Message-ID: <18574098.1075848245128.JavaMail.evans@thyme>
Date: Mon, 12 Mar 2001 05:08:00 -0800 (PST)
From: pete.gohm@enron.com
To: steven.kean@enron.com
Subject: The Financial Services Information Sharing and Analysis Center
Cc: michael.hicks@enron.com
Mime-Version: 1.0
Content-Type: text/plain; charset=ANSI_X3.4-1968
Content-Transfer-Encoding: quoted-printable
Bcc: michael.hicks@enron.com
X-From: Pete Van De Gohm
X-To: Steven J Kean
X-cc: Michael Hicks
X-bcc: 
X-Folder: \Steven_Kean_June2001_5\Notes Folders\Security
X-Origin: KEAN-S
X-FileName: skean.nsf

Steve:

Information on the Financial Sector's ISAC.  Key question is will we qualif=
y=20
for membership - see para 3. =20
If we qualify as a "designated financial services exchange and finance sect=
or=20
utilities" this ISAC will work for us. =20
If not, I recommend we join the Oil & Natural gas ISAC.  I will forward=20
information on NERC's process shortly - Pete


 Frequently Asked Questions

 WHO OWNS THE FS/ISAC?
 The FS/ISAC and the data in the FS/ISAC is owned by the members through th=
e=20
FS/ISAC, LLC
 (Limited Liability Corporation) created to manage the ISAC process for=20
Financial Services. The
 FS/ISAC is operated by Global Integrity Corporation, a wholly owned=20
subsidiary of SAIC.

 WHO ARE GLOBAL INTEGRITY AND SAIC? (Global Integrity is now owned by=20
Predictive SYstems Inc.)
 Global Integrity is an information security service provider to commercial=
=20
clients around the world. It
 provides a full complement of information protection, electronic commerce=
=20
security, consulting, and
 engineering services worldwide. Global Integrity Corporation is a wholly=
=20
owned subsidiary of SAIC
 (Science Application International Corporation), the largest employee owne=
d=20
research and engineering
 company in the US. Since 1969, SAIC scientist and engineers have worked to=
=20
solve complex technical
 problems in the healthcare, telecommunications, national security, financi=
al=20
services, transportation,
 energy, and the environment. With annual revenues approaching $5 billion,=
=20
SAIC and its subsidiaries
 have more than 38,000 employees in 150 cities worldwide.

 WHAT ARE THE MEMBERSHIP REQUIREMENTS?
 Membership is open to the following categories of US entities registered,=
=20
and in good standing, with
 their appropriate regulators:=20

      FDIC Insured Bank=20
      NASD Licensed investment firm=20
      Designated Financial Services exchanges and finance sector utilities=
=20
      Specialized US or State licensed banking companies=20
      US or State Licensed Insurance companies=20

Membership will be granted to an applicant only after third-party=20
verification is completed by the
 FS/ISAC, LLC.=20

 WHO HAVE ACCESS TO THE FS/ISAC?
 Financial Services companies who become members of the FS/ISAC, LLC.=20

 WHO ARE THE CURRENT MEMBERS?
 Anonymity of members is key to obtaining industry-wide cooperation. The=20
member list of the FS/ISAC
 has not and will not be released to anyone. Membership is strictly confine=
d=20
to eligible financial service
 applicants as defined by the FS/ISAC, LLC Board of Managers.=20

 HOW DOES MY COMPANY BECOME A MEMBER?
 Accessing all materials to become a member is easy. The enrollment process=
,=20
procedures,
 membership agreement, and eligibility form may be obtained from the FS/ISA=
C=01,
s web site,
 www.fsisac.com, or by calling our offices at (888) 660-0134.=20

 HOW MUCH DOES IT COST TO JOIN THE FS/ISAC?
 Membership fees range from $13,000 to $125,000 depending on the membership=
=20
level selected.=20

 HOW DOES THE FS/ISAC WORK?
 For the first time, information security professionals may anonymously sha=
re=20
in an industry wide
 database of electronic security threats, vulnerabilities, incidents and=20
solutions. Members voluntarily will
 report information to the database on either an anonymous or attributed=20
basis. Input will be analyzed
 by security specialists for potential solutions and, depending on the=20
seriousness of the case, the
 FS/ISAC will distribute an alert to members.

 WHAT IS THE VALUE PROPOSITION TO MY COMPANY?
 There are a number of value added features for each member:

      Early Notification=20
      Relevant Information=20
      Industry-wide Vigilance=20
      Subject Matter Expertise=20
      Anonymous Information Sharing=20
      Trending, Metrics, Benchmark Data=20

 HOW SECURE IS THE FS/ISAC FACILITY?
 The location or locations of the FS/ISAC are secret. The FS/ISAC is=20
physically secured and the facility
 is operated remotely. The various components of the FS/ISAC system are=20
protected through
 state-of-the-art security techniques, including constant monitoring for=20
unauthorized attempts to access
 or alter the system.

 HOW MANY INCIDENTS, THREATS, VULNERABILITIES AND SOLUTIONS ARE CURRENTLY I=
N
 THE FS/ISAC DATABASE?=20
 Information in the database comes from FS/ISAC members, US Government=20
agencies, hardware and
 software vendors, and other sources. While the exact number of incidents=
=20
submitted is confidential,
 there have been over 820 entries related to general threats, vulnerabiliti=
es=20
and solutions impacting the
 critical information infrastructure at large.=20

 DOES THE US GOVERNMENT HAVE ACCESS TO FS/ISAC REPORTS?
 No. US Government agencies, such as NIPC, submit information but cannot=20
access data.

 HOW IS THE FS/ISAC FUNDED?=20
 The FS/ISAC is a private-sector partnership of FS/ISAC, LLC members.=20
Membership fees are the sole
 source of funding. Global Integrity provided the start-up funding.

 HOW MANY INCIDENTS WILL BE REPORTED?=20
 Since Banking and Finance is the first sector to establish an ISAC, there=
=20
are no historical data from
 which to derive traffic statistics. For the first time, financial services=
=20
companies can share incident
 information via the FS/ ISAC. Some members may choose to share data with=
=20
attributions. Many are
 likely to submit data with complete anonymity. Over time, it is expected t=
he=20
database will be
 extensive.=20

 HOW WILL THE FS/ISAC DATA BE USED?
 The FS/ISAC data will be used to share incident information among members =
in=20
near-time. The data
 will also be used to develop trending and benchmarking information for the=
=20
benefit of the members.=20

 WOULD THE FS/ISAC PREVENT A VIRUS LIKE MELISSA OR WORM.EXPLOREZIP?
 No, it would not prevent a virus or deliberate hacker attack from happenin=
g.=20
It would, however, give
 members an alert or early warning notice and offer known patches or soluti=
on=20
recommendations. It
 would enable members to respond quickly to avoid or limit potential damage=
.

 WHAT IS THE DOWNSIDE RISK OF NOT JOINING THE FS/ISAC?
 You would not avoid the expense or loss of reputation of an unexpected=20
incident or attack about which
 the FS/ ISAC would have warned you. You would not have access to the=20
near-time database or expert
 analysis that is available to members.=20


 For more Information, visit the FS/ISAC=01,s web site: www.fsisac.com or c=
all:=20
(888) 660-0134
 ISAC-FAQ031000