SlideShare a Scribd company logo

What to Do Before a Cyber Incident Occurs

C
Colleen Beck-Domanico

The US Department of Justice has released best practices guidance for responding to cyber incidents. The guidance outlines 8 steps organizations should take before an incident occurs, including identifying critical assets to protect, creating an incident response plan, implementing appropriate technologies, authorizing network monitoring, engaging legal counsel, aligning policies with the response plan, engaging with law enforcement, and establishing information sharing relationships. The document provides details on each step and how to respond if an intrusion is detected by assessing the scope, preserving forensic evidence, and notifying authorities. A post-incident review is also recommended.

Economy & Finance
1 of 29
Download to read offline
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 1 JOIN. ENGAGE. LEAD. 8 STEPS TO TAKE BEFORE A CYBER INCIDENT OCCURS AND HOW TO RESPOND TO AN INTRUSION From The RMA Journal on the USDOJ’s best- practice guidance.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 2 JOIN. ENGAGE. LEAD. The U.S. Department of Justice has released “Best Practices for Victim-Response and Reporting of Cyber Incidents.” The guidance emphasizes the importance of planning before an incident occurs. BEST-PRACTICE GUIDANCE ON CYBER INCIDENTS
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 3 JOIN. ENGAGE. LEAD. BEST-PRACTICE GUIDANCE ON CYBER INCIDENTS (CONT.) • The guidance outlines steps you should take before, during, and after an incident and provides a summary checklist. What to do? • Included in the guidance are the Justice Department’s positions on the legal permissibility of a number of monitoring techniques and the impermissibility of many forms of hacking back. What’s legal?
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 4 JOIN. ENGAGE. LEAD. 8 STEPS TO TAKE BEFORE A CYBER INCIDENT OCCURS Identify your crown jewels. Create an actionable plan. Have appropriate technology and services. Have appropriate authorization to permit network monitoring. Ensure legal counsel is familiar with technology and cyber incident management. Ensure organization policies align with the incident response plan. Engage with law enforcement before an incident. Establish information-sharing relationships.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 5 JOIN. ENGAGE. LEAD. 1. IDENTIFY YOUR CROWN JEWELS The expense and resources required to protect your enterprise may force you to prioritize your efforts and may shape planning.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 6 JOIN. ENGAGE. LEAD. 1. IDENTIFY YOUR CROWN JEWELS (CONT.) Before formulating a cyber- incident response plan, you should first determine which data, assets, and services warrant the most protection.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 7 JOIN. ENGAGE. LEAD. 1. IDENTIFY YOUR CROWN JEWELS (CONT.) The guidance suggests that this prioritization of protection is an important first step in preventing a cyber intrusion or an attack from causing catastrophic harm.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 8 JOIN. ENGAGE. LEAD. Your organization should have a plan in place before an intrusion occurs. 2. CREATE AN ACTIONABLE PLAN
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 9 JOIN. ENGAGE. LEAD. 2. CREATE AN ACTIONABLE PLAN (CONT.) The plan should provide specific, concrete procedures to follow in the event of a cyber incident.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 10 JOIN. ENGAGE. LEAD. 2. CREATE AN ACTIONABLE PLAN (CONT.) The procedures should address: • Who has lead responsibility for different elements of an organization’s response. • How to contact critical personnel at any time. • How to proceed if critical personnel are unreachable. • What mission-critical data, networks, or services should be prioritized. • How to preserve data related to the intrusion in a forensically sound manner. • Which criteria will be used to ascertain whether data owners, customers, or partner companies should be notified. • Procedures for notifying law enforcement and others.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 11 JOIN. ENGAGE. LEAD. This may include off-site data backup, intrusion-detection capabilities, and data loss prevention technologies. 3. HAVE APPROPRIATE TECHNOLOGY AND SERVICES IN PLACE
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 12 JOIN. ENGAGE. LEAD. 3. HAVE APPROPRIATE TECHNOLOGY AND SERVICES IN PLACE (CONT.) The technology should already be installed, tested, and ready to deploy.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 13 JOIN. ENGAGE. LEAD. Your organization should adopt the necessary mechanisms to obtain user consent to monitor users’ communications so it can detect and respond to a cyber incident. 4. HAVE APPROPRIATE AUTHORIZATION TO PERMIT NETWORK MONITORING
