<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=6226337&amp;fmt=gif">

FS-ISAC | Resilience

Collaborating to Ensure the Global Financial System Stays Operational

True Resilience Means Being Prepared for Whatever Comes

Through exercises, firms build the muscle memory required for strong incident response. In 2023, FS-ISAC significantly expanded its breadth and scope of exercise offerings, from enabling more than 10,000 cyber practitioners to practice responding to real-world scenarios to multi-sector crisis response coordination.

The key components of our resilience program

Upcoming Exercises

FS-ISAC offers a wide variety of exercises for individual firms; for the sector at national and regional levels; as well as through public-private and cross-sector relationships around the world.

Learn. Connect. Collaborate.

18 October 2024 - 28 March 2025
Virtual | Materials Only

CAPS Postseason | Banking

____________

Discussion-based exercise in which organizations walk through a real-world scenario in their own time

18 October 2024 - 28 March 2025
Virtual | Materials Only

CAPS Postseason | Insurance

____________

Discussion-based exercise in which organizations walk through a real-world scenario in their own time

18 October 2024 - 28 March 2025
Virtual | Materials Only

CAPS Postseason | Securities & Investments

____________

Discussion-based exercise in which organizations walk through a real-world scenario in their own time

Our Exercises

Our exercise scenarios are based on the sector’s latest threat intelligence and are customized to a range of sector verticals as well as technical expertise. From hands-on-keyboard technical exercises to strategic level tabletops, our exercises help members upskill their teams, benchmark against peers, and understand how the sector is working to constantly evolve its resilience through cross-sector and public-private exercises around the world.

Exercises are open to members only

Talk to our exercises team

Learn More About our Exercises

1

CAPS

Exercise-in-a-box customized for banking, insurance, and securities to run on their own time

CAPS is a discussion-based exercise in which organizations walk through a real-world scenario in their own time and respond to a series of questions on how they would respond.  The goal of CAPS is to help organizations to create stronger cross-functional relationships, improve incident response plans, and gain a clearer understanding of system vulnerabilities. 

The CAPS exercise challenges incident response teams to overcome a simulated attack against a fictional financial services organization. Participants practice mobilizing quickly, working under pressure and recognizing critical intelligence to defend against an attack. 

  • Participate from your premises or remotely via computer sharing using virtual, confidential exercise materials
  • Teams spend three to six hours on the two-part scenario
  • Receive unattributed peer data to compare your response to other organizations 

CAPS is available to all members, with three separate versions for Banking, Insurance, and Securities & Investments. Members in all Tiers receive CAPS as part of annual membership fees.

Banking FAQ

Insurance FAQ

Securities & Investments FAQ

Contact us

2

Cyber Range

Hands-on keyboard simulation, real-world experience

As new cyber challenges emerge, it is critical for security teams to get hands-on practice at cyber defense. Our cyber range program, powered by ImmersiveLabs, helps members get real-world experience in responding to new cyber threats while benefiting from the knowledge of industry peers in a secure and trusted environment. 

Exercises are structured to provide participants with: 

  • Defensive tools for attack analysis
  • Network defense techniques
  • Proven playbooks and checklists to integrate into incident response plans
     

Register via Intel X

To register: 

1. Login via Intelligence Exchange 

2. Select the Member Services icon 

3. Select the Event/Training tab 

4. Select the desired exercise 

Register via Intel X


If you are a member and do not have an Intelligence Exchange account, please contact FS-ISAC Admin.

3

Functional

Act out response processes, assess interactions

As part of its continuing support of the sector’s broad preparedness and operational resilience efforts, FS-ISAC’s Steel Resolve exercise provides an environment for participants to act out their policies and procedures in real-time in response to a large-scale attack on a global financial institution. 

Steel Resolve is a significant step in the sector’s ability to observe and assess incident response capabilities at the firm level, the interaction between firms, and the public-private partnership activities. 

Through this exercise we identify opportunities to improve information sharing and sector coordination across FS-ISAC committees. These recommendations get incorporated into FS-ISAC’s playbook to improve its ability to support the incident management process. 

4

Tabletop

Strategic discussions on a wide range of scenarios

FS-ISAC Tabletop Exercises 

FinCyber Today UK: Focused on improving operational resilience in the EMEA region by exploring a significant disruption to the operational capability of a section of the financial sector. 

Post-Quantum Computing: Focused on developing incident response strategies for post-quantum computing and its implementation throughout the financial sector. 

Sheltered Harbor: Tests current Sheltered Harbor incident response frameworks and advances ongoing collaboration for future improvement to policies and procedures. 

MRT & Communications: Tests the current response framework of FS-ISAC’s Media Response Team during an incident and focuses on improving communications outcomes.        


Hamilton Tabletop Exercises* 

FS-ISAC partners with the Financial Services Sector Coordinating Council (FSSCC), US Treasury Department and other US government agencies including law enforcement to develop these one-day exercises aimed at improving the cyber threat response within the US financial sector. 

Simulations mimic a variety of attacks. Participants include members of both the public and private sectors, so that results can be formed into improved public/private coordination strategies. 

