Connect with us

Hi, what are you looking for?


Incident Response

Quantum Dawn War Games Test Cyber Resiliency in Finance Sector

Quantum Dawn IV, a large-scale exercise  to test the cyber resiliency of the U.S. finance sector, was held on Tuesday and Wednesday this week. The excercise had more than 900 participants from over 50 financial institutions, government agencies and regulators.

Quantum Dawn IV, a large-scale exercise  to test the cyber resiliency of the U.S. finance sector, was held on Tuesday and Wednesday this week. The excercise had more than 900 participants from over 50 financial institutions, government agencies and regulators.

Run by SIFMA (the Securities Industry and Financial Markets Association), Quantum Dawn is designed to test this industry’s ability to weather a major cyber attack. SIFMA describes itself as the voice of the U.S. securities industry, representing broker-dealers, banks and asset managers.

“There is likely no greater threat to financial stability than a large-scale cyber event, which SIFMA considers a low-probability, high-impact event that the industry must prepare for along with other possible crisis events,” explains Kenneth Bentsen, SIFMA president and CEO. 

The exercise, he said, enabled financial institutions, key government agencies and other industry partners to practice communication and response processes to maintain smooth financial market operations in the event of a sector-wide attack. The outcome of the exercise, however, will not be known until the Deloitte Risk and Financial Advisory Cyber Risk Services analyzes the data and produces a ‘public after-action’ report with observations and recommendations over the next few weeks.

In the meantime, we just have Bentsen’s comment, “A clear takeaway from the exercise is the importance of a robust partnership between the industry and government grounded in information sharing. No single actor — not the federal government, nor any individual firm — has the resources to protect markets from cyber threats on their own.”

The value of such exercises is rarely questioned.

“Any exercise of this nature is always a good idea. Financial Services are part of critical infrastructure and we know they they are under sustained and increasing attacks,” Neira Jones told SecurityWeek. “Destabilization of financial markets is definitely not something we want to see happen (well, not caused by cybercrime where we could potentially help it/minimize it anyway),” she said.

Advertisement. Scroll to continue reading.

Jones is a non-executive director at Cognosec, chairs the advisory board for Ensygnia, and spent four years on the PCI SSC Board of Advisers. She has also worked for Barclaycard, Santander, Abbey National, Oracle Corp. and Unisys.

“While financial services are heavily regulated (in security, too), regulations are always some steps behind technology and criminals,” she added. “Quantum Dawn is essentially good practice because it is merely testing an incident response plan through simulation, which should be standard practice anyway. It doesn’t detract from individual bank testing of their own incident response processes — which does happen in the great majority, and certainly for the major banks and FS firms.”

Quantum Dawn is similar to Waking Shark in the UK. “The trick of course,” Jones told SecurityWeek, “will be to act on the lessons learned and for the results not to be confined to the archives. Only time will tell.”

That is certainly the hope of Bentsen. “Cybersecurity is truly an issue where the interests of the industry and public sector are fully aligned. SIFMA and our members are constantly working to improve cyber defenses, resiliency and recovery through massive monetary investment in technology and personnel, regular training, industry exercises, and close coordination between the financial sector and the government, including our regulators. Best practices are developed and refined regarding penetration testing, insider threats, third-party risks, and secure data storage and recovery. Lessons learned from Quantum Dawn IV will help shape these initiatives as we constantly work to get better.”

Quantum Dawn IV leveraged NUARI (Norwich University Applied Research Institutes), and its latest version of the DECIDE FS, and the SimSpace Corporation’s Cyber Range software for the simulation and execution of the exercise.

In 2013, U.S. banks suffered a series of disruptive DDoS attacks from a group that called itself itself the Izz ad-Din al-Qassam Cyber Fighters. Growing concern about both nation-state and organized criminal attacks of increasing sophistication against the critical infrastructure make exercises like Quantum Dawn essential.

Related: Using Cyber War Games to Improve Incident Response 

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Artificial Intelligence

Two new surveys stress the need for automation and AI – but one survey raises the additional specter of the growing use of bring...