FS-ISAC Leads Financial Sector in Live-Fire Cyber Exercise Locked Shields

Exercise to prepare against unprecedented, worst-case scenario financial meltdown

Reston, VA, April 18, 2023FS-ISAC, the member-driven, not-for-profit organization that advances cybersecurity and resilience in the global financial system, today announced that for the first time, FS-ISAC is convening nearly 30 member financial firms from around the world to participate in the world’s largest live-fire cyber defense exercise, the annual NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) Exercise Locked Shields, taking place April 18-21, 2023. 

Locked Shields involves a complex and cascading set of cyber attacks on a fictional country, with impacts ranging from military and government to critical infrastructure such as energy, telecommunications, shipping, and financial services. FS-ISAC designed the 2023 financial sector scenario in the strategic exercise, which simulates real life payments system outages by a central bank and the cascading impacts on the financial system. The scenario is based on similar but far less severe outages experienced over the last several years at major central banks around the world.

Cyber threats to critical infrastructure systems, including financial systems, have become a reality of modern warfare, and Locked Shields has worked since 2010 to facilitate systematic, multi-sector, public-private cyber defense cooperation and coordination in anticipation of these threats from nation-states. 

“Exercises like Locked Shields strengthen the resilience of the global financial sector and encourage collaboration and coordination across all critical infrastructure and public sectors,” said Steven Silberstein, CEO, FS-ISAC. “Our participation will allow us to crowdsource exercise responses from our global membership to assess and mitigate threats as the scenario unfolds, building the muscle memory our members and the overarching sector can rely on when faced with real-time cyber warfare.”

“We identified the urgent need for the financial sector to partner alongside nation-states to prepare and exercise against the current threat landscape,” said Dr. Mart Noorma, Director of the CCDCOE, a NATO-affiliated cyber defense hub. “FS-ISAC’s insights into the challenges facing the global financial system inform realistic exercise development, and we appreciate their continued support and involvement as we strive to protect global critical infrastructure from future cyber incidents.”

Locked Shields is the largest and most complex international, live-fire cyber defense exercise in the world. It includes more than 2600 participants from 38 countries, with more than 5500 virtualized systems subject to more than 8000 attacks. In addition to securing complex IT systems, participating teams must also be effective in reporting incidents, strategic decision making, and solving forensic, legal, media, and information operations challenges.

Twenty-nine FS-ISAC member firms including Banco de Espana, Bank ABC, Banking and Payments Association Ireland, Barclays, CME Group, DNB Bank ASA, Mastercard, NLB, Nordic Financial CERT, Santander, and Union Bank and Trust participated in this year’s exercise.

“Partnerships built on strong collaboration and information sharing are essential when responding to a cyber incident,” said Ron Green, Chief Security Officer, Mastercard. “It truly takes a network to defend our networks. And through Locked Shields – and exercises like it – we have the chance to put our response plans into action and actively work together to defend our sector.”

"We in the Nordic Financial CERT are used to exercising a range of scenarios with our members and critical infrastructure cross-sector in our digitally advanced Nordic countries," said Morten Tandle, General Manager, Nordic Financial CERT. "This is a rare opportunity to collaborate in real-time with our peers around the world. It helps us learn to build resilience for our societies' critical functions, through adapting and defending digital critical functions that experience cyber attacks."

“The threat landscape evolves so rapidly; the only way to stay ahead is to be prepared through constant exercising and collaboration,” said Cameron Dicker, Global Head of Business Resilience, FS-ISAC. “Cross-border communication channels between and across the private and public sectors are critical to responding to incidents efficiently, with minimal disruption to customers and citizens. This is the key value of exercises like Locked Shields; they help us build both the means and the trust necessary to act quickly in a crisis.”

For more information about Locked Shields, see CCDCOE’s news.

For more information about FS-ISAC’s exercise program, click here.


FS-ISAC is the member-driven, not-for-profit organization that advances cybersecurity and resilience in the global financial system, protecting the financial institutions and the people they serve. Founded in 1999, the organization’s real-time information-sharing network amplifies the intelligence, knowledge, and practices of its members for the financial sector’s collective security and defenses. Member financial firms represent $100 trillion in assets in 75 countries.

Contacts for Media