Defending against cyber attacks and fraud around payments is a seemingly never-ending battle. Significant attacks, like the Target data breach late last year, seem to occur every quarter, with new ones being discovered regularly.
And that's only point-of-sale attacks. Banks still need to be vigilant around ACH or wire fraud and fraud surrounding mobile payments.
With all this in mind, the Financial Services Information Sharing and Analysis Center (FS-ISAC) announced it is offering registration for its fifth annual simulated cyber security exercise related to payment processes used by banks, community institutions, credit unions, and associated financial services organizations. FS-ISAC is a member-owned, non-profit, private financial sector initiative, whose primary function is to share timely, relevant, and practicable physical and cyber security threat and incident information among its financial institution members.
The simulated exercise will take place over a two-day period this fall and feature hundreds of security, risk, and IT professionals who will experience a highly realistic set of scenarios in a safe environment in order to practice and improve their response to cyber incidents. There is no cost to participate, and the event is open to any financial institution that processes payments and sends or receives ACH transactions, checks, or wires.
"During the exercise, we ask each firm to role-play and to include staff from a variety of disciplines, including from those that deal directly with payment processing to cyber security teams to communications teams to senior executives," says Bill Nelson, president and CEO of FS-ISAC. "An important fact is that we make this exercise available not just to FS-ISAC members, but to any financial firm that is involved with payment processes. Past years have shown participation ranging from small community banks and credit unions to some of the largest banks."
Nelson adds that in last year's exercise, several financial institutions said the scenarios were very similar to real-world attacks, and that the event helped them feel prepared.
FS-ISAC stresses the importance of approaching cyber security from a company-wide perspective, as opposed to just being an IT problem. This is why corporate communications professionals, executives, and line-of-business leaders are also invited to the event, according to Nelson.
Firms can register for the event here.