This a laudable idea, other countries and industries shall definitely follow the example. I would, however, expand the scenario and consider breaches of trusted third-parties and governmental authorities. A large-scale ransomware attack, even if well-prepared and aimed against major financial institutions, is much less perilous than a campaign simultaneously targeting market regulators, news agencies and law enforcement agencies. A true “Black Swan” will likely breach a couple of reputable news agencies to spread explosive but fake news, then will corroborate them with a message from a couple of breached governmental websites such as SEC or DOJ and, finally, will paralyze major banks with ransomware to create a verisimilitude of a global collapse. Such an attack may be the disastrous end of a modern-day financial world that is unprecedently fragile. Therefore, it would be a good idea to consider and asses the risks imputed to trusted third-parties during the next exercise, making it multidimensional.  Read Less