FS-ISAC Conducts Ransomware Exercise with EMEA Banks to Improve Cyber Resilience

  • Infrastructure
  • 21.02.2019 09:23 am

The Financial Services Information Sharing and Analysis Center (FS-ISAC), a non-profit member-driven organisation that helps to assure the resilience and continuity of the global financial services sector, today announced that it has conducted its second EMEA cyberrange exercise in Zurich on 13 February.

The cyberrange exercise, hosted by UBS, follows FS-ISAC’s prediction that artificial intelligence will be increasingly used to create new ransomware that is able to evade detection and circumvent protections in 2019. FS-ISAC partnered with UBS, an institution known for its commitment to investing and allocating significant resources to protect its critical infrastructure and customers against cyberthreats.

The exercise convened CISOs, CIOs, Heads of Security and Security Analysts from 14 leading financial services and trade associations from across Europe to take part in a WannaCry-style attack on a simulated bank network. The exercise was also observed by several multinational retail and investment banks, asset and wealth management and financial services companies

“Having attended FS-ISAC’s previous cyberrange exercise, we were keen to host one at our offices in Zurich given the close alignment with our existing security efforts. We enjoyed working with representatives from other organisations and saw first-hand the impact that collaboration and information-sharing had on the participants’ decisions-making and response times,” said Carlo Hopstaken, Chief Information Security Officer and Head of Cyber Assurance Testing at UBS. “We look forward to strengthening the relationships that we developed during the exercise and we will encourage others in the industry to communicate with their peers more to improve the overall resilience of the financial services sector.”

The exercise tested how organisations can better understand and improve how they respond to, communicate, get assistance, and recover from real world cyberattacks, which infect their systems. Participants took part in an on-site technical and hands-on-keyboard experience that allowed them to collaborate and share information across with other teams and organisations, thereby enabling them to exchange best practices and raise their capability maturity levels.

“The EMEA exercise programme encourages members and interested parties to mitigate the risks posed by the ever-changing cyberthreat. Participation in the exercises contributes to improved response capabilities and acts as an effective stress test on organisations’ existing processes.” said Ray Irving, Managing Director, Global Business Services at FS-ISAC. “We are pleased that the second instalment of the exercise programme was met with such enthusiasm and we are committed to working with our existing members and the wider financial services industry to emphasise the value of sharing information and in regularly practicing defensive mechanisms.

Following the heightened engagement of the exercise, FS-ISAC will host the next cyberrange exercise, which will feature an updated version of the ransomware, in partnership with Santander in Spain in June 2019.

Related News