Build Stronger Plans and a More Resilient Business

Cyber-Attack Against Payment Systems (CAPS)

Build a stronger incident response team

CAPS challenges your incident response team to overcome a simulated attack on payment systems and processes. Participants practice mobilizing quickly, working under pressure, critically appraising information as it becomes available and connecting the cyberdots to defend against an attack.

Participating in the exercise helps your team:

• Gain maximum benefit with minimal resources.
• Strengthen team relationships and cross-functional knowledge.
• Develop a clearer understanding of system vulnerabilities.
• Explore improvements in response processes and build stronger response plans.

You take part from your own premises using our materials in a virtual, confidential tabletop exercise. The exercise requires about two hours each day. 

See Next CAPS Exercise

Cyber-Range Exercises

Improve your defense and response skills to a real-world cyber-attack

A one-day, hands-on-keyboard exercise in which participants observe and respond to different types of attacks such as ransomware or business email compromise. Teams share and review results, identify methods for improving defenses, then re-run the simulated attack to see if the suggested mitigation techniques improve results. These exercises are usually conducted in a single location (remote participation is optional) with 20-30 participants, enabling attendees to readily share insights and arrive at solutions with peers.

Participants experience technical training and management interaction with guidance and knowledge from industry experts, as well as peers. During the exercise, participants:

• Learn the setup and orientation of a simulated Bank.com environment and its tools.
• Explore defensive tools for analysis and trouble-ticket writing for an attack.
• Practice individual active defense techniques that could defend your network from an attack and mitigate its impact on operations.
• Build relationships with local law enforcement.
• Share lessons learned and ideas for future events.
• Receive a proven playbook and checklists.

Hamilton Series

Simulating a variety of plausible cybersecurity incidents or attacks

FS-ISAC partners with the Financial Services Sector Coordinating Council (FSSCC), US Treasury Department (Treasury) and other US government agencies including law enforcement to develop these one-day exercises aimed at improving the cyberthreat response within the US financial sector.
Simulations mimic a variety of attacks. Participants include members of both the public and private sectors, so that results can be formed into improved public/private coordination strategies.

*These exercises are specific to US-based financial institutions 

Playbook Drills

Standardized approach to combating cyber-attacks in the financial sector

With help from numerous contributors, FS-ISAC has created the Financial Sector Crisis Response Framework, a structured and standardized approach for the sector to manage cyber-attacks. From this broader Framework (formerly known as the All-Hazards Crisis-Response Playbook), FS-ISAC has
created regional playbooks to address specific geographies. Playbook drills focus on coordinating trusted information sharing and crisis response by adhering to the common, structured process defined in the playbooks.

Request More Information

Regional Exercises and Workshops

Regional coalitions and exercises for small and mid-sized institutions

Custom-designed exercises that are tailored for your organization’s environment. Such exercises can target threats that are specific to a particular region, to organizations of a specific size or financial segment and adaptable to your institution's highest priority.

Request More Information