SIFMA’s cybersecurity exercise identifies key findings for financial sector and public partners to address crisis response protocols

New York, NY, June 28, 2018 – SIFMA today released the summary of key findings from its biennial Quantum Dawn cybersecurity exercise conducted over two days in November 2017 that brought together more than 50 financial and public-sector organizations and over 1,000 industry experts. Along with SIFMA, Deloitte Risk and Financial Advisory observed the simulation and prepared the After-Action Report with recommendations aimed to help the sector strengthen its readiness to defend critical financial services infrastructure from an array of cyberattacks and scenarios.

Among the recommendations made by Deloitte Risk and Financial Advisory included simplifying the complexity of sector response and coordination playbooks, and in coordination with public sector agencies, further define the roles and responsibilities of the public partners during a cyber event and ensure they are clearly understood and actively tested through cyber simulations and exercises.

Quantum Dawn IV participants, which included financial sector institutions and SIFMA, as well as law enforcement, government, and regulatory partners, use the exercises to strengthen the readiness of the financial services sector to respond to cyberattacks in a coordinated manner.

“On a daily basis, our industry and government partners are the target of cyberattacks that we must vigilantly counter in order to protect our nation’s financial system,” said Kenneth E. Bentsen, Jr., SIFMA president and CEO. “The Quantum Dawn series of exercises is one of the many ways in which SIFMA leads the industry in testing and evaluating institutional preparedness and protocols as well as cross-communication and coordination with government regulators and agencies.  This remains a top priority for us and our members.”

In a change from previous exercises, Day 1 of Quantum Dawn IV provided a real-life “hands-on-keyboard” exercise for participating institutions to test their technical cyber response capabilities. SIFMA, in collaboration with SimSpace Corporation and Norwich University Applied Research Institutes (NUARI), orchestrated a cyber range exercise in which a “red team” of adversaries attempted to infiltrate a specialized sandbox environment. Each participating institution’s “blue team” set up its defenses using the same security tools available on their production network to detect, block, and eradicate simple, low-level attacks as well as more sophisticated scenarios.

Day 2 involved participants engaging in a sector-wide simulation to test their crisis response, communication, and coordination capabilities that revolved around a simulated “bad day” on Wall Street in which a large-scale targeted cyberattack is made against numerous financial institutions and news organizations, with rolling impacts for the sector, markets, and customers.

“The Quantum Dawn IV cybersecurity incident simulation exercises challenged institutions’ cyber incident response capabilities and the coordination of resources across jurisdictions, presenting a major opportunity for public and private sector institutions to collaborate to protect our financial services sector,” said Ed Powers, Deloitte Risk and Financial Advisory principal and U.S. leader for Cyber Risk Services, Deloitte & Touche LLP. “Shifting the focus away from just securing and monitoring environments, to actually knowing how to respond to a cyberattack, is how financial institutions can keep ahead of the curve.”

Deloitte Risk and Financial Advisory observed the simulation and worked with SIFMA to prepare the After-Action report that focuses on specific cyber response areas (e.g., communication and escalation, decision-making, government interactions, financial sector process implications) and provided high-level observations that the sector should pursue to improve coordinated responses.  It is available at the following link: https://www.sifma.org/resources/general/quantum-dawn-iv-after-action-report/

Other Resources:

Fact Sheet: Quantum Dawn IV (November 2017)

SIFMA Statement on Completion of Quantum Dawn IV Cybersecurity Exercise (November 9, 2017)

-30-

SIFMA is the voice of the U.S. securities industry. We represent the broker-dealers, banks and asset managers whose nearly 1 million employees provide access to the capital markets, raising over $2.5 trillion for businesses and municipalities in the U.S., serving clients with over $18.5 trillion in assets and managing more than $67 trillion in assets for individual and institutional clients including mutual funds and retirement plans. SIFMA, with offices in New York and Washington, D.C., is the U.S. regional member of the Global Financial Markets Association (GFMA). For more information, visit http://www.sifma.org.

About Deloitte

Deloitte provides industry-leading audit, consulting, tax and advisory services to many of the world’s most admired brands, including more than 85 percent of the Fortune 500 and more than 6,000 private and middle market companies. Our people work across more than 20 industry sectors to make an impact that matters — delivering measurable and lasting results that help reinforce public trust in our capital markets, inspire clients to see challenges as opportunities to transform and thrive, and help lead the way toward a stronger economy and a healthy society. Deloitte is proud to be part of the largest global professional services network serving our clients in the markets that are most important to them.

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as “Deloitte Global”) does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the “Deloitte” name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms.