This new episode of the Redefining CyberSecurity Podcast episode features Sean Martin and Cameron Dicker, Director of Global Business Resilience at FS-ISAC, as they unravel the pivotal role of FS-ISAC in fortifying business resilience within the financial services sector. Discover firsthand insights on navigating cybersecurity challenges, fostering global collaboration, and adapting to new threats in the ever-evolving landscape of financial security.
Guest: Cameron Dicker, Director of Global Business Resilience at FS-ISAC [@FSISAC]
On LinkedIn | https://www.linkedin.com/in/cameron-dicker-74804959/
____________________________
Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]
On ITSPmagazine | https://www.itspmagazine.com/sean-martin
___________________________
Episode Notes
In this episode of the Redefining CyberSecurity Podcast, host Sean Martin engages in a conversation with Cameron Dicker, the Director of Global Business Resilience at FS-ISAC (Financial Services Information Sharing and Analysis Center). The discussion delves into the critical role of FS-ISAC in enhancing business resilience within the financial services sector.
Cameron Dicker provides insights into the extensive global program he oversees at FS-ISAC, focusing on conducting exercises for members and fostering a community of practitioners in risk, resilience, crisis management, and business continuity. The organization serves as a platform for members to share experiences, assess risks, and collaborate on addressing operational challenges collectively.
The conversation expands to highlight the unique positioning of FS-ISAC as a global node network, comprising over 5,000 member organizations across 75 countries. The organization's pillars of intelligence, resilience, and security work in unison to collect, analyze, and disseminate valuable information to bolster members' resilience and security measures.
Furthermore, Sean and Cameron discuss the increasing challenges posed by third-party services in the financial sector, emphasizing the need for standardized reporting practices among multinational banks. The episode underscores the importance of continuous learning and adaptation in response to evolving cybersecurity threats.
The episode includes a call to action for increased engagement within the FS-ISAC community, encouraging members to actively participate in discussions and initiatives aimed at strengthening the sector's resilience to cybersecurity challenges. Through a blend of real-world insights and strategic foresight, the episode offers a comprehensive overview of the vital role played by FS-ISAC in safeguarding the financial services industry against emerging cyber threats.
Top Questions Addressed
___________________________
Watch this and other videos on ITSPmagazine's YouTube Channel
Redefining CyberSecurity Podcast with Sean Martin, CISSP playlist:
📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq
ITSPmagazine YouTube Channel:
📺 https://www.youtube.com/@itspmagazine
Be sure to share and subscribe!
___________________________
Resources
Fundamentals of Operational Resilience: https://www.fsisac.com/hubfs/Knowledge/FSISAC_FundamentalsOfOperationalResilience.pdf
FS-ISAC's Resilience Page: https://www.fsisac.com/resilience
FS-ISAC's Knowledge Page: https://www.fsisac.com/knowledge
___________________________
To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-cybersecurity-podcast
Are you interested in sponsoring this show with an ad placement in the podcast?
Learn More 👉 https://itspm.ag/podadplc
Global Collaboration for Financial Security: The Role of FS-ISAC in Safeguarding Financial Stability | A Conversation with Cameron Dicker | Redefining CyberSecurity with Sean Martin
Please note that this transcript was created using AI technology and may contain inaccuracies or deviations from the original audio file. The transcript is provided for informational purposes only and should not be relied upon as a substitute for the original recording, as errors may exist. At this time, we provide it “as it is,” and we hope it can be helpful for our audience.
_________________________________________
Sean Martin: [00:00:00] And hello everybody, you're very welcome to a new episode of Redefining Cybersecurity here on the ITSP Magazine Podcast Network. I am Sean Martin, your host, where if you follow the show, you know that I get to talk to all kinds of cool people about interesting things impacting business and businesses, customers, and ultimately society as a whole.
We're all trying to wrangle the best cybersecurity program as possible. We're flooded with. Uh, new threats were flooded with new technologies to help us with that gets complex on both sides. And then, of course, all that only matters if we're helping the business to grow. So that's my objective is helping operationalize security so that we can protect the business and help to generate growth and revenue, of course.
