Financial institutions are lucrative targets for cyber criminals. However, not only does the interconnected nature of the financial sector only further amplifies the risks and costs of cyber attacks, the threats it face are constantly evolving. Simulated attacks can help financial institutions test their incident responses and evaluate the strengths and weaknesses of their security. Financial regulators are key players in making sure institutions are adequately prepared for attacks. There is a compelling case for mandating minimum requirements for simulated attack service providers, but some financial regulators have yet to follow suit.
