Here are resources for the financial industry to address critical cyber threats and improve the industry’s overall cybersecurity. Many resources leverage industry best practices and the volunteer efforts of SIFMA member firms to help all firms to increase their cybersecurity.

Learn more about SIFMA’s efforts around cybersecurity, including the Principles for Effective Cybersecurity Regulatory Guidance, here.

International Cybersecurity, Data and Technology Principles 

GFMA (SIFMA’s global affiliate), the European Banking Federation (EBF), and International Swaps and Derivatives Association (ISDA) published a paper that offers the groups’ thoughts on foundational principles for the formation of effective policy on cybersecurity, data and technology.

Guidance for Small Firms

This program is intended to provide small firms with actionable cybersecurity guidance that is risk-based, threat-informed and supportive of their overall business model.

Best Practices for Insider Threats

SIFMA, leveraging the most effective guidance from both the private and public sector, has created a comprehensive set of best practices guide to inform firms of insider threats they face and provide a framework to create an effective insider threat mitigation program.

Sheltered Harbor

Sheltered Harbor is an initiative by the U.S. financial services sector to enhance customer data protection and ensure swift restoration of customer accounts in the event of a major cyber-attack.

Cyber Insurance Program

SIFMA is pleased to offer our members a best-in-class cyber and privacy insurance policy, provided through DeWitt Stern underwritten by ACE Group.

Third Party Risk Management

The use of service providers to perform key operational functions presents various challenges and risks to financial institutions if not managed properly. This resource provides tools and guidance firms can leverage to improve their 3rd party risk management programs.

Quantum Dawn Exercises

SIFMA has organized the Quantum Dawn exercise series to enable both individual firms and the sector as a whole to test their response plans in the event of a systemic attack.

Cyber and Operational Resilience Table Top Exercises

Exercises designed for a firm to apply their cyber incident response plan to a set of detailed incidents scenarios that allow a cross functional team of key decision makers to navigate the impacts in an interactive setting while trying to maintain their firm’s operations.

Government Agencies

Useful Links