The nation's biggest banks are steeling
themselves for a simulated cyberattack that organizers say will feel
like the real thing.
The drill, dubbed Quantum Dawn 2, is expected
to mimic a coordinated, large-scale assault on the financial industry's
online sites and information systems, according to the Securities
Industry and Financial Markets Association, or SIFMA, which is leading
the exercise.
Many of the nation's biggest banks, including
JPMorgan Chase (JPM), Wells Fargo (WFC), Bank of New York Mellon (BK)
and U.S. Bancorp (USB), are expected to participate in the simulation,
which is open to companies of all sizes regardless whether they belong
to SIFMA. Officials from the Department of Homeland Security, Treasury,
the Federal Reserve and the Securities and Exchange Commission also are
expected to participate.
In all, more than 50 banks, exchanges and
coordinating councils are expected to take part in the simulation,
which will test participants' ability to coordinate internally and with
one another, as well as the resiliency of their processes.
The simulation follows a series of cyberattacks between September and May that slowed online sites at some of the nation's biggest banks. It also follows a series of reports since February that charge China with using hackers to steal secrets from U.S. companies, including financial firms.
"We're
going to test how we respond, where we share information well and where
we have good situational awareness," says Karl Schimmeck, a former
Marine who oversees financial services operations for SIFMA. "The whole
goal is to understand the scenario, the effects and the response
process."
The drill also aims to test decision-making with limited
information in real time, adds Schimmeck, who previously supervised
operational and financial risk in the derivatives trading unit at
Goldman Sachs (GS).
Quantum Dawn 2 is slated to run for five and a
half hours starting at 9:00 a.m. Eastern on June 28, although SIFMA
officials said Tuesday they anticipate rescheduling the exercise to
accommodate demand from participants who would like to open it to as
many companies as possible, including banks of varying sizes. Companies
taking part in the exercise pay a fee of $1,000, $5,000 or $10,000,
depending on revenue, to cover the cost of staging the simulation.
As
the name implies, Quantum Dawn 2 aims to build on a six-hour simulation
the Financial Services Sector Coordinating Council staged nearly three
years ago, Quantum Dawn. That drill was held on Nov. 18, 2011, the same
day that "Breaking Dawn — Part 1," the first installment of the
"Twilight" saga, debuted in theaters.
Roughly 30 companies
participated in Quantum Dawn, which presupposed a combination of
physical attacks, a terrorist bombing, and a cyberattack on Wall Street
that halted trading, rearranged orders and perverted stock prices.
Participants proved able to share information but struggled collectively
to decide critical questions in real time, according to findings
published last year by SIFMA.
Conclusions from the drill included a
need to improve the industry's ability to accelerate decision-making,
especially when presented with incomplete information in situations that
threaten public confidence in markets. The participants also resolved
to stage more sessions to practice managing cyber incidents with one
another.
Unlike Quantum Dawn, which massed participants around a
conference table, Quantum Dawn 2 will post participants at their own
offices, where they will participate via email, telephones and other
communications channels. "That should provide a little more realism and a
little more friction," says Schimmeck. "It's harder to get hold of a
person when you're on the phone than when you're sitting across from
them at a table."
«
1 | 2 »
No comments:
Post a Comment