123RF

A major cybersecurity exercise by the global securities industry is a positive for financial firms, says Moody’s Investors Service in a new report.

The recent test involving financial institutions, regulators and infrastructure firms from the United States, Canada, Europe and Asia provided financial institutions with an opportunity to practice and learn from their preparations for a real-life cyberattack, the credit rating agency says.

“The interconnected nature of financial services means that an attack on a financial institution in one jurisdiction can quickly spread to other institutions and regions,” Moody’s says. “There is a growing systemic risk to the financial markets’ infrastructure posed by cyberthreats, and growing digitalization also increases banks’ cyber risk exposure.”

The test simulated a low probability “extreme scenario,” Moody’s says, which provided participants with the opportunity to “practice co-ordination and exercise incident response protocols, both internally and externally, to maintain smooth functioning of the financial markets when faced with a series of sector-wide global cyberattacks that affect market integrity and create cross-border effects.”

Among the participants were securities firms, banks, asset managers, infrastructure providers, and government agencies (including the Bank of Canada, the U.S. Treasury, the U.S. Securities and Exchange Commission and various others).

Moody’s reported that the U.S. Securities Industry and Financial Markets Association, which co-ordinated the exercise, said that the test highlighted, “the importance of a robust partnership between the industry and government grounded in information sharing. It said that no single actor — not the federal government, nor an individual firm — has the resources to protect markets from cyberthreats on its own.”