Open registration for the fifth annual simulated cyber security exercise related to payment processes used by banks, community institutions, credit unions and associated financial services organizations was announced by FS-ISAC, the Financial Services Information Sharing and Analysis Center.
Over a two-day period this fall, hundreds of security, risk, and IT professionals will experience a highly realistic set of scenarios in a safe environment in order to practice and improve their response to cyber incidents. The teams are encouraged to involve multiple parts of their organizations, from IT and security to payments experts to communications teams, to line of business leaders and executive teams.
The simulation is known as CAPP or Cyber Attack Against Payment Processes.
“It’s one thing to have your cyber incident playbook ready to go, but practicing realistic drills based on current and anticipated threats is the best way to be prepared,” says Bill Nelson, president and CEO, FS-ISAC. “Over the past five years, thousands of security practitioners and corporate teams have benefited from these exercises. We’ve carefully crafted and calibrated each exercise to help test existing preparation, help security teams engage across their organizations and identify areas for enhancement. Given the current cyber security environment, there could not be a better time for financial services firms to participate in this exercise.”
Who: Security and fraud professionals, risk and compliance professionals, IT professionals, payment operations, corporate communications professionals, executive and line of business leaders who work directly for qualified financial services firms in the banking, credit union, payment systems and brokerage sectors.
Which firms: Any financial institution that sends or receives ACH transactions, checks, or wires. Any financial institution that uses online banking for their customers or members. Any bank or credit union that processes payments.
What: A two-day simulated cyber incident exercise. All participant data is anonymized and securely handled. No production systems are used for this exercise. Aggregated benchmark results will be published to participants after the exercise.
Cost: There is no cost to participate
When: Two exercises, two days each. Exercise 1: September 9-10, 2014. Registration Deadline: 9-5-2014; Exercise 2: September 16-17, 2014. Registration Deadline: 9/12/14