Developing an Incident Response Plan for an Information Security Breach
We’ve all heard the news concerning the breach at Equifax. It isn’t a matter of "if" but "when", when it comes to an event that exposes confidential customer or corporate information.
Any breach regardless of the type or size can be potentially devastating. Financial losses are not the only concern, what about your reputation? Financial institutions are particularly vulnerable by the very nature of the business.
You have information that thieves want, information they can parlay into cold hard cash, if not the cash itself. Despite the fact that rapid response is key to successfully responding to a data breach and minimizing the negative effects, the financial services industry is mandated to implement security controls that include identifying potential risks, monitoring for and detecting unauthorized access, mitigating the outcome, and notifying customers, law enforcement, and regulators when it does happen. Examiners will be looking for your plan now more than ever.
- Key regulatory requirements including state level data breach notification laws
- Key elements of an Incident Response Plan
- Computer Incident Response Team
- Roles and Responsibilities
- Overview of types of incidents
- Response steps
- Things you can do that may help prevent a breach
Senior management, audit, compliance, risk management, security officers, operations, IT or anyone responsible for developing and executing the incident response plan or involved in the handling of an incident.
Susan Orr is a leading financial services expert with vast regulatory, risk management, and security best practice knowledge and expertise.
As an auditor and consultant, Susan is dedicated to assisting financial institutions in implementing appropriate policies and controls to protect confidential information and comply with regulatory mandates and best practices. Her expertise as an auditor and former examiner provides her the knowledge and expertise to conduct comprehensive IT general control and data security reviews and assist de novo institutions in the vendor selection process, preparing policies and procedures, and instituting controls. She also consults for numerous security providers and vendors helping them align products and services to meet institution regulatory mandates. Susan is a Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), and Certified Risk Professional (CRP).
Institute of Certified Bankers: Visit http://www.icbmembers.org/login.aspx for instructions regarding self-reporting. Estimated credits: 2.5 CE Credits
- Live Webinar which includes 5 Day On-Demand - $265
- Six Month On-Demand – $295
- CD-ROM (Includes 6 Month On-Demand) – $345
- Live plus Six Month On-Demand – $365
- Premier (Includes all options) – $395
- Additional Locations – $75
Online: Click here.
Phone: Call Total Training Solutions at (800) 831-0678
Register online up to day of event. Earlier registration allows time to check your computer for an optimal experience.