On March 31, 2016, US Deputy Treasury Secretary Sarah Bloom Raskin discussed the steps financial sector participants should take to respond and recover from a cyber attack. She noted that the key to an effective response and recovery involves preparation, coordination and practice, especially given that in a widespread cyber attack on the financial system, time would be of the essence. While the financial system has not yet experienced such an attack, Raskin warned that recent interconnected cyber attacks, including large-scale Distributed Denial of Service (DDoS) attacks, theft and misuse of customer data and destruction of systems and data, suggest that coordination is imperative in the face of such large-scale attacks. Moreover, Raskin discussed the government’s, and specifically, the US Treasury’s role in responding to, and helping the financial sector recover from, such an attack. Specifically, she mentioned the Treasury’s role in coordinating with federal and state financial and banking regulators, as well as other government agencies to effectively communicate information and to enhance incident response preparation, including response playbooks and cybersecurity table-top exercises. Raskin encouraged the private sector to create robust cyber incident playbooks which identify key players, actions and timelines to be employed in the event of a cyber attack.
Deputy Treasury Secretary Raskin’s speech is available at: https://www.treasury.gov/press-center/pressreleases/Pages/jl0399.aspx.