unit at Wells Fargo has said.
FS–ISAC is an industry-run initiative that allows financial firms to anonymously exchange information on cyber threats. Banks can also share data about money laundering and terrorist activities under Section 314(b) of the Patriot Act, which provides a safe harbor from legal liability. In both cases, the sharing of personally identifiable information (PII) is restricted.
“There is a real need to either evolve the information-sharing process under the FS–ISAC or modernise 314 (b) sharing [in the Patriot Act] to include PII alongside cyber threats,” said Kelley Chamberlain, who leads a team within Wells Fargo’s Global Financial Crimes Intelligence Group focusing on cyber threats. “I personally don’t care which one gets modernised, but it has to happen otherwise we are just going to keep continuing to be owned by the bad guys.”
PII…
