Recently, RocketFin Consulting worked with UK Finance, Euroclear and leading banking institutions...
As cyber threats continue to evolve, so do the methods we use to prepare for them. In 2024, cyber resilience exercises in the financial sector are increasingly focusing on the critical aspects of interdependence and interconnectivity among institutions. Rather than isolating individual institutions, these exercises now emphasise the complex web of relationships and dependencies that exist within the financial ecosystem. Below we list four of the key themes we have seen as an organisation when it comes to cyber resilience exercises this year.
Key Themes Emerging
-
Collaborative Recovery - Exercises now explore how firms can work together to recover from widespread incidents, recognising much more that no institution operates in isolation.
-
Communication Coordination - A major focus is on how the sector can coordinate its communication efforts during a crisis, ensuring consistent and clear messaging to stakeholders and the public.
-
Systemic Impact - Scenarios are designed to reveal the cascading effects of cyber incidents across interconnected systems and institutions.
-
Shared Resources - Exercises examine how the sector might share resources and information to mitigate the impact of large-scale cyber events.
Beyond Incident Management
These themes reflect a significant shift in approach, moving beyond traditional incident management. Modern cyber resilience exercises now encompass long-term resilience strategies, cross-firm coordination mechanisms, and the development of industry-wide standards and protocols. This broader scope acknowledges that in our interconnected financial ecosystem, the resilience of one institution can significantly impact others.
In a recent exercise, by simulating complex, we were able to assist in the identification of sector-wide vulnerabilities not apparent for institutions exercising in isolation.
Moreover, these exercises are driving actionable insights across the sector. In a recent exercise, by simulating complex, we were able to assist in the identification of sector-wide vulnerabilities not apparent for institutions exercising in isolation. This collaborative approach fosters the development of more robust, collective response frameworks. It also generates recommendations for enhancing resilience that take into account the interdependencies within the financial system.
As the financial sector continues to navigate the complex landscape of cyber threats, these exercises play a crucial role. They prepare institutions not just to withstand attacks individually, but to respond and recover as an interconnected system. By focusing on collaboration, communication, systemic impacts, and shared resources, the sector is building a more resilient financial ecosystem capable of facing the cyber challenges of today and tomorrow.
Want to hear more about our services in cyber resilience testing? Feel free to contact us through our website
Formerly Chief Information Security Officer (CISO) at UBS UK, Yiannis is a board member of ISC2, the world’s leading association of cybersecurity professionals.
