--- begin forwarded text
Date: Wed, 02 Jun 2004 17:17:48 -0400 From: Jim Salters <[EMAIL PROTECTED]> Subject: FSTC Call for Participation: Counter-Phishing Phase I To: [EMAIL PROTECTED] thread-index: AcRI5w3YXO0+/SUMRSeOkiOpFEA8WQ== List-Post: <mailto:[EMAIL PROTECTED]> List-Subscribe: <http://ls.fstc.org/subscribe>, <mailto:[EMAIL PROTECTED]> List-Archive: <http://ls.fstc.org/archives/members/> List-Help: <http://ls.fstc.org/elists/admin.shtml>, <mailto:[EMAIL PROTECTED]> List-Id: <members.ls.fstc.org> To: FSTC Members and Friends From: Jim Salters, Director of Tech Initiatives and Project Development We are pleased to issue this call for participation in FSTC's Counter-Phishing Phase I initiative. You can download the project prospectus at: http://fstc.org/projects/new.cfm#phishing . The cost to financial institutions for this 5-month project is $20,000, and technology companies $15,000. These project fees are tiered by the same percentage as FSTC's membership tiers (see below). Participation commitments are requested by June 18th. An informational conference call has been scheduled for: Wednesday June 9th, 2pm EDT 512-225-3050, 71782# __________________ Project Summary: FSTC proposes to launch a three-phase initiative to address the problem of phishing in financial services as it affects the relationship between customer and firm. In collaboration with other industry groups, FSTC will focus on defining the unique technical and operating requirements of financial institutions (FIs) for counter-phishing measures; investigating counter-phishing technical solutions, proving and piloting solution sets enabled by technology to determine their fit against FI criteria and requirements; and clarifying the infrastructure fit, requirements, and impact of these technologies when deployed in concert with customer education, enforcement and other industry initiatives. Phase 1 will last five months. Principal deliverables for Phase 1 comprise knowledge statements and options, recommendations, and plans for implementations, including: * A registry of current and known future phishing threat, vulnerabilities and attack models * A cost/impact framework for the assessment of counter-phishing options * A taxonomy of phishing * A comprehensive inventory of available solutions sets * The financial services operating criteria and technical requirements for counter-phishing solutions * A compendium of proposals to pilot, test and evaluate promising solutions, with implementation, test and resource plans * A test plan and evaluation criteria * An executive summary and recommendations for "quick hit" implementations, if any; new tools development; and design of dynamic technical monitoring and threat updating capability __________________ Project Fees: Financial Institutions: $20,000 Assets over $100 billion (including affiliates) $16,000 Assets from $50 to $99 billion (including affiliates) $12,000 Assets from $20 to $49 billion (including affiliates) $4,400 Assets under $19 billion (including affiliates) Technology Companies: $15,000 Revenue/funding over $100 million $12,000 Revenue/funding from $50 to $99 million $9,000 Revenue/funding from $20 to $49 million $3,300 Revenue/funding under $19 million ---------------------------------------------------------------- To subscribe or unsubscribe from this elist use the subscription manager: <http://ls.fstc.org/subscriber> --- end forwarded text -- ----------------- R. A. Hettinga <mailto: [EMAIL PROTECTED]> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]