Industry-Leading Cybersecurity Resources

October is Cybersecurity Awareness Month.  This important initiative, which is in its 19th year, is a collaboration between government and private industry to raise awareness about digital security and empower everyone to protect their personal data from digital forms of crime.

SIFMA and its members remain diligent and focused on cybersecurity efforts to protect clients, data, networks and operations from diverse cyber threats including theft, disruption and destruction.  We agree that the most effective way to approach cyber preparedness is in partnerships.  That is why all our efforts include close coordination across the financial services industry and with government, regulators, third parties and law enforcement agencies, to protect our clients and financial services infrastructure, improve data sharing between public and private entities and safeguard customer information.

Building a Culture of Cyber Awareness

Cybersecurity is a top priority for our members. SIFMA offers several resources the industry can leverage in its own work on cyber initiatives. These include:

Cross-Sector Coordination to Enhance Response & Recovery

As a critical sector as defined by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the industry’s investment in cyber resiliency has been ongoing for more than a decade and is part of our daily business continuity practices. The industry routinely engages in a broad array of testing to maintain and enhance defense, resiliency and recovery both at the enterprise and industry-wide levels. These efforts range from technical defense to industry and official sector communication and collaboration.

Since 2011, SIFMA has conducted a series of bi-annual industry-wide Quantum Dawn exercises covering physical, cyber, terrorism and natural disaster risks to synchronize response and recovery playbooks across financial firms, SIFMA and U.S. Treasury.  In November 2019, SIFMA conducted its first global cyber exercise, Quantum Dawn V, with 150 entities across 19 countries. The goal was to implement a network of contacts for information sharing, and response and recovery. This resulted in the creation of SIFMA’s Global Directory, which includes over 250 crisis management contacts across the public and private sectors who can respond to a global event. The Directory was leveraged as part of the Quantum Dawn VI exercise in 2021, which focused on ransomware risks and recovery plans.

SIFMA facilitates the annual industry backup and Reg SCI test, which requires that each SCI entity designate members and participants that meet certain criteria like market share to take part in an annual business continuity and disaster recovery test. Reg SCI entities complete their testing requirements in parallel with the SIFMA industry backup test, which we’ve been organizing for well over a dozen years. It is an efficient way to meet testing requirements across firms.

Best Practices for Insider Threats

SIFMA, leveraging the most effective guidance from both the private and public sector, provides a comprehensive set of best practices to inform firms of the insider threats they face and a framework to establish a prevention-focused insider threat risk mitigation program.  Our Insider Threats Best Practices Guide is a resource to assist financial firms in developing effective insider threat programs by identifying and discussing best practices, to act as a reference for regulators to better understand the insider threat at financial institutions, and to help financial firms measure their insider threat program’s effectiveness.

September is National Insider Threat Awareness Month, an initiative launched in 2019 to increase awareness about the risks posed by insider threats and the crucial role of insider threat programs, SIFMA recognizes this initiative as an opportunity – together with ongoing financial services industry efforts – to share the latest information, including best practices and resources, to help firms as they continue to measure and enhance the effectiveness of their insider threat programs.  For more information please see our recent blog post, Insider Threat: Not Just a Technology Issue.

Industry-Led Data Protection Collaboration

Cyber incidents such as SolarWinds highlight the need for greater collaboration between industry, regulators, and government agencies to ensure transparency and timely disclosure of data breaches in the private and public sector. The goal is to improve the protection of sensitive financial and regulatory data held by industry participants or the government. In light of concerns raised by SIFMA, a joint Financial Services Sector Coordinating Council (FSSCC) and Financial and Banking Information Infrastructure Committee (FBIIC) Working Group was formed to focus on this issue working with the U.S. Department of the Treasury to develop joint solutions.

Partners in Penetration Testing

Since 2017, SIFMA has been leading a global effort to work with financial firms and regulators around the world on a collaborative approach to penetration testing a firm’s cybersecurity defenses and identifying vulnerabilities. In 2020, SIFMA provided key input,  along with our sister trades AFME and ASIFMA and our global affiliate, GFMA, as it developed guidance on principles and best practices for financial firms and regulators to follow to conduct effective testing to satisfy both supervisory and firm originated requirements.

This is just a snapshot of SIFMA’s industry-leading cybersecurity initiatives. We continue to work with our members as well as with regulators and policymakers to encourage them to continue to collaborate with the industry on best practices to collectively improve our defense, resiliency and recovery efforts.

By working together, we can continue to build a stronger and more integrated network of cyber protections that maintain public trust and confidence in our financial markets, while bringing greater privacy and data protections to our increasingly interconnected and digital world.

Tom Price is a managing director and head of technology, operations and business continuity for SIFMA.