Please note that this is a page from a previous version of Continuity Central and is no longer being updated.

To see the latest business continuity news, jobs and information click here.

Business continuity information

SIFMA publishes Quantum Dawn 2 summary

SIFMA has published a summary of the key findings derived from its Quantum Dawn 2 cybersecurity exercise held on July 18, 2013. The ‘after-action’ report was co-authored by Deloitte & Touche LLP, who served as an objective observer of the exercise and assisted in the preparation of the report to identify ways to improve the industry’s responses to cyber-events.

The Quantum Dawn 2 exercise simulated a systemic cyber-attack on the US financial system and provided the industry with an opportunity to run through its response procedures.

The full report is available to exercise participants only.

Specific objectives of the exercise were to rehearse crisis response plans and mitigation strategies; exercise the market open and close decision process in the event of a cyber-attack; simulate the loss of critical infrastructure within the industry; re-examine the sector-wide incident response communications; and develop an understanding of the operational readiness of the industry to open and function after an attack.

The exercise simulated multiple attacks; motives for the attacks included the desire to steal vast amounts of money, disrupt the equities markets, and to degrade firms’ operations capabilities. In the simulated scenario, the attacks directly affected market performance and eventually led to a market closure at the end of the exercise. More information on the simulated attacks is available on page four of the summary report.


Quantum Dawn 2 was completed successfully with robust engagement from all participants. The exercise successfully tested many of the industry’s processes and protocols. It raised awareness among industry participants about working together in a coordinated manner to address systemic risk issues and verified the critical importance of information sharing both between firms and the government as vital to identifying attacks and mitigating the impacts.

The summary report outlines the industry’s positive response to the simulated threats, including: strong communication across business lines within firms; continued enhancement of the ongoing public-private partnership between the industry and various government and regulatory agencies; execution of the industry’s sector-wide response protocols; coordination between SIFMA and the Financial Services – Information Sharing and Analysis Center (FS-ISAC); a highlighted role for the exchanges and clearinghouses as hubs of information; and a successful execution by the Market Response Committee to close the markets.

The exercise also identified areas where the industry can improve its crisis management procedures and strengthen relationships among the industry participants. Page seven of the summary report outlines specific recommendations based on three themes:

  • Sector-wide incident command structure and processes – The industry should review and update its sector-wide response playbook to promote greater integration between industry groups, market participants, and government agencies.
  • Systemic risk assessment and decision process – The industry should augment existing guidelines and decision frameworks to determine if cyber incidents are systemic in nature and could impact the broader financial system.
  • Communication and information sharing – The industry needs to institutionalize the procedures for determining if markets will open or close in response to a systemic cyber-attack. Further, the industry should set protocols that will promote greater communication and information sharing among market participants when responding to a cyber-attack. Additionally, the industry should formalize a strategy for communicating with the public during a cyber-attack to promote trust and confidence in the markets.

More information:

•Date: 23rd October 2013 • US •Type: Article • Topic: Business continuity exercises

Business Continuity Newsletter Sign up for Continuity Briefing, our weekly roundup of business continuity news. For news as it happens, subscribe to Continuity Central on Twitter.

How to advertise How to advertise on Continuity Central.

To submit news stories to Continuity Central, e-mail the editor.

Want an RSS newsfeed for your website? Click here