Responding to Cybersecurity Incidents
Incident Response Management:
Since “when” replaced “if” . . .
What keeps most bank management team members up at night in 2017 is not whether or not we’ll close that loan. It’s what we’re going to do when . . . and not if . . . something REALLY goes wrong with technology. Technology never works the way it’s supposed to. Disasters happen. The crooks are getting better and attack vectors are morphing.
This workshop will help any member of your Incident Response Team . . . whether technical or not . . . recognize the incident response process as it unfolds.
Incident Response as a Control
- Why incident response?
- The fundamentals of incident response.
- Baseline and Evolving CAT Statements
- The Mitigation of Impact (Turning Lemons into Lemonade)
Incident Response as a Process
- Fitting Incident Response into your existing IT Governance program.
- Creating an Incident Response Policy that your Board understands.
Building the Incident Response Team.
- Incident Response Team responsibilities and maximizing the meeting effectiveness.
- Incident response planning.
- Integrating incident response into your existing Risk Management Program.
- Training and testing your Incident Response Team
- Identifying Potential Incidents, Incident Detection
- Managed Security Service Providers and how to put them on your team.
- Monitoring techniques, reporting methodologies, and how to maximize their value.
- What to look for in a SIEM.
- Teaching Last Resort Response and Broadcast Awareness
- Containment Methods
- Broadcast Awareness and Incident Escalation
- Customer Notification
- Handling the media, vendors, and other third parties
- Insurance Review and other Insurance Aspects
- When to bring law enforcement in, and how to actually get something done.
- Addressing the board, the team, and nervous management.
- When to invoke forensics. Forensics for non-technical personnel
Dan Hadaway, CRISC, CISA, CISM
Dan is managing partner of Infotex, Inc, an Indiana Bankers Association preferred service provider in many areas of information technology including Managed Security Services, Network Monitoring, IT Auditing, and Information Security Training. Dan speaks regularly at conventions, conferences, and workshops. He is the facilitator of the IBA’s Annual Cybersecurity Conference, and is published in various trade magazines including Hoosier Banker and the ABA’s Compliance Magazine. Read his work at blog.infotex.com.
Involved in over a hundred “information security incidents” since 2000, Dan has been managing information technology risk since the late 1980s. He has helped create Incident Response Programs for banks ranging in size from 40 million to 2.5 billion in assets, and sits on several Incident Response Teams.
8:30 a.m. Registration & Continental Breakfast
9:00 a.m. Program Begins
12:00 Noon Lunch (included)
1:00 p.m. Program Resumes
4:00 p.m. Program Adjourns
This seminar will be held at the IBA Center for Professional Development, 8425 Woodfield Crossing Blvd, Suite 155E, Indianapolis, IN 46254. Directions, map & a list of local hotels are available at www.indianabankers.org or by calling 317-387-9380.
$225 First Person
$155 Each Additional Person
Participation in IBA programs is limited to members, associate members, and nonmembers from an eligible membership category at applicable member or nonmember rates.
Who Should Attend
Incident Response Teams: technical and non-technical members. Executives, Management Team Members who would weigh in on customer notification, Information Security Officers, Security Officers, HR, PR, Legal and Compliance, and of course Network Management and Operations
If you have any questions please contact Marcy Borden at 317-387-9380 or via e-mail at email@example.com
Within three or more business days prior to the day of an educational program, no cancellation charge will be assessed. Within two days prior, 50% of the fee is assessed. Refunds are not provided for cancellations the day before or absences on the day of the program. Substitutions are welcome at anytime.