So today we're going to be talking about, uh, an industry. That clearly knows a bit of, a bit about money and finance. Uh, we're looking at the financial services [00:01:00] sector and more specifically, uh, the, the ISAC for financial services. So the FSISAC and I'm thrilled to have Cameron Dicker on Cameron. Thanks for, uh, thanks for joining me today.
Thanks for having me. Yeah, it's going to be fun. I didn't get a chance to make it to San Diego, uh, to connect with the broader group. I saw a lot of posts online where folks are really thrilled with the, the summit you put together, uh, for the FSISAC and bringing the community together. So I'm thrilled.
That's maybe, maybe word on that at some point in the conversation before we get into what we're going to talk about today, though, a few words, Cameron, about what you're up to your role and, uh, and why FSISAC is something you, you care about at the moment.
Cameron Dicker: Yeah. Um, so I'm the director of global business resilience.
So my program is a global program as the title suggests. Um, we do exercises for our members. We also, uh, manage a community [00:02:00] that brings practitioners together from risk, resilience, crisis management, business continuity. To share best practices, do assessments on what we think, um, the greatest risks to the sector are from an operational standpoint.
And then, um, of course, when something does go wrong, we, the community functions as a sounding board so that we can talk about what we're seeing, what we think, uh, the risks are to the sector at that moment, what the impact is likely to be on on the consumers, the sector. And of course, uh, share best practices on what people are doing to, to address the operational concerns at the moment.
Sean Martin: Yeah, no, no lack of fun stuff to, uh, to dig into there. And I, I like that you bring people together. It's not just a, not just a feed of, of information, but you're actually pulling folks together. To help them understand what's going on in the organization relative to what's going on [00:03:00] outside the organization.
Um, I've had a few conversations with a few of the other ISACs, uh, space ISAC and AI ISAC and working on getting the automotive folks on. Um, for those who haven't listened to those, please do first off. Um, but maybe an overview of the ISACs in general, and then the specifics of. FS ISAC. What's your charter?
Uh, who are the members kind of give us that picture to start?
Cameron Dicker: Yeah. So FS ISAC has been around for 25 years. Um, as one of your previous guests mentioned, it is one of the, uh, first ISACs, very proud of this. We've, uh, really grown over the years. We're in 75 countries. We have over 5, 000 member organizations.
Um, and just to the point you made earlier, one of the things that I think is. Um, sort of specific to our size ISAC, or at least not universal [00:04:00] across the ISACs, is that we really are, um, a place that brings our members together to share among the members. I like to think of us more as a node network. We are 5, 000 organizations across the world, seeing a variety of different hazards across a number of different threat factors.
Um, and what the ISAC is, is a place for those people to come together and say, Hey, I'm experiencing a problem or I'm seeing a thing. Who else has seen it too? And what did you do to address it? Um, so it really is member driven from its core. Our focus is collecting from the membership, analyzing with the membership, and providing back to the membership what they can use to bolster their own resilience and security.
I'll go ahead. I was just going to use that to pivot into sort of our general structure. We like to think of it as three pillars. We have intelligence, resilience, and [00:05:00] security. And these pillars sort of go hand in hand with each other. Um, as I mentioned, think of the ISAC as a node network. So intelligence as a pillar collects that information, synthesizes it, validates it, and then security and resilience.
Take that information, analyze it, process it, work with the members to see what's relevant, what's not, what's of value, what do they actually need, and what can they then add to the analysis piece? And then we provide it back out through, um, running exercises to strengthen our process. Through the development of playbooks at the sector level or through best practices, documents, and here's how we would address this problem.
Here's how others are addressing this problem. And here's what we've seen that works versus doesn't work.
Sean Martin: I love that. Thanks for doing that. And I, what I want to touch on is the global nature of this. I don't, um, I think, well, for those who, who are [00:06:00] aware that the ice acts were founded as a government initiative, And one might think then it's limited to U.
