FS-ISAC leads financial sector in global live-fire cyber exercise Locked Shields

More than thirty countries participate in NATO CCDCOE Locked Shields 2022

FS-ISAC, the only global cyber intelligence sharing community solely focused on financial services, announced today that it will lead the financial services sector scenario in NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) Exercise Locked Shields this year, the world’s largest and most complex live-fire cyber exercise, taking place 19-22 April, 2022.

Locked Shields facilitates systematic, multinational, multi-sector, public-private cyber defense cooperation and coordination to prepare against nation-state threats. The exercise, held annually since 2010, tests national, civilian, and military IT systems’ ability to protect vital services and critical infrastructure by simulating a series of realistic, large-scale cyber attacks against a fictional country.

“Cooperation at this scale reflects the interdependencies of all critical infrastructure sectors and the public sector,” said Steven Silberstein, CEO of FS-ISAC. “Leading the financial sector scenario is a natural extension of our role in promoting information sharing and collective defense to strengthen the resiliency of the global financial system.”

“Exercises like Locked Shields help build the muscle memory to respond to real world cyber attacks,” said Teresa Walsh, Global Head of Intelligence at FS-ISAC. “While the scenarios are not specifically tied to the current conflict, exercise planners look to integrate recent geopolitical circumstances and cyber threat actor tactics, techniques, and procedures, so that teams continually upgrade their response capabilities.”

FS-ISAC convened a Scenario Expert Planning Group comprised of member firms including Mastercard and Santander, among others, to develop and inform the financial services sector scenario.

“In cybersecurity, you don’t want to invent something new in the middle of a crisis. That’s the value of large-scale, cross-border exercises like Locked Shields. They give both the public and private sectors an opportunity to test, analyze, and enhance our response capabilities in a real-world environment,” said Ron Green, Chief Security Officer, Mastercard. “We’re able to see how collaboration and information sharing can help us to address cyber threats more efficiently. Together, we are stronger.”

“Locked Shields continually strives to address the most pressing needs of our nations by emulating current challenges faced by leaders in the cyber domain,” said Colonel Jaak Tarien, Director of the CCDCOEa NATO-affiliated cyber defense hub. “Partnerships, such as with FS-ISAC, allow us to include not only technical but strategic decision-making elements to better prepare national leadership for large-scale incident response.”

Locked Shields is the largest and most complex international, live-fire cyber defense exercise in the world. It includes nearly 2000 participants from 32 countries, with over 5000 virtualized systems subject to more than 8000 attacks. In addition to securing complex IT systems, participating teams must also be effective in reporting incidents, strategic decision making, and solving forensic, legal, media and information operations challenges.

For more information about Locked Shields, see CCDCOE’s news.

For more information about FS-ISAC’s exercise program, click here.