The Bank of England has today published the findings of the Waking Shark II exercise, which tested the wholesale banking sector’s response to a sustained and intensive cyber-attack. The exercise supports the recommendation by the Financial Policy Committee to improve and test resilience against cyber-attacks. The report shows that considerable progress has been made since the previous exercises in 2011 and highlights areas which could be further improved.
Waking Shark II was organised by the Securities Industry Business Continuity Management Group which drew on extensive cyber expertise to design a scenario in which a cyber-attack caused disruption to wholesale markets and the financial infrastructure supporting those markets. It involved participants from investment banks, financial market infrastructure, the financial authorities and the relevant government agencies. The exercise tested the communication between firms, between firms and the authorities, and aimed to improve understanding of the impact of a cyber-attack on the participants and wider financial sector.
The Bank of England and other financial authorities will continue to work with the sector to test collective resilience to cyber-attack as part of its ongoing programme of work.