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 14 JOIN. ENGAGE. LEAD. Having readily available access to advice from lawyers well acquainted with cyber incident response can speed up your organization’s decision making and help ensure that your incident response activities remain on firm legal footing. 5. ENSURE THAT LEGAL COUNSEL IS FAMILIAR WITH TECHNOLOGY AND CYBER INCIDENT MANAGEMENT
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 15 JOIN. ENGAGE. LEAD. Review personnel and human resource policies to ensure they will reasonably minimize the risk of cyber incidents, including insider threats. 6. ENSURE ORGANIZATION POLICIES ALIGN WITH THE INCIDENT RESPONSE PLAN
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 16 JOIN. ENGAGE. LEAD. 6. ENSURE ORGANIZATION POLICIES ALIGN WITH THE INCIDENT RESPONSE PLAN (CONT.) Proper personnel and IT policies may help prevent a cyber incident.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 17 JOIN. ENGAGE. LEAD. Having a point of contact and a preexisting relationship will facilitate any subsequent interaction that may occur if your organization needs to enlist assistance from law enforcement agencies. 7. ENGAGE WITH LAW ENFORCEMENT BEFORE AN INCIDENT
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 18 JOIN. ENGAGE. LEAD. 7. ENGAGE WITH LAW ENFORCEMENT BEFORE AN INCIDENT (CONT.) On a federal level, these include the Federal Bureau of Investigation and the U.S. Secret Service.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 19 JOIN. ENGAGE. LEAD. Information-sharing organizations exist to provide details on new or commonly exploited vulnerabilities. 8. ESTABLISH INFORMATION- SHARING RELATIONSHIPS
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 20 JOIN. ENGAGE. LEAD. 8. ESTABLISH INFORMATION-SHARING RELATIONSHIPS (CONT.) The Financial Services Information Sharing and Analysis Center (FSISAC) provides daily reports on new cyber attacks.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 21 JOIN. ENGAGE. LEAD. RESPONDING TO AN INTRUSION The guidance suggests that you first assess the nature and scope of the incident and determine whether it is an attack or just a technical glitch.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 22 JOIN. ENGAGE. LEAD. RESPONDING TO AN INTRUSION (CONT.) If the incident is an intrusion or attack, you might consider rerouting network traffic, filtering or blocking a distributed denial-of-service attack, or isolating all or parts of the compromised network.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 23 JOIN. ENGAGE. LEAD. RESPONDING TO AN INTRUSION (CONT.) Preserve relevant forensic images and logs and notify relevant law enforcement agencies and other potential victims.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 24 JOIN. ENGAGE. LEAD. RESPONDING TO AN INTRUSION (CONT.) You should not use compromised systems to communicate. • You should not attempt to access, damage, or impair another system that may appear to be involved in the attack.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 25 JOIN. ENGAGE. LEAD. Once a your organization has recovered from an attack, you should initiate measures to prevent similar attacks. AFTER AN ATTACK OR INTRUSION
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 26 JOIN. ENGAGE. LEAD. AFTER AN ATTACK OR INTRUSION (CONT.) Conduct a post-incident review of the response and assess the strengths and weaknesses of your organization’s performance.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 27 JOIN. ENGAGE. LEAD. AFTER AN ATTACK OR INTRUSION (CONT.) Response gaps and weaknesses should be noted and discussed and necessary remedial action taken.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 28 JOIN. ENGAGE. LEAD. LEARN MORE The RMA Journal is the award-winning magazine published by The Risk Management Association: • It is the only professional journal written by risk practitioners for risk practitioners. • Each article is peer reviewed by our Editorial Advisory Board prior to publication. • Published 10 times a year, The RMA Journal offers practical advice on managing risk across the enterprise. Learn more at: http://www.rmahq.org/tools-publications/the-rma-journal/the-rma-journal Become an RMA member and get The RMA Journal free.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 29 JOIN. ENGAGE. LEAD. SHARE THIS PRESENTATION Visit http://www.rmahq.org for information on risk management Visit our blog at http://rmablog.rmahq.org/ RMA is a member-driven professional association whose sole purpose is to advance sound risk principles in the financial services industry. RMA helps its members use sound risk principles to improve institutional performance and financial stability, and enhance the risk competency of individuals through information, education, peer sharing, and networking. Become a member today.

