SIFMA Statement on Completion of Quantum Dawn IV Cybersecurity Exercise

New York, NY, November 9, 2017 – SIFMA today released the following statement from Kenneth E. Bentsen, Jr., SIFMA president and CEO, upon completion of SIFMA’s November 7-8 industry-wide Quantum Dawn IV cybersecurity exercise. Over 900 participants from over 50 financial institutions, government agencies and regulators participated in this simulation of a large-scale cyberattack on the financial markets. A fact sheet with details on Quantum Dawn IV is available here.

“SIFMA and its member firms are deeply committed to improving the financial services sector’s cybersecurity resiliency and working with government partners to protect the broader economy.  There is likely no greater threat to financial stability than a large-scale cyber event, which SIFMA considers a low-probability, high-impact event that the industry must prepare for along with other possible crisis events.

“Quantum Dawn IV enabled financial institutions, coordination entities such as the Financial Services Information Sharing and Analysis Center (FS-ISAC), key government agencies and other industry partners to practice communication and response processes to maintain smooth financial market operations in the event of a sector-wide attack.

“The exercise was carried out with robust participation from over 900 individuals at over 50 entities of all sizes across the financial sector and government. A clear takeaway from the exercise is the importance of a robust partnership between the industry and government grounded in information sharing. No single actor – not the federal government, nor any individual firm – has the resources to protect markets from cyber threats on their own.

“Over the next several weeks, we will work with Deloitte Risk and Financial Advisory Cyber Risk Services to analyze participant feedback and produce a public after-action report with key observations and recommendations for enhancing the financial services sector’s ability to respond to a systemic cyber event.

“SIFMA also notes that the exercise underscores the increasing frequency and sophistication of cyberattacks, and the critical need for an effective allocation of cybersecurity resources at financial institutions. The financial services industry is a top target, facing tens of thousands of cyberattacks each day.  Enhanced harmonization of regulatory standards and supervision, to reduce the amount of duplicative or redundant rules, would help enable firms to devote more resources to security and better protect investors.

“Cybersecurity is truly an issue where the interests of the industry and public sector are fully aligned. SIFMA and our members are constantly working to improve cyber defenses, resiliency and recovery through massive monetary investment in technology and personnel, regular training, industry exercises, and close coordination between the financial sector and the government, including our regulators. Best practices are developed and refined regarding penetration testing, insider threats, third-party risks, and secure data storage and recovery. Lessons learned from Quantum Dawn IV will help shape these initiatives as we constantly work to get better.”

-30-

SIFMA is the voice of the U.S. securities industry. We represent the broker-dealers, banks and asset managers whose nearly 1 million employees provide access to the capital markets, raising over $2.5 trillion for businesses and municipalities in the U.S., serving clients with over $18.5 trillion in assets and managing more than $67 trillion in assets for individual and institutional clients including mutual funds and retirement plans. SIFMA, with offices in New York and Washington, D.C., is the U.S. regional member of the Global Financial Markets Association (GFMA). For more information, visit http://www.sifma.org.