Insider Threat: Tests organizational and sector response frameworks to an insider threat in order to understand and improve current policies and procedures. 

Incident Comms & Messaging: Advances public-private strategic communications and messaging and ongoing collaboration with public affairs offices to continuously improve tailored messaging in response to an incident. 

*Hamilton exercises are specific to US-based financial institutions 
 

5

Cross-Sector

International in scope, collaborative in practice

Tri-Sector: Tests the Tri-Sector Playbook created with the energy and telecommunications sectors to unearth potential improvements to the framework. 

Locked Shields: An international, operations-based exercise organized by NATO’s CCDCOE, enabling cybersecurity experts to enhance their skills in defending national IT systems and critical infrastructure under real-time attacks, as well as testing strategic level response. See more here

CyberStorm: An operations-based exercise hosted by the US CISA, designed to bring together the public and private sectors to simulate discovery of and response to a significant cyber incident impacting the United States’ critical infrastructure. 

National Level Exercise: Run by the US’ FEMA, NLEs provide the opportunity for all levels of government, the private sector, nongovernmental organizations, and community groups to test operational capabilities, evaluate policies and plans, familiarize personnel with roles and responsibilities, and foster meaningful interaction and communication across the country. 

GridEx: A biennial exercise hosted by North American Electric Reliability Corporation’s (NERC) E-ISAC, GridEx gives E-ISAC member and partner organizations a forum to practice response to and recovery from coordinated cyber and physical security threats and incidents. 

 

FS-ISAC Learn

For our Tier 5-8 members, FS-ISAC’s Learn offers tailored learning opportunities for financial services staff at every level. Over 2000 online courses meet associates where they are to sharpen their cyber defense skills, elevate their cyber resilience practices, and reduce their institutions’ cybersecurity risk. 

 

Find out more about Learn

In our Community’s
Words

Tier 5 EMEA Central Bank

 Interesting as ever to see where other jurisdictions are on some of these issues.”

Anonymous Participant Survey

 As an employee that leads our cyber exercising, I found it extremely valuable to witness an operations-based test as we want to continue our exposure to this style of testing internally and externally.”

Anonymous Participant Survey

 Being the bank's IT officer, I struggle to keep up with testing and most of the time lack the ability to come up with good scenarios. I registered for this exercise thinking, why not, could be beneficial? Holy Cow, I loved it!”

Tier 5 EMEA Central Bank

 Interesting as ever to see where other jurisdictions are on some of these issues.”

Anonymous Participant Survey

 As an employee that leads our cyber exercising, I found it extremely valuable to witness an operations-based test as we want to continue our exposure to this style of testing internally and externally.”

Anonymous Participant Survey

 Being the bank's IT officer, I struggle to keep up with testing and most of the time lack the ability to come up with good scenarios. I registered for this exercise thinking, why not, could be beneficial? Holy Cow, I loved it!”

Resilience Content

[Risk.net] Let’s Grow the Third-Party Risk Playbook – CME Security Chief

[UK Finance] Financial Sector Preparations for Malicious AI use

[UK Finance] Financial Sector Preparations for Malicious AI use

[UK Finance] Financial Sector Preparations for Malicious AI use

[CSO Online] Cyber Resilience: A Business Imperative CISOs Must get Right

[CSO Online] Cyber Resilience: A Business Imperative CISOs Must get Right

[CSO Online] Cyber Resilience: A Business Imperative CISOs Must get Right

[POLITICO Weekly Cybersecurity] The Red Flags Over South Korean Voting Tech

FS-ISAC Represents Global Financial Sector in Cyber Defense Exercise Locked Shields

[Banking Risk & Regulation] Does Your Bank Have a Robust Independent Cyber Security Risk Team?

[Banking Risk & Regulation] Does Your Bank Have a Robust Independent Cyber Security Risk Team?

[TNBT] APAC's Digital Boom: Why Cyber Resilience is the New Security Imperative for Financial Services

[TNBT] APAC's Digital Boom: Why Cyber Resilience is the New Security Imperative for Financial Services

[Banking Risk & Regulation] Banks ‘Woefully Underprepared’ for AI Cyber Attacks

[Banking Risk & Regulation] Banks ‘Woefully Underprepared’ for AI Cyber Attacks

[ABA Risk and Compliance] Gather around the table

[ABA Risk and Compliance] Gather around the table

[iTWire] Adapting to the Quantum Shift: Cultivating Business Resilience

[CSO Online] Proactive, not Reactive: The Path to Ensuring Operational Resilience in Cybersecurity

[CSO Online] Proactive, not Reactive: The Path to Ensuring Operational Resilience in Cybersecurity

[Dark Reading] Software Complexity Bedevils Mainframe Security

FS-ISAC Recognizes Global Leaders Safeguarding the Financial Sector Through Outstanding Cyber Intelligence Sharing

Peer-Benchmarked Threat Resilience Metrics

 

Interested in Learning More About our Exercises?

Please fill out the form
and we will be in touch.