SIFMA’s Quantum Dawn VI – A Ransomware Exercise

SIFMA today hosted Quantum Dawn VI, the sixth exercise in our biennial series of cyber preparedness exercises. Cybersecurity is a top priority for SIFMA and its members and we’re constantly working to improve our protections and resiliency from cyber threats, and to coordinate with all other stakeholders to ensure industry-wide collaboration.

We know that effective cyber defenses are essential to protect customers’ information and assets, to ensure efficient, reliable execution, settlement, and payment of transactions, and are a foundational requirement for maintaining public trust and confidence in the resilience of the financial markets.

SIFMA member firms are deeply committed to improving our sector’s cybersecurity resiliency and working with government partners to protect the broader economy. In today’s interconnected and digital world, the securities industry is focused on protecting their clients, data, networks and operations from diverse cyber threats including theft, disruption and destruction.

Cyber-attacks did not stop for COVID, and in fact increased. From Wanna Cry to SolarWinds to increasingly bold ransom attacks, the threat remains high. The industry’s work over the last decade has evolved and grown, serving the industry well. But the threat remains. This is very important work, and that is why SIFMA and our members continue our decades-long program of robust cyber resiliency training, exercises and planning.

Since 2011, SIFMA has conducted a series of biennial industry-wide exercises covering physical, cyber, terrorism and natural disaster risks. The key objective for these exercises is to ensure financial firms, SIFMA and the U.S. Treasury crisis and incident management playbooks are synchronized to aid in rapid response and recovery efforts of the impacted institutions, third parties as well as the financial markets and its ecosystem.

Quantum Dawn VI was designed to allow financial firms, central banks, regulatory authorities, trade associations, law enforcement and information sharing organizations around the world rehearse response mechanisms, both internally and across the sector, against a broad range of ransomware attacks.

We chose the ransomware scenario because these kinds of attacks are something the industry must prepare for just as we do for other possible crisis events.

There was robust engagement in today’s exercise. Over 900 participants from 240 public and private sector institutions, including financial firms, central banks, regulators, and law enforcement entities, across more than 20 countries around the world participated.

The participating entities were SIFMA’s Global Directory Members which were brought together during QDV in November 2019, and the exercise also focused on helping us identify potential gaps in responses.

Cybersecurity is truly an issue where the interests of the industry and public sector are fully aligned. SIFMA and our members are constantly working to improve cyber defenses, resiliency and recovery through massive monetary investment in technology and personnel, regular training, industry exercises, and close coordination between the financial sector and the government, including our regulators.

Best practices are developed and refined regarding penetration testing, insider threats, third-party risks, and secure data storage and recovery. Lessons learned from Quantum Dawn VI will help shape these initiatives as we constantly work to get better.

As for next steps, SIFMA will now work with Protiviti to analyze participant feedback and produce a public after-action report with key observations and recommendations for enhancing the financial services sector’s ability to respond to a ransomware attack. Protiviti has been a great partner in helping us develop and execute this exercise and we appreciate their support.

We as an industry are constantly working to improve cyber defenses, resiliency and recovery through massive monetary investment in technology and personnel, regular training, best practices development, and industry tests, including annual business continuity and Reg SCI testing, and, of course, Quantum Dawn.

All of our preparedness work—including today’s exercise—continually underscores the fact that while the industry as a whole and individual firms have robust cyber defense and resiliency plans, no single actor – not the government, nor any individual firm – has the resources to protect markets from cyber threats on their own. There is no advantage to not sharing information on cyber issues.

SIFMA will continue our ongoing work with our member firms and industry partners to identify and share cybersecurity best practices and threats with industry participants, enhance our cyber defenses, promote industry resiliency initiatives, and respond to regulatory mandates.

For more information on today’s Quantum Dawn exercise, please see this Fact Sheet.

Kenneth E. Bentsen, Jr. is president and CEO of SIFMA, the voice of the nation’s securities industry. He is also chief executive officer of the Global Financial Markets Association (GFMA).