S., U. S. companies. Of course, especially when you get into the financial sector, many of those organizations operate. Internationally on a global scale. So it's not a surprise to me that you have so many, so much presence in other countries. Um, but maybe a few words on that, because do you see differences between how FS works in North America versus Asia versus Europe versus APAC?
Cameron Dicker: Sure. Um, I mean, so as you noted, we are global because banks are global. Anything, if we take any lesson away from the recent financial crisis, it's that we're all very interconnected in this sector and impacts are global in nature. [00:07:00] So as an ISAC, it's important for us. To have a global presence because if something happens in London that has dramatic operational impacts on a London, a significant London bank's ability to operate, that's going to have impacts in the United States.
It's going to have impacts in Australia. Um, so it's important for the security of any institution that they're getting that sort of intelligence and resilience, best practices and coordination on a global scale. Um, when we then look at how this actually works in practice, you do see some differences in how the regional banks operate, even the same bank across multiple regions.
You, you find that because, um, in the United States, there's been strong public private partnership for, um, over 20 years now [00:08:00] that the, the conversation between government partners and private sector works a little more smoothly. There's a little bit more trust, a little bit more information sharing than what we see in a lot of places overseas that are just getting started with this process.
Sean Martin: So when when I talk to a lot of practitioners, A lot of the conversation is we have all this tech, we're trying to figure out how to use it to mitigate risk, reduce exposure, communicate back to the business, what we're doing for them. Um, that's a very bottom up approach with then some wrangling, usually at the CISOs, sitting on the CISO shoulder.
How do I translate what I'm doing with my team back to the business to say one we're providing value and. Um, not just mitigating risk or helping to mitigate risk, but to drive growth ultimately. Where I, I believe FS ISAC and [00:09:00] other ISACs have an advantage is you kind of look at the market and what's going on across the business of financial services and the, and the objectives there and then could potentially drive back down the other way.
So is that a correct assumption or are there other points that you'd make in that regard? Yeah.
Cameron Dicker: Yeah. Um, so the way I like to think about it is from a financial institution. It's all about, um, improving business efficiency and reducing risk and I. T. was a huge boom for the financial sector in this space.
It allowed smaller institutions to gain access to services that they could have never afforded because of the just Resources required to run something in a manual process. It allowed large institutions to run them cheaper and more efficiently. [00:10:00] Um, which then moved a lot of process from sort of that wholesale large investor piece to the retail market.
Um, which is ultimately good for consumers and also bought down. a lot of risk from other threats. If you are, say, a financial institution in Florida, traditionally your worry is something like a hurricane. Um, through innovations in IT, you can have a data center in the cloud that's running in Ohio. Um, so that when the hurricane comes through, you switch to your Ohio data center.
Everything keeps processing. Everything's great. Um, except for your physical building, which of course may need some repairs, um, which allows you to really reduce the amount of business risk you you take on from being in a hurricane zone. This really played out for the financial sector in the pandemic.
Um, when a lot of sectors moved to [00:11:00] working from home, the financial sector was already so heavily invested in it. This was in large part, not a huge problem to overcome. We already had the capabilities in place. We were already, even when we were in our office, we're voting from the office into wherever it is, we stored our data.
Um, so it was largely a mind shift change, a couple regulatory concerns to overcome, um, but not. Not a huge change in how we do business, which allowed us to be incredibly resilient to, uh, to the COVID pandemic. Now, the problem with this is it introduces its own risk. Um, IT radically Um, proliferates the attack surface.
Um, now, my cell phone, this computer, um, are a huge risk to the company because the company can't lock them down the way they used to. It's now on my Wi Fi. I can do things. I can download personal apps on my phone. Um, so it introduces new risk while [00:12:00] mitigating the old ones. So the question that FSI sec grapples with often is how do we look at all of the new it that's coming into the sector and understand its business value and also it's sort of cyber and operational risks that come with it and then communicate those properly to the membership.
