Contact us at CAIS@fs-isac.com with any questions or for more information.
Any institution that provides insurance or reinsurance services is eligible to participate. Exercise teams typically include individuals from cybersecurity, business resiliency, risk mitigation, IT security, IT management, corporate communications, legal, compliance, back office operations, employee communications, executive management and other staff involved in preventing, responding to and communicating about cyber-incidents.
The exercise is conducted over two consecutive days and requires a few hours each day to complete. You will receive a link to each day’s scenario early in the morning and complete the survey portion by 2400 hours midnight local time. Each day, from your own premises and on your own schedule, your team reviews and discusses the information available and confidentially answers a set of self-assessment survey questions.
Pervasive vulnerabilities and cyber-attacks are a serious source of risk. Security breaches, system compromises and many other cybersecurity issues are common and can be severe. FS-ISAC CAIS enables you to put into practice your processes, plans and resources in response to a cyberbreach. You assess your exercise experience and preparedness, while receiving insights on best practices and readiness at your organization and across the financial services industry.
By participating in a safe and non-attributed environment, on your own premises, with your staff, your organization will better understand your institution’s readiness if faced with a cyber-attack, cybercrime or other incident that may disrupt your business process. All participants will receive a summary of the exercise results in the second quarter of 2020.
No, this exercise is a tabletop style simulation. Participating allows you to privately assess your systems and response plans.
Yes, this free exercise is for the benefit of all organizations involved in providing insurance.
You will need to use PowerPoint to play the automated, audio-embedded exercise scenario, an internet connection and email. You may alternatively stream an MP4 recording of the same presentation. You will be provided a link to SurveyMonkey, an online survey tool, where you will enter your responses.
No, all participants and their input will be anonymous and non-attributed. A high-level summary report of general trends and lessons learned will be made available directly to participants. You can privately compare industry trends with your own responses.
You will have unattributed peer data to compare through an after-action report. All company information will be kept confidential. FS-ISAC also sponsors a WebEx for participants, to highlight and discuss the 2020 CAIS.
FS-ISAC’s IRC shares risk information for insurance and reinsurance carriers, as well as best practices to mitigate risk. IRC members are financial institution risk professionals and cybersecurity practitioners.