SIFMA, a trade association for broker-dealers, investment banks, and asset managers, completed its global, industrywide Quantum Dawn VI cybersecurity exercise on Nov. 18.
The goal of the Quantum Dawn VI exercise was to allow financial firms, central banks, regulatory authorities, trade associations, law enforcement, and information sharing organizations around the world to rehearse their response plans to ransomware attacks. It simulated an extreme disruption scenario with a significant global impact across the financial sector.
It featured over 900 participants from 240 public and private sector institutions, including financial firms, central banks, regulators, and law enforcement entities, across more than 20 countries worldwide. It was a “closed loop” simulation as no real-world systems were utilized or impacted.
“There is likely no greater threat to financial stability than a large-scale cyber incident. SIFMA’s Quantum Dawn VI simulated a ransomware event, which underscores this is something the industry must prepare for just as we do for other possible crisis events,” Kenneth Bentsen, Jr., SIFMA president and CEO, said. “SIFMA and its member firms are deeply committed to regularly testing and enhancing the financial services sector’s cybersecurity resiliency and working with government partners to protect the broader economy.”
The intent of the exercise was to assess public and private sector-wide communications and information sharing mechanisms, crisis management protocols, and decision-making. Further, it encompassed legal and regulatory considerations as exercise participants responded to and recovered from significant ransomware attacks targeting the financial sector.
“A clear takeaway from the exercise is the importance of a robust partnership between the industry and government grounded in information sharing. No single actor – not the government nor any individual firm – has the resources to protect markets from cyber threats on their own, nor do cyber incidents restrict themselves to one geographic region. That’s why the communication aspect was essential to the exercise’s success,” Bentsen added.
The exercise underscores the increasing frequency and sophistication of cyberattacks and the critical need to effectively allocate cybersecurity resources at financial institutions. The industry is a primary target as it faces tens of thousands of cyberattacks each day.
“Cybersecurity is truly an issue where the interests of the industry and public sector are fully aligned. SIFMA and our members are constantly working to improve cyber defenses, resiliency, and recovery through massive monetary investment in technology and personnel, regular training, industry exercises, and close coordination between the financial sector and the government, including our regulators. Best practices are developed and refined regarding penetration testing, insider threats, third-party risks, and secure data storage and recovery. Lessons learned from Quantum Dawn VI will help shape these initiatives as we constantly work to get better,” Bentsen said.
SIFMA will now produce a report with key observations and recommendations for enhancing the financial services sector’s ability to respond to a ransomware attack.