• Cyber-Attack Against Payment Systems (CAPS)

    Cyber-Attack Against Payment Systems (CAPS)

    Build a stronger incident response team

    The CAPS exercise challenges incident response teams to overcome a simulated attack against financial institution systems and processes. Participants practice mobilizing quickly, working under pressure and recognizing critical intelligence to defend against an attack.

    Developed as a real-world scenario, outcomes include:

    • Stronger team relationships and increased cross-functional knowledge;
    • Clearer internal understanding of system vulnerabilities;
    • Improvements in response plans.
    • Gain maximum benefit with minimal resources:
    • Participate from your premises or remotely via computer sharing using virtual, confidential exercise materials;
    • Teams spend a few hours working the incident each day;
    • Receive unattributed peer data to compare your response to other organizations.

    CAPS is available to all regulated depository financial institutions for $175 per institution. Please review Frequently Asked Questions for more information or contact us at CAPS@fsisac.com. FS-ISAC reserves the right to decline participation.

    See Next CAPS Exercise

  • Cyber-Range Exercises

    Cyber Range Exercises

    Improve your defense and response skills to a real-world cyber attack

    Third party risk. The demise of the firm perimeter with remote work. Innovations in malware and ransomware. Nation-state actors using cyberattacks as back doors for surveillance. 

    As new cyber challenges emerge, it is critical for security teams to get hands-on practice at defense. Our cyber range program, powered by Cyberbit, helps our members around the world get real-world experience in responding to new cyber threats while benefiting from the knowledge of industry peers in a secure and trusted environment.

    Exercises are structured to provide participants with:

    • Defensive tools for attack analysis
    • Individual defense techniques to defend your network
    • Proven playbooks and checklists that can be added to their institution's formal incident response plans

    In 2020, more than 1000 members from 30 countries participated in the exercises. This year, we are capping participation for each exercise. In addition, there are only 24 participants allowed per exercise.

    Please note that as of 2021, exercises are exclusively a member-only benefit. To register, login via Intelligence Exchange, select the Member Services icon. From here, select the Event/Training tab and select the exercise.

    If you are a member and do not have an Intelligence Exchange account, please contact FS-ISAC Admin.

    Register via Intel X

    If your financial institution is not a member of FS-ISAC, join today.

  • Hamilton Series

    Hamilton Series

    Simulating a variety of plausible cybersecurity incidents or attacks

    FS-ISAC partners with the Financial Services Sector Coordinating Council (FSSCC), US Treasury Department (Treasury) and other US government agencies including law enforcement to develop these one-day exercises aimed at improving the cyberthreat response within the US financial sector.
    Simulations mimic a variety of attacks. Participants include members of both the public and private sectors, so that results can be formed into improved public/private coordination strategies.

    *These exercises are specific to US-based financial institutions 

    Become a Member

  • Regional Exercises and Workshops

    Regional Exercises and Workshops

    Regional coalitions and exercises for small and mid-sized institutions

    Custom-designed exercises that are tailored for your organization’s environment. Such exercises can target threats that are specific to a particular region, to organizations of a specific size or financial segment and adaptable to your institution's highest priority.

    Request More Information

  • Regional Exercises and Workshops

    Regional Exercises and Workshops

    Regional coalitions and exercises for small and mid-sized institutions

    Custom-designed exercises that are tailored for your organization’s environment. Such exercises can target threats that are specific to a particular region, to organizations of a specific size or financial segment and adaptable to your institution's highest priority.

    Request More Information

With an ever increasing reliance on technology to support customer services, the need for robust and resilient cyber security training continues to represent a cornerstone of sound cyber security practice. Driven by member-curated content, FS-ISAC continues to enhance sectoral efforts to meet the ever-present threat posed by cyber criminals. In particular, the available workshops and technical exercises have proven invaluable in helping enhance organisational preparedness in order to enhance our ability to protect our customers.” 

Beate Zwijnenberg - CISO, ING

As financial institutions look to operate with sound cyber resiliency to enable secure and stable operations, the FS-ISAC cyber exercises allow our teams to remain current on cyber trends to identify learnings and test our responses, while keeping our customers and colleagues safe."

Glenn Foster - CISO, TD Bank Group

We enjoyed working with representatives from other organisations and saw firsthand the impact that collaboration and information sharing had on the participants’ decision-making and response times. We look forward to strengthening the relationships that we developed during the exercise and we will encourage others in the industry to communicate with their peers more to improve the overall resilience of the financial services sector.

Carlo Hopstaken - CISO and Head of Cyber Assurance Testing, UBS

FS-ISAC’s exercise program enables member institutions to develop a deeper, more comprehensive understanding of their role within the financial ecosystem, their cyber risk profile and associated critical dependencies.

Download Exercises Overview
fs-isac-greyscale

© Copyright 1999 - 2022 FS-ISAC, Inc. All Rights Reserved.

Terms and Policies