Recommended

Cyber Security Tips and Resources for Financial Institutions
Cyber Security Tips and Resources for Financial InstitutionsCyber Security Tips and Resources for Financial Institutions
Cyber Security Tips and Resources for Financial Institutions
Colleen Beck-Domanico
 
Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...
Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...
Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...
Cohesive Networks
 
Cybersecurity & the Board of Directors
Cybersecurity & the Board of DirectorsCybersecurity & the Board of Directors
Cybersecurity & the Board of Directors
Abdul-Hakeem Ajijola
 
What CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityWhat CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber Security
Phil Agcaoili
 
Supply Chain Risk Management corrected - Whitepaper
Supply Chain Risk Management corrected - WhitepaperSupply Chain Risk Management corrected - Whitepaper
Supply Chain Risk Management corrected - Whitepaper
NIIT Technologies
 
Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity
Dawn Yankeelov
 
Improving Cyber Security Literacy in Boards & Executives
Improving Cyber Security Literacy in Boards & ExecutivesImproving Cyber Security Literacy in Boards & Executives
Improving Cyber Security Literacy in Boards & Executives
Tripwire
 
Cybersecurity and The Board
Cybersecurity and The BoardCybersecurity and The Board
Cybersecurity and The Board
Paul Melson
 

Recommended

Cyber Security Tips and Resources for Financial Institutions
Cyber Security Tips and Resources for Financial InstitutionsCyber Security Tips and Resources for Financial Institutions
Cyber Security Tips and Resources for Financial Institutions
Colleen Beck-Domanico
 
Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...
Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...
Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...
Cohesive Networks
 
Cybersecurity & the Board of Directors
Cybersecurity & the Board of DirectorsCybersecurity & the Board of Directors
Cybersecurity & the Board of Directors
Abdul-Hakeem Ajijola
 
What CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityWhat CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber Security
Phil Agcaoili
 
Supply Chain Risk Management corrected - Whitepaper
Supply Chain Risk Management corrected - WhitepaperSupply Chain Risk Management corrected - Whitepaper
Supply Chain Risk Management corrected - Whitepaper
NIIT Technologies
 
Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity
Dawn Yankeelov
 
Improving Cyber Security Literacy in Boards & Executives
Improving Cyber Security Literacy in Boards & ExecutivesImproving Cyber Security Literacy in Boards & Executives
Improving Cyber Security Literacy in Boards & Executives
Tripwire
 
Cybersecurity and The Board
Cybersecurity and The BoardCybersecurity and The Board
Cybersecurity and The Board
Paul Melson
 
2015 KSU So You Want To Be in Cyber Security
2015 KSU So You Want To Be in Cyber Security2015 KSU So You Want To Be in Cyber Security
2015 KSU So You Want To Be in Cyber Security
Phil Agcaoili
 
Cover and CyberSecurity Essay
Cover and CyberSecurity EssayCover and CyberSecurity Essay
Cover and CyberSecurity Essay
Michael Solomon
 
The ever increasing threat of cyber crime
The ever increasing threat of cyber crimeThe ever increasing threat of cyber crime
The ever increasing threat of cyber crime
Nathan Desfontaines
 
Information Technology Vendor Risk Management
Information Technology Vendor Risk ManagementInformation Technology Vendor Risk Management
Information Technology Vendor Risk Management
Deepak Bansal, CPA CISSP
 
Cyber Risk in the Energy Industry
Cyber Risk in the Energy IndustryCyber Risk in the Energy Industry
Cyber Risk in the Energy Industry
Tim Christ Executive Leadership
 
Cyber Insurance Temp
Cyber Insurance TempCyber Insurance Temp
Cyber Insurance Temp
Rohan Sehgal
 
Convince your board - cyber attack prevention is better than cure
Convince your board - cyber attack prevention is better than cureConvince your board - cyber attack prevention is better than cure
Convince your board - cyber attack prevention is better than cure
Dave James
 
The Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityThe Proactive Approach to Cyber Security
The Proactive Approach to Cyber Security
Nathan Desfontaines
 
Debunking Myths for Cyber-Insurance
Debunking Myths for Cyber-InsuranceDebunking Myths for Cyber-Insurance
Debunking Myths for Cyber-Insurance
Priyanka Aash
 
