Quantum Dawn 2. It sounds like the newest hit game on Xbox, doesn’t it?
It really is a simulated cyberattack, organized as a training exercise for financial institutions. It is the brain child of the Securities Industry and Financial Markets Association (SIFMA), a trade group boasting the membership of hundreds of the most recognizable names in banking. Quantum Dawn 2 will be run this week, on Thursday, July 18th, from 9 AM to 2:30 PM Eastern Time.
About 40 firms will participate, each supplying three delegates, so the group is relatively large. Each will be working on platforms linked to simulated markets, so there will be no interference with real-time operations. This setup was designed by the Department of Homeland Security. It will also eliminate opportunities for real hackers to run rampant during the drill. (Yes, that was my first thought as well!)
Some of you may recall Quantum Dawn 1 from November 2011. In the original, the drill even featured an armed invasion of the New York Stock Exchange in addition to the cyberattack. The sequel will eschew the masked men and concentrate only on the electronic trading platforms. (So if you see what appear to be terrorists roaming Wall Street, please do call the authorities.)
The key ingredient to this drill is the real-world application of information sharing protocols. Each team in isolation has limited data about the attack and limited resources. By cooperating, they may learn more about the simulated threats and strategy, not only leveraging a greater reach but a greater understanding of what they are up against.
Candidly, the InfoSec community needs more of this. Drills, sure, but more importantly, cooperation. Not everyone has the same skill set, experiences, or perspective. All of us stand to gain if corporations work as a team, instead of trying to remain an island. If you don't have the expertise, find someone who does. We're all in it together.