When was the last time your incident response team practiced its response to a cyberattack?
If it’s been awhile, you may want to look into the Cyber-Attack Against Payment Systems (CAPS) exercises hosted by Financial Services Information Sharing and Analysis Center (FS-ISAC) this fall. This two-day, confidential tabletop exercise simulates an attack on payment systems and processes, giving your institution the opportunity to test your incidence response plan and improve on weaknesses.
Best of all, it’s free and conducted online at your own institution.
How does it work?
A pre-exercise guide will help you ensure you have everyone on your incident response team available to address the scenario and discuss answers. According to the CAPS FAQ, the team may include IT, risk management, payment operations, customer service, communications, legal, business unit managers, third-party support and/or key executives.
Early each day, your institution will receive the day’s exercise and a confidential survey to complete at your convenience during the day. It typically takes about two hours. The data collected is anonymous and is used by FS-ISAC to determine trends and best practices. It will be made available to you afterwards.
The exercise can be completed either October 9-10 or October 16-17.
Why test your incident response plan this way?
Normally, I warn that you get what you pay for, but this is an exception. The FS-ISAC is an amazing resource for tracking and understanding cyber threats. Its CAPS exercises will challenge your incident response team with a real-world cyberattack. You’ll uncover how well your institution is prepared to quickly assess information and defend itself from a cyberattack. You’ll also see how well your team gels, what needs to be done to improve, and how your response compares to that of your peers.
- Assessing the nature and scope of an incident to identify what systems and data have been accessed.
- Identifying the steps needed to contain and control the incident while preserving evidence.
- Notifying regulators, law enforcement or customers if sensitive customer information is accessed.
Assessing cyber risk
In a world of increasingly sophisticated cyber threats, it’s essential that financial institutions and their vendors are able to prevent, detect, and respond to cyberattacks. From data breaches to ransomware to denial-of-service (DDoS) attacks, cybersecurity is about having tools, policies, and procedures to identify and mitigate internal and external cyber threats and vulnerabilities.
Paired with a tool like the Federal Financial Institutions Examination Council (FFIEC) Cybersecurity Assessment Tool (CAT), real-world tabletop tests like the CAPs exercise provide the data to help analyze inherent risk and cybersecurity maturity levels, helping you understand your institution’s strengths and weaknesses when it comes to cybersecurity and demonstrating to regulators that your institution is staying current with the latest developments.
Whether your institution handles all its IT in-house or outsources to a third-party, it’s important to regularly test your incident response plan. It’s the best way to determine if you’re as prepared as you need to be and if you’re doing everything you can to limit risk.