Earlier this year, over 100 industry experts from 34 financial institutions, banks, clearinghouses, and other members of the financial industry in the U.S. quietly collaborated on an initiative to enhance the security of the retail financial industry against potential significant cyber risk. Sheltered Harbor, a not-for-profit organization, was the result.
Over 70 percent of U.S. retail accounts and 60 percent of U.S. brokerage accounts are represented in this initiative — a total of over 400 million accounts.
The goal was to add an extra layer of protection for client data in case one of the participating banks went down due to a cyber attack so that people would still be able to access their assets. Or, “to extend the industry’s capabilities to securely save and restore account data in the event of a loss of operational capability,” as their website states.
Sheltered Harbor makes this possible by storing customer data from each participating institution in a private, encrypted data vault — safe from alteration and deletion — that can be accessed in case of a cyber attack. If an attack occurs, the customer’s of the affected bank will still be able to access their data through another participating financial institution.
To make sure that data is properly protected, they establish standards and monitor adherence to these standards. The stored data remains intact and available if needed, exactly how it was when it was archived.
The initiative was created after the Financial Services Information Sharing and Analysis Center (FS-ISAC) and the U.S. Treasury Department conducted cybersecurity simulation exercises, called the “Hamilton Series”, which proved how data breaches hurt customer confidence in the financial system.
Kshitija Agrawal