Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Wednesday, 8 February, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Waking Shark 2 deemed to be a success

by The Gurus
February 5, 2014
in Editor's News
Share on FacebookShare on Twitter

The second Waking Shark stress test exercise has been deemed a success, with participants calling for stronger attacks next time.
The exercise, which was held on Tuesday 12th November 2013, was s designed to follow up and reinforce the lessons learned from previous cyber exercises and reflect the continued evolution of the nature, intensity and sophistication of cyber threats over the past two years. It was conducted between 14 firms, six financial market infrastructure providers, the financial authorities including the Bank of England and the Prudential Regulation Authority, Financial Conduct Authority, HM Treasury and Government agencies and 220 attendees.
The exercise was held over three days and included: DDoS attacks; targeted and PC wipe attacks that penetrated the firms’ networks for disruptive and destructive purposes; issues with end-of-day market data pricing files for some equities markets; issues with Central Counterparty Clearing processes for fixed income; and issues associated with processes used to instruct payments through agent banks and manage balances in accounts at agent banks.
The results, published today, showed that there was a “significant improvement” from the first Waking Shark exercise, while communication and information sharing was “generally good” throughout the exercise, although it was noted that there is no central industry coordination for financial sector information sharing and communication to the wider public, and it was suggested that consideration should be given to allocating this role to a single coordination body from industry (possibly the BBA) to manage communications across the sector during an incident.
Participants also said that they were unclear as to the process for communication with regulators in the new institutional framework, while others claimed that the attacks “could have been more technically challenging with greater market stress over a longer period”. It was also recognised that the size of the audience, and possibly the presence of the regulating authorities, did tend to stifle the discussion.
The information sharing platform CISP (collaborative information sharing platform) was heavily used during the exercise, truncating three days of activity into a few hours. The results said that this highlights the value of the facility in identifying and responding to a cyber event, and also the amount of work required from the Fusion Cell in managing the information.
As a result, the platform will continue to be enhanced to facilitate the timely and secure exchange of information amongst the members.
Commenting, Stephen Bonner, a partner in KPMG’s Information Protection and Business Resilience team, said that the fear of damaged reputations or stuttering share prices are major factors behind many organisations’ decision to keep a low profile when their cyber defences have been breached.
“When anyone is under attack it’s always too easy to get caught in the moment and focus on self defence, but the onus must be on collaboration. Rather than hide when things go wrong, they should inform those that need to know – doing so will put attackers on the back foot and ensure partners and suppliers can take the necessary steps to ensure waking sharks are put to sleep,” he said.
“The fact is that the rising number of attacks shows that cyber vulnerabilities must be taken seriously.  We’ve seen requests for help more than doubling in the past 12 months suggesting that the recognition is there, but awareness doesn’t equal resolution. Waking Shark II has shone a welcome light on current vulnerabilities, but that
doesn’t mean it is safe to ‘get back in the water’. Hackers see each barrier as a challenge to be beaten, meaning that constant vigilance and testing is vital if financial organisations are to remain secure.”
In future, it was deemed attacks against retail organisations should be considered, allow information on what the “victims” would experience and consider shorter and more focused exercises on specific issues.

FacebookTweetLinkedIn
Tags: APTDDoSfinancial servicesStress Test
ShareTweetShare
Previous Post

Target CFO apologises, aims to win back customers

Next Post

ISACA's Sue Milton talks about hiring people

Recent News

Cato Networks delivers first CASB for instant visibility and control of cloud application data risk

Cato SASE Cloud Named “Leader” and “Outperformer” in GigaOm Radar Report for SD-WAN

February 7, 2023
AT&T Cybersecurity grows SASE offering by adding Palo Alto Networks

UK second most targeted nation behind America for Ransomware

February 7, 2023
safe

Will Emphasising App Security Lead to More App Installs?

February 6, 2023
Phone with app store open

$400,000 Fine for Stalkerware App Developer

February 6, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information