CAPS is a discussion-based exercise that builds stronger cross-functional relationships, improves incident response plans, and clarifies system vulnerabilities.

The CAPS exercise challenges incident response teams to overcome a simulated attack. Participants practice mobilizing quickly, working under pressure, and recognizing critical intelligence to mount their defense.

• Teams participate in their own time with virtual, confidential exercise materials

• After Action Reports provide unattributed peer data to compare responses from across the sector

CAPS is included in annual fees and is available to all members in three versions:

• Banking

• Insurance

• Securities & Investments

Our Cyber Range program, powered by Immersive, provides real-world experience with new cyber threats. Participants learn how to activate:

• Defensive tools for attack analysis

• Network defense techniques

• Integrate proven playbooks and checklists into incident response plans

FS-ISAC’s functional exercises test the execution of policies and procedures during real-time simulated attacks.

Steel Resolve: Designed to demonstrate firm-level incident response capabilities, cross-sector interactions, and public-private partnership activities during a large-scale attack on a fictional global financial institution. FS-ISAC observes the exercise to assess opportunities to improve information sharing and sector coordination across FS-ISAC communities. FS-ISAC incorporates these indicators into our playbook to support the incident management process across the financial ecosystem.

Cybex Paladin: Designed for small-to-mid-sized firms, the exercise tests responses to operational disruptions, such as cyber attacks or retail payment failures. It provides hands-on experience in managing, communicating, and recovering from realistic, high-pressure cybersecurity threats.

FS-ISAC’s tabletop exercises are focused, strategic conversations that advance the sector’s response to specific threats.

Exercises are conducted virtually and in-person, locally and globally, as either standalone opportunities or connected to an FS-ISAC event or Summit.

Recent tabletop exercise topics have included:

• Cloud computing

• North Korean scam workers

• Artificial Intelligence

• Undersea cables

• Post-quantum computing

• Canada Incident Response Framework

Tri-Sector: Assesses the financial, energy, and telecommunications sectors’ Tri-Sector Playbook to uncover areas of improvement to the framework.

Locked Shields: An international, operations-based exercise organized by NATO’s CCDCOE, Locked Shields tests cybersecurity experts’ skills and strategic response to a real-time attack on national IT systems and critical infrastructure.

CyberStorm: An operations-based exercise hosted by CISA uniting the public and private sectors to discover and respond to a simulated cyber incident impacting US critical infrastructure.

National-Level Exercises: Run by FEMA, these exercises allow all levels of government, the private sector, nongovernmental organizations, and community groups to test operational capabilities, evaluate policies and plans, familiarize personnel with roles and responsibilities, and foster meaningful interaction and communication across the country.

GridEx: A biennial exercise hosted by North American Electric Reliability Corporation’s E-ISAC, GridEx gives E-ISAC member and partner organizations a forum to practice response to and recovery from coordinated cyber and physical security threats and incidents.

Hamilton Tabletop Exercises: In partnership with the Financial Services Sector Coordinating Council, the US Department of the Treasury, law enforcement, and other US government agencies, FS-ISAC designs the Hamilton tabletop exercises to improve the public and private sectors’ coordination strategies and their response to cyber threats. Limited to US-based financial institutions, the one-day Hamilton Exercises examine a variety of cyberattacks.