Quantum Dawn 2: Where To Improve
The financial services industry can improve on sector-wide incident command structure and processes, systemic risk assessment and decision process, and communication and information sharing, according to a report by Deloitte & Touche after observing the mock cyber attack called Quantum Dawn 2, organized by Securities Industry and Financial Markets Association (SIFMA) in July.
In order to identify and prevent simulated cyber attacks, J.P. Morgan, Bank of America, NYSE Euronext and various federal agencies, such as the Federal Bureau of Investigation, collaborated on the simulated attack.
“Quantum Dawn 2 demonstrated the industry’s resiliency when faces with serious cyber attacks that aimed to steal money, crash systems and disrupt equity market trading,” says Judd Gregg, SIFMA’s CEO. “We hope this exercise will encourage Congress to pass legislation that promotes this sharing and other activities that will help out country more effectively mitigate cyber threats on the financial system.”
Our Thinking: Cyber Exercise Participant Training
This course is designed to prepare you to be an effective participant in a cyber exercise. The course is based on a few assumptions. One, that you have some experience with disaster response exercises, though not specifically cyber; two, that you may be called upon to participate in a cyber exercise in the near future; and three, that you will get more out of the exercise if you have an understanding of what goes into the planning, development, execution and analysis specific to a cyber exercise.
Imagine that you’ve been invited to review a fancy new restaurant. As a guest, you’ll be participating in a dinner party and offering your feedback. Before that, however, you’ll be given an extensive tour of the kitchen to more fully appreciate the meal. You’ll see what goes into every aspect of the occasion. You won’t be making sauces or seasoning soups, but you’ll see how it’s done.
Likewise, this course offers a cook’s tour of the cyber exercise planning process, showing you what is involved in each phase of design, development, execution and analysis. We hope this behind-the-scenes view will help you understand the unique challenges that confront scenario developers, planners, moderators and facilitators and make your participation in a cyber exercise more meaningful.
In a Nutshell
This course is based on six principles, divided into two categories.
Cyber differs from other hazards in four ways:
- Command and Control
- CIKR Interdependencies
- Force Multiplier
Cyber exercises typically reveal two shortfalls:
- Information Sharing
- Awareness of Interdependencies
Course is online and free. No prerequisites. Open enrollment. Earn Certificate of Completion in less than two hours.