Active Shielding – SIFMA Quantum Dawn 2 After Action-Report

Share Your Thoughts: Facebooktwitterlinkedin

The Securities Industry and Financial Markets Association (SIFMA) has published the results of the Quantum Dawn 2 cybersecurity exercise in which over 500 individuals from more than 50 financial organizations took part.

Throughout 2013, a number of high profile media reports and conferences have called attention to the growing threat of cyber attacks against our country and especially our critical infrastructure. I attended one such DHS conference in July, at which time Mark Graff, Chief Information Security Officer at NASDAQ , stated: “Cyber risks should follow the example of the National Weather Service and CDC, with the associated sharing of intel to respond in real time milliseconds.”

QD2 ScenariosCyber attacks often have little forewarning and can happen rapidly or over a period of time, requiring the financial services sector (the “sector”) to be vigilant and ready to respond.

One of the most alarming trends is the increasing number of cyber-attacks on smaller financial institutions and businesses. These organizations typically don’t have the same resources or access to information that larger companies do. This makes them more vulnerable to a malicious attack that could disrupt capital markets and shake investor confidence in the financial system.

Hackers are also using individuals and smaller institutions as a gateway to infiltrate larger banking organizations. Everyone is a target.

On July 18, 2013, the financial services sector set out to exercise its capabilities to respond to a wide scale cyber-attack

The Quantum Dawn 2 cyber exercise (“QD2” or “exercise” or “simulation”), hosted by the Securities Industry and Financial Markets Association (“SIFMA”), represented the next step in the continuing effort by the sector to improve its ability to coordinate and respond to a systemic cyber attack.

QD2 was a six hour exercise simulating multiple trading days. Goals of the exercise, as defined by SIFMA, were as follows:

  1. Rehearse crisis management plans and mitigation strategies in response to cyber attack scenarios and exercise business continuity and information security practices as an industry.
  2. Exercise the market response committee’s decision making in the event of a cyber attack. Stress the market sufficiently to test when the decision to close would be made.
  3. Simulate the loss of critical infrastructure within the financial services industry. Reexamine a revised sector wide incident response flow (from QD1 after action report).
  4. Develop an understanding of the operational readiness of the industry to open and function after an attack.

Select key findings include:

  • A strong partnership between the industry and the government is essential to keeping our millions of clients safe. We need Congress to take action and pass cybersecurity legislation that makes it easier for the government to share information with the private sector, and vice versa.
  • The industry can take steps to institutionalize the steps taken when deciding to open or close the markets, as well as enhance our communications protocols in the event of a systemic cyber attack.


Share Your Thoughts: Facebooktwitterlinkedin