FS-ISAC Leads Financial Sector in World’s Largest International Live-Fire Cyber Exercise

Thirty countries participate in NATO CCDCOE Exercise Locked Shields 2021

Reston, VA, April 15, 2021FS-ISAC, the only global cyber intelligence sharing community solely focused on financial services, announced today its leadership role in devising the financial sector’s scenario during this year’s NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) Exercise Locked Shields, taking place 13-16 April.

Locked Shields simulates a series of realistic and sophisticated cyber attack scenarios using cutting-edge technologies, complex networks, and diverse attack methods to test the countries’ ability to protect vital services and critical infrastructure.

This year the exercise strategic track scenario includes a large-scale disruption across multiple aspects of the financial services sector. To do this, FS-ISAC convened a Scenario Expert Planning Group comprised of its members including the Bank for International Settlements (BIS) Cyber Resilience Coordination Centre (CRCC), Mastercard, NatWest Group, and SWITCH-CERT among others.

“Given the cross-border nature of today’s cyber threats, exercises like Locked Shields are critical tools in preparing the global financial services industry to better defend against increasingly sophisticated threat actors,” said Teresa Walsh, Global Head of Intelligence of FS-ISAC. “To strengthen the financial sector’s resiliency, FS-ISAC has facilitated cyber exercises for more than ten years. This is a natural extension of our role in helping protect the global financial system.”

A key focus of the exercise strategic track is the cyber dependencies of the financial services industry and how they relate to government and critical infrastructure. The exercise will also examine and account for the new realities brought about by the pandemic, such as the greater security vulnerabilities caused by accelerated digitization and remote work.

“Large-scale exercises like Locked Shields provide both the public and private sectors an opportunity to pressure test response capabilities across borders,” said Ron Green, Chief Security Officer, Mastercard. “Moving with speed and purpose are crucial during an actual incident and everyone involved will gain from the enhanced collaboration and information sharing.”

“Locked Shields continually strives to address the most pressing needs of our nations by emulating current challenges faced by leaders in the cyber domain. Partnerships, such as with FS ISAC, allows us to present current real-world challenges to national leadership. The exercise tests the ability of nations to address a massive cyber attack from internal government cooperation to what mechanisms can be used for coordination and information sharing with the private sector and international partners,” said Colonel Jaak Tarien, Director of the CCDCOE, a NATO-affiliated cyber defence hub that has organized this Exercise every year since 2010.

Locked Shields is the largest and most complex international live-fire cyber defence exercise in the world. It has nearly 2000 participants from 30 countries, with 5000 virtualized systems subject to more than 4000 attacks. In addition to securing complex IT systems, participating teams must also be effective in reporting incidents, strategic decision making and solving forensic, legal, media, and information operations challenges.

For more information about Locked Shields, go to the CCDCOE’s press release here.

For more information about FS-ISAC’s exercise program, click here.


The Financial Services Information Sharing and Analysis Center (FS-ISAC) is the only global cyber intelligence sharing community solely focused on financial services. Serving financial institutions and in turn their customers, the organization leverages its intelligence platform, resiliency resources, and a trusted peer-to-peer network of experts to anticipate, mitigate and respond to cyber threats. Members represent over $100 trillion in assets in more than 70 countries. Headquartered in the United States, the organization has offices in the United Kingdom and Singapore. To learn more, visit fsisac.com. To get clarity and perspective on the future of finance, data, and cybersecurity from top C-level executives around the world, visit FS-ISAC Insights.

Contacts for Media