In 2015, we conducted a table-top exercise with a cross-section of our marketplace firms to test information-sharing between regulators in the event of a systemic attack. The exercise resulted in guides about cybersecurity best practices and cybersecurity incident responses, also released in 2015.
In 2018, we conducted a table-top exercise for small and medium-sized Dealers. Small/medium-sized Firms don’t typically have the resources of larger firms to manage risks. IIROC wanted to provide a forum for them to speak with each other and with cybersecurity experts, and collaborate and discuss common industry cybersecurity threats and low-cost best practices to manage risks. The exercise was designed as a series of four separate case studies and participants discussed crisis responses in small facilitated groups. At the end of the exercise, recommended solutions were provided.
The table-top exercise for small and medium-sized Dealer Members that was initially planned for 2020 will now be postponed to 2022 due to the COVID-19 pandemic. (June 6, 2021)