Sean Martin: So maybe, maybe using the cloud transformation as an example. In that sense, or in that case, did you, cause that's basically, we have new technologies, gives us new capabilities. We're going to, we're going to, the whole thing about that is scale, right? Cloud, cloud scales. So we can do so much more, more efficiently, maybe even less cost.
Did you bring the members together to say, here's what this means to our sector, this is how we think we should approach it and here's how we look at risk in [00:13:00] that, or was it member driven where they're saying, we've been told we're doing this and we need help understanding what it means, or is it kind of a combination of those?
Cameron Dicker: So it's a combination of Both. Um, and I actually started the cloud conversation in the sector from my previous job as a member of FSI sac, um, where I was, uh, the Deputy Director of Response and Recovery for the Department of Treasury's, office of Cybersecurity and Critical Infrastructure Protection. Um, and the FSI, SAC and Treasury, uh, partnered together to run a series of tabletop exercises on cloud.
To try and identify what we thought the actual risks were today, and five to ten years in the future. Those started, I want to say, 2019? A little bit before the pandemic? Um, since then we've had several follow on exercises to measure our progress, see how things are [00:14:00] going. There have been a couple papers, I believe Treasury published one two years ago, almost, um, and then the sector through FSISAC and organizations like the Financial Services Sector Coordinating Council have created several working groups to, to look at cloud and its risks and its uses in the financial sector from a variety of lenses.
And what's I think great about the model we've chosen is we've invited the cloud providers into the working group to to work with us on those risks so that they understand where we're approaching this from. And they can dispel myths and rumors, they can tell us about mitigations they have in place that aren't necessarily public, and they can work with us to make sure that the things we've identified in exercises.
Work with us. Get addressed before they become problems and incidents.
Sean Martin: I love it. And, uh, you know, the in fairness [00:15:00] to a number of the CSPs, cloud service providers, certainly the larger ones have invested a lot in different sectors. I know the health care space, obviously financial, um, critical infrastructure.
They invest heavily to understand the needs of that, that market. Cause what, when I think of financial services, it's all about onboarding new customers and getting their transactions completed, right. With, with minimal hiccup and limited liability back to the company to have to, have to cancel that transaction.
Um, I want to bring it to the, the, well, before I go there, the talked about cloud. We talked about remote. Are there. Other areas that you see things, other areas where we're heading that might be as impactful. I can think of a couple, GNI, hard to, hard to avoid that one as a topic, but another one that, that strikes me like something like open [00:16:00] banking where everything's driven by API.
So are there things like that? That you see on the horizon where the members of this group really need to start to think about.
Cameron Dicker: So one that's not on the horizon, but is sort of, we're in the thick of it right now is the proliferation of, um, the use of third parties to run financial services. Um, as I mentioned earlier, there are great efficiencies in doing so as those get concentrated into one or two service providers for a function.
Um, this introduces a lot of risk. There are, there are times where if a service provider that is not regulated in the financial sector, perhaps even not federally regulated at all, um, may not have the standards in place that a typical financial firm would have for cyber controls or incident response capabilities.
So that then becomes the weak link to the financial firm. But it's not just a one-to-one. [00:17:00] If the third party goes down, it has the potential to take thousands. of financial institutions with it. A core banking provider goes down for a week. Uh, that could easily be three or 4000 banks that are essentially not banks for three or four days.
Um, and there's very little in their control to do about that other than try and find a new vendor. And what we've learned from exercising is that onboarding a new vendor is not a week long process. That's a six month to a year long process. So unless you had one waiting in the wings, your backup plans are really not great in a lot of cases.
Um, so that's, that's the risk that I look at that it keeps me up at night. Um, turning to future risks. Um, FSISAC has spent a lot of time looking at AI and the concern of post quantum computing, breaking, uh, payment algorithms. [00:18:00] If, if we can't have confidence in the data we transact, we have a serious problem in the financial sector being able to operate.
