Dr. Schutzer focused his remarks on the threats to and current operating environment of the financial services industry. Of all the daily financial transactions in the United States, only about 5 percent can be termed on-line, but by the year 2000 that figure could reach 15 percent. On-line brokerage transactions may be as high as 25 percent but the bulk of financial transactions today are still face to face and paper based, approximately 80 percent of 350 billion transactions a day. Approximately 15 percent of all transactions represent paper checks, and 5 percent are credit card and other on-line transactions.

The advantage of using the Internet and on-line capabilities is that they are global and can reach anybody with appropriate access equipment. The Internet's disadvantage is that it is a very attractive target because it is widely distributed. Loss of privacy and identity theft also are serious issues today. Much work in the financial services industry is done remotely, so it has large problems in terms of authentication.

Another key point raised by Dr. Schutzer was that financial institutions are service providers that do not really control their environment. Their users, whether they are companies or individuals, select the access devices of their choice. These access devices are general purpose (and include personal computers, workstations, telephones, hand held devices, and television sets.). This technology is open and widely known and is available over public networks. The problems that are paramount here are loss of privacy, fraud, and identity takeover. Attacking the system by flooding communications lines and thus denying customer service is an additional concern. This is rapidly becoming a global concern because temporary cash-flow imbalances can cause businesses to fail.

Dr. Schutzer also discussed security and the integrity of transactions. As money is spent on security, performance slows and inconvenience rises for customers. Customers are less likely to accept this situation. This is critically important because ''point-of-sale'' cryptography is not yet available, and although financial institutions will not pay for such security now, they will make up for it in processing costs. The financial services industry will not provide as much security on the retail side as it will in other areas. In this way the losses can be absorbed rather easily at present.

The financial services industry is concerned about making sure services are up and available at all times. There are some backup facilities and alternate sites. Multiple alternate sites located both in the United States and in other countries are a part of the industry's security strategy. This includes backup power and alternate providers and routes. The industry does not make widespread use of UGFs, except for the storage of documents and tapes. Instead, it worries substantially about the activities of insiders and emphasizes intrusion detectors and anomaly detection among the tools for identifying attacks and

Front Matter (R1-R6)

Introduction (1-4)

Welcoming Address (5-6)

Findings of the President (7-11)

Key Issues in Going Underground (12-12)

Infrastructure Protection in the United States: A Norwegian Perspective (13-14)

Panel Discussions, Panel 1: Infrastructure Protection Issues (15-23)

Panel 2: Needs and Requirements of the Infrastructure Community (24-29)

Panel 3: Experience with Underground Facilities: Capabilities, Limitations, and Applications (30-37)

Panel 4: Factors Influencing the Decision-Making Process (38-44)

Breakout Sessions (45-47)

Closing Remarks (48-49)

Appendix A: Speaker Biographies (50-58)

Appendix B: Workshop Agenda (59-61)

Appendix C: Workshop Participants (62-63)