SIFMA tests firms to see if they can withstand a cyber attack
Brokers and firms found out if they were well prepared against a cyber security attack in early November 2019.
The Securities and Financial Markets Association (SIFMA) tested hundreds of people in the securities industry on November 7, 2019 with its Quantum Dawn V test. The test is a simulated cyberattack and tests how well firms react to one.
The test included more than 600 people from more than 180 financial institutions and government agencies in the U.S., Australia, Canada, Europe, Hon Kong, India, Malaysia, Japan and Singapore, according to SIFMA.
“A clear takeaway from the exercise is the importance of a robust partnership between the industry and government grounded in information sharing,” SIFMA said on its website. “No single actor – not the government, nor any individual firm – has the resources to protect markets from cyber threats on their own, nor do cyber incidents restrict themselves to one geographic location. That’s why the communication aspect was essential to the exercise’s success.”
The test scenario involved ransomware, a type of software that locks people out of computers until a ransom is paid. CNBC reports the ransomware WannaCry and NotPetya caused significant damage to major corporations in 2017.
The test was on a “closed loop” and did not have any real world consequences.
According to CNBC, the test involved an unnamed U.S. company deemed “too big to fail” being attacked by ransomware. Thomas Price, managing director at SIFMA, told CNBC the scenario included discussion on how the public should be told about the event and how the financial industry would respond to the attack. The scenario included similar companies in Asia and the United Kingdom.
The simulation ended with the ransomware hitting a U.S. organization that facilitates settlement activity. Price told the outlet participants focused on internal communications between executives and employees and external communications with clients.
“SIFMA also notes that the exercise underscores the increasing frequency and sophistication of cyberattacks, and the critical need for an effective allocation of cybersecurity resources at financial institutions,” the agency said. “The financial services industry is a top target, facing tens of thousands of cyber attacks each day. Enhanced harmonization of regulatory standards and supervision, to reduce the amount of duplicative or redundant rules, would help enable firms to devote more resources to security and better protect investors.”
The Spencer Law Firm’s attorneys assist in securities related proceedings such as FINRA and SEC enforcement proceedings, arbitration and general regulatory actions. The Spencer Law Firm assists individual investors and those who have securities claims brought against them by investors, FINRA or the SEC in litigation. If you have any questions regarding securities matters, please feel free to call Bonnie Spencer at the Spencer Law Firm at (888)237-459 to see what we can do for you. You can also visit us at Spencer-Law.com or at our office at 4635 Southwest Freeway, Suite 900, Houston, Texas, 77027.