If right now we know that when I encrypt the data and I send it to you, it hasn't been modified and it hasn't been read by anyone. If we lose confidentiality piece. That's not great. But if we lose the integrity piece, where we say, okay, someone could have gotten in, changed a number here and there, and continued on with the transaction, it undermines the entire system.
Um, it is something we've begun to exercise. We've started looking at, um, and, and really the question is, when will we, would we know that PostQuantum has the ability to break our cryptographic algorithms, or would we just be in the dark for years? Thanks. Um, while this is [00:19:00] happening to us. And once we learn, is there a safe alternative or do we just accept the risk?
Um, these are things that our working groups are currently working on.
Sean Martin: Yeah. And two things come to mind there. So I don't know how many years ago, it was probably 10 years, maybe, I don't know, 15 years, perhaps even, I believe it was the Estonian bank banking system was, uh, compromised in a number of transactions where, We're not, not real or not, not authentic in some way or another.
And I was working with a company out of Estonia to, to help solve that problem. And then I, the other point in, in terms of being in the dark, I've, uh, spoken to another company recently that, uh, Their position is a lot of the data necessary to crack and the data that would be valuable once, once, uh, once exposed through [00:20:00] cryptographic or quantum, uh, reversal, uh, they're saying a lot of people are collecting that now.
So, so that once it's possible, they can go back across. gazillions of things for many years and get lots of information. Um, obviously financial services data or the transactions are pretty real. I don't know if it matters changing a transaction three years ago, maybe, who knows? Um, but anyway, it's interesting times for sure.
And I guess that really hones in on. I think a lot of people do miss the mark on integrity. There's a lot of focus on privacy, the confidentiality piece, um, and availability, which I even mentioned too, right? How can we onboard somebody quickly and, and get their transactions through. The resilience is a key part of that.
Obviously that's where you've focused a lot of your time. Uh, tell us a little bit more about your role and some of the things you do. You mentioned the playbooks and [00:21:00] like that, but talk, talk through some of the stuff you work on with the members.
Cameron Dicker: Sure. Um, so I would say the bulk of the activity my team focuses on would be exercises.
We provide exercises to our members in a variety of different types. We have sort of technical hands on keyboard exercises that we provide, um, that just allow bank SOC analysts and network defenders to stay sharp on their skills. Um, we then do tabletops at the policy level, and these, these look at the threat landscape that we gather from the intelligence pillar.
And from what members bring to us through our exercise community and say, Hey, our bank is really struggling with X, Y, and Z. Can we look at that? Um, we run a number of these every year where we bring people together and they share best practices. We try and assess where we think the actual gaps are. And then we write a report and it says, here's what we learned.
[00:22:00] And here are five things we think you can do about it. Um, we have. We have a committee in each region that sort of collects those, works with members to spread the word, kind of tracks if it's within FSISx wheelhouse to do something, tracks that we're actually looking at it and doing something. Um, these are also great opportunities to bring our government partners in and say, we get that you're interested in doing a rule on this thing.
Here's what we know about it. Here's where we think the actual risk is in this space based on these exercises. Come exercise it with us so that when you write the rules, you're informed on where the actual risk is and what are some of the red herrings in this space. We then have, uh, what we call functional exercises and these sort of look at what we learned from the tabletops and say, okay, you have a policy in place that says you can do these three things.
Now's the [00:23:00] time to put your money where your mouth is and actually prove that you can do what's in your policy. Um, so you, we spend a functional exercises usually two, two and a half days. And you act out the actual steps to see if they actually work. Are you missing anything? And what's great about those exercises for, for a sector level is that, um, ultimately there's always something new that you uncover that you get to work on again.
Um, so these are my favorite because problems are relatively endless. But at the same time, you see constant improvement year after year after year. Uh, we've been doing these in the sector for, I've been exercising with the sector for almost 10 years and I've seen tremendous improvement, um, When we revisit topics and run them again.
So the functional exercises, I think, are great for measuring that, uh, outside of exercise.
