Best Practices for Managing Cybersecurity Incidents
Best Practices for Managing Cybersecurity Incidents
Have a plan. Develop an incident response plan that includes the appropriate procedures and points of contact, and be sure to keep the plan up to date. Establish relationships with key incident responders such as your cybersecurity insurance, breach counsel and attorney(s), forensic providers, and public relations team.
Practice the plan. Like all emergency procedures, your plan in the case of a breach must be practiced. Your bank can practice by holding tabletop exercises — simulations where participants walk through the incident and response procedures. There are both technical and management tabletop exercises, which should be conducted annually. “Look at all aspects of the tabletop exercise. As you’re looking at tabletop exercises include your business processes, your data and information, tools and technology that you use, and include the organizational structure. The people, tools, processes, and data.” recommended Mark Shaffer, Cybersecurity Manager at CLA. Other tests to practice include spear-phishing tests and Red Team penetration testing.
Prove the plan. John stated “Proving the plan works in the areas where you feel you have the most risk.” Low visibility into IT infrastructure means a lack of forensic evidence to determine which system or data hackers accessed. Conduct trial forensic exercises to ensure proper data and visibility.
John and Mark’s webinar, Maximizing Cyber Security Soundness & Minimizing Incidents, also covers real-world cybersecurity threats, the evolving regulatory landscape, how to identify and monitor cybersecurity events, and mitigation strategies to manage ongoing risk.
Contact us to purchase this webinar!
To gain more insights from John, visit his page to access upcoming and on-demand webinars.
Read These Articles Next
Tess Bower
November 19, 2021
April 11, 2022
March 8, 2023
© 2024 FINANCIAL EDUCATION & DEVELOPMENT, INC