Cybersecurity is a top priority in the financial industry to ensure the security of customer assets and information and the efficient, reliable execution of transactions within markets.

The financial industry is committed to furthering the development of industry-wide cybersecurity initiatives that protect our clients and critical business infrastructure, improve data sharing between public and private entities and safeguard customer information.

SIFMA is working with our members on a variety of cybersecurity initiatives including:

• Promoting enhanced regulatory harmonization to encourage a more effective allocation of cyber resources;
• Promoting a robust industry-government partnership grounded in information sharing;
• Conducting exercises and industry tests designed to improve protocols for incident preparedness, response and recovery;
• Leveraging lessons learned to refine industry best practices, including for managing insider threats, third party risk, penetration testing and data security, including secure data storage and recovery.

Cybersecurity Framework

An effective and efficient cybersecurity policy is achieved most easily through harmonized, risk-based global standards that leverage extensive investments already made. The NIST Cybersecurity Framework represents a potential global standard.

Cybersecurity Exercises

Quantum Dawn is a series of cybersecurity exercises that enable financial institutions and the sector, as a whole, to practice and improve coordination with key industry and government partners in order to maintain financial markets operations in the event of a systemic cyber-attack. On November 18, SIFMA coordinated the global industry-wide Quantum Dawn VI cybersecurity exercise.

Cybersecurity Resources

SIFMA is actively engaged in coordinating the effort to support a safe, secure information infrastructure, with cybersecurity resources that provide security of customer information and efficient, reliable execution of transactions. We continually work with industry and government leaders to identify and communicate cybersecurity best practices for firms of all sizes and capabilities and educate the industry on evolving threats and appropriate responses.

Industry-Wide Business Continuity Test

On October 23, 2021, SIFMA announced the successful completion of the annual Industry-Wide Business Continuity Test. This critical exercise for financial operations professionals demonstrates our industry’s ability to operate through a significant emergency using backup sites, recovery facilities and backup communications capabilities across the industry. The next exercise will be held in October 2022.

Global Initiatives

In addition, we collaborate with the Global Financial Markets Association (GFMA) on operations issues of global concern within the regulatory environment including the Framework for the Regulatory Use of Penetration Testing in the Financial Services Industry, which was updated in December 2020.