Sean Martin: I want to pause there quickly because [00:24:00] yes, you could have a policy. Yes, you can have the technology helps you implement the policy, but if you If you don't have the operations or the procedure down and your team doesn't know it, like it has to be second nature.
Uh, I was talking to somebody the other day of, of somebody new in, in a baseball or softball and, and catching them, catching a, a ball hit to them at first base and throwing it to some, to get somebody else out at a different base, instead of touching the tag in their own base, just not having that second nature.
I do this, this, and that order because of this scenario. But if the scenario changes slightly, I'm going to do this and this and this differently. Um, so I think having the context and the practice is super important. And that's, that comes back to the team and the procedure and exercises, like you say.
Cameron Dicker: We see a lot of people writing their plan.
We would call FSISAC. [00:25:00] Great. How do you do that? Who makes the phone call? And who in FSISAC do you actually call?
Cam, this allows us to build that up. Please don't call me. I have, I have been the hotline person for many years at a previous job. Don't call me. We have a hotline for this. Call the hotline.
Sean Martin: Talk to me a bit about, um, I know you're going to go somewhere else as well, but quickly on, on the rules and laws and regulation.
Piece of it, because that, that plays a big part of context, especially when, when an organization operates multinationally, right? So their roles in different countries, they have to follow as well. So how does that all come into play and are there, there must be benefits to the members by connecting with folks who operate like them in multiple places.
Cameron Dicker: Yeah. Um, so I guess [00:26:00] kind of wearing. Previous hats at the same time. I used to work at the federal reserve in supervision and did a little bit of this international coordination on rulemaking piece, each jurisdiction fiercely maintains their own authority to write the rules that they see fit. And you see this play out, especially in the cyber space, especially on incident reporting.
Everyone has their own idea of what they need to collect and when they need to collect it and from who they should collect it. And I think for multinational banks, this becomes quite the hurdle. You could find yourself reporting to three agencies in the United States and 12 overseas about the same instant, and all of them have a different report they want you to fill out.
Um, Get that that's a challenge. It is a thing the members share amongst themselves to figure out how do we standardize this, how do we make this easier on us, how do we make sure we're not pulling [00:27:00] people out of the fight, as it were, to fill out a report. And I think those are important discussions to have.
The ISAC doesn't have much of a role in that sort of act of harmonizing these jurisdictions. But we do have a role in holding the exercise with, say, the U. S. regulators and the U. K. regulators, so they at least know a firm operating in both places has to report these very different reports, trying to get at the same, essentially, two questions.
Um, so at least everyone understands what's going on, it gets that, it creates that introduction to make sure that the right people are talking across the pond, um, and that those conversations are done in a safe, non interpretable environment. Um, and that that's really where FSISec thrives.
Sean Martin: Yeah, it's at that safe space that I think really, really matters because it clearly the, the initial [00:28:00] objective was to share threat information, right?
Active attack or potential potential threats. And, um, what you're describing is much more actionable and operational and strategic in many ways by bringing different folks from around the, around the world together for those exercises. How does that by having the exercises doesn't mean you. You eliminate the Intel sharing piece of it.
So how does all of that kind of fall back to the intelligence sharing, the information sharing?
Cameron Dicker: Yeah. So as I mentioned, when we started Intel. Feeds a lot of the resilient stuff. So the exercises are based on the intelligence. Our assessment of impact is always based on intelligence. Our crisis response, again, based on the intelligence, the feedback piece back into intelligence is sort of where we have the analysis of here's from an [00:29:00] operational standpoint, the interconnections of the sector, you've identified that There's an incident happening here, and what we've said is that if this goes down, these things over here go down, and it gives the intelligence team now a focus to look here as well.
So it gives them not just the point in time what's wrong, but a chance to sort of look into the future with our analysis and say, downstream, these are people we should be talking to, and seeing what they're doing and then sharing with them, so that they can harden their systems today against what we think might be a problem.
Tomorrow.
Sean Martin: So what does, um, what's the success for you look like growing membership? Uh, I know a lot of organizations track response time and bringing that down, bringing risk numbers down might be another thing that matters to them. [00:30:00] How do you quantify what you're doing really matters and is working for you as an organization, as well as the members.
Cameron Dicker: So I try not to look at the. At the incidents, um, people are always going to find ways to rob banks. It's where the money is. It's never going to stop. Um, the moment you alleviate the threat you're looking at today, new ones will put place it immediately because the incentive is just too high. What I, what I view as success is are we learning from the exercises?
Are we learning from the past incidents or are we making the same mistake over and over and over again? For me, success is that the, the new problem we're facing today, isn't the exact same problem we were facing five years ago, we've, we've at least moved the needle, not that we've reduced the risk. I think we're just [00:31:00] changing the risk.
But are we adapting? Are we growing?
Sean Martin: I love it. And as we close here, and I'll give you a chance to say any, any final words you like. But the question I like to ask is, given what we talked about today in your role, looking at resilience across the financial sector globally, what do you think your sector specifically needs to do to redefine security?
What can we do differently? That's a big question.
Cameron Dicker: Um, so I think there are a couple of things. Um, I think to really enhance our security, we do need to share more and more often. Um, I think our community does a very good job of share, certainly, certainly better than, uh, than we were doing five years ago, [00:32:00] definitely better than 10 years ago.
The things we are very good at sharing, though, are the The IOCs, uh, indicators of compromise, which is fantastic. Um, but if we could move to that next level and share, what are the actual practices we're seeing by bad actors in our network? What are the tactics they're deploying? Um, what are we seeing we can actually use, um, that isn't going to be unique to the incident.
IOCs are so easily changed, but threat actors tend to stick with the tactics they've got. Um, if we. If we get to more sharing around that, those things that carry over from attack to attack, I think that improves the sector's resilience significantly. Um, and then as anyone who's ever dealt with our exercise program [00:33:00] knows, I think we need to move the exercise needle as well.
Um, a lot of our exercises focus on a fictional firm experiencing the problem, and then we discuss if we were the fictional firm, what would this be like, or if we were partners to it, what would that mean for us? I do think we need to move from talking about fictional firms in our tabletops to talking about the actual firms that would be experiencing this problem in real life.
I think that depth that comes from really looking at real firms. Provides a level of analysis that you just can't get from a fictional firm. And those are the pieces where we're going to, that's the part where we're going to find the real sort of nuggets of what to work on that are really going to enhance the resilience of the sector.
But it's, it's hard. It's scary.
Sean Martin: Yeah. The, the, the extreme would be let's, let's cover a real case.
Cameron Dicker: Yes. It's a
Sean Martin: even more value there, [00:34:00] but probably even a little more scary.
Cameron Dicker: No one wants to be the one who for four hours has talked about as having a failed.
Sean Martin: Exactly. Hopefully we get closer to that point though.
Um, I think that that's the only way we really, we really learn. So I, I I'm thrilled to hear about all the cool things you're working on. And, uh, maybe a final word from you, Cameron on call to action for current members, pending members, uh, the financial sector at large.
Cameron Dicker: I think my call to action would be get engaged.
If you have a topic you're interested in, chances are FSISAC is looking at it. It's not just. The, the hardcore cyber folks, we have business continuity, we have fraud. If you are looking at a risk, we have a community for you. Get engaged, get involved. It's how we make progress as a sector.
Sean Martin: And if anything, uh, points to [00:35:00] the community, um, I mentioned at the beginning that, uh, a lot of positive feedback that I've seen online from, from the stuff you pull together, most specifically around the recent summit. You have, so, um, Cameron, thanks a million. Thanks for doing what you're doing. And, uh, bringing folks together to have those important conversations.
And thanks everybody for listening and watching today. I'll put links into, into the show notes to connect you to the FSI SAC and any other resources that Cameron wants to, to point us to, to help us, uh, continue to learn about what's going on there. So thanks again, Cameron. Thank you. And stay tuned, uh, subscribe, share, and, uh, keep well, everybody.
Thank you.