Justifying Security Investment
Justifying Security InvestmentJustifying Security Investment
Justifying Security Investment
Jojo Colina
 
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Jeremiah Grossman
 
Case Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information SecurityCase Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information Security
PECB
 
College Presentation
College PresentationCollege Presentation
College Presentation
scottfrost
 
No More Snake Oil: Why InfoSec Needs Security Guarantees
No More Snake Oil: Why InfoSec Needs Security GuaranteesNo More Snake Oil: Why InfoSec Needs Security Guarantees
No More Snake Oil: Why InfoSec Needs Security Guarantees
Jeremiah Grossman
 
Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019
Dawn Yankeelov
 
What Not-for-Profits Can Do To Prevent "Uninspired" Theft
What Not-for-Profits Can Do To Prevent "Uninspired" TheftWhat Not-for-Profits Can Do To Prevent "Uninspired" Theft
What Not-for-Profits Can Do To Prevent "Uninspired" Theft
CBIZ, Inc.
 
Banks and cybersecurity v2
Banks and cybersecurity v2Banks and cybersecurity v2
Banks and cybersecurity v2
Semir Ibrahimovic
 
Cyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework PanelCyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework Panel
Paul Di Gangi
 
Cybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsCybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial Institutions
Sarah Cirelli
 
Security assessment isaca sv presentation jan 2016
Security assessment isaca sv presentation jan 2016Security assessment isaca sv presentation jan 2016
Security assessment isaca sv presentation jan 2016
EnterpriseGRC Solutions, Inc.
 
How to Manage Increasing Data Compliance Issues in Community Banks
How to Manage Increasing Data Compliance Issues in Community BanksHow to Manage Increasing Data Compliance Issues in Community Banks
How to Manage Increasing Data Compliance Issues in Community Banks
Colleen Beck-Domanico
 
How to Measure and Mitigate Conduct Risk
How to Measure and Mitigate Conduct RiskHow to Measure and Mitigate Conduct Risk
How to Measure and Mitigate Conduct Risk
Colleen Beck-Domanico
 

More Related Content

What's hot

2015 KSU So You Want To Be in Cyber Security
2015 KSU So You Want To Be in Cyber Security2015 KSU So You Want To Be in Cyber Security
2015 KSU So You Want To Be in Cyber Security
Phil Agcaoili
 
Cover and CyberSecurity Essay
Cover and CyberSecurity EssayCover and CyberSecurity Essay
Cover and CyberSecurity Essay
Michael Solomon
 
Justifying Security Investment
Justifying Security InvestmentJustifying Security Investment
Justifying Security Investment
Jojo Colina
 
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Jeremiah Grossman
 
Case Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information SecurityCase Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information Security
PECB
 

What's hot (20)

2015 KSU So You Want To Be in Cyber Security
2015 KSU So You Want To Be in Cyber Security2015 KSU So You Want To Be in Cyber Security
2015 KSU So You Want To Be in Cyber Security
 
Cover and CyberSecurity Essay
Cover and CyberSecurity EssayCover and CyberSecurity Essay
Cover and CyberSecurity Essay
 
The ever increasing threat of cyber crime
The ever increasing threat of cyber crimeThe ever increasing threat of cyber crime
The ever increasing threat of cyber crime
 
Information Technology Vendor Risk Management
Information Technology Vendor Risk ManagementInformation Technology Vendor Risk Management
Information Technology Vendor Risk Management
 
Cyber Risk in the Energy Industry
Cyber Risk in the Energy IndustryCyber Risk in the Energy Industry
Cyber Risk in the Energy Industry
 
Cyber Insurance Temp
Cyber Insurance TempCyber Insurance Temp
Cyber Insurance Temp
 
Convince your board - cyber attack prevention is better than cure
Convince your board - cyber attack prevention is better than cureConvince your board - cyber attack prevention is better than cure
Convince your board - cyber attack prevention is better than cure
 
The Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityThe Proactive Approach to Cyber Security
The Proactive Approach to Cyber Security
 
Debunking Myths for Cyber-Insurance
Debunking Myths for Cyber-InsuranceDebunking Myths for Cyber-Insurance
Debunking Myths for Cyber-Insurance
 
Justifying Security Investment
Justifying Security InvestmentJustifying Security Investment
Justifying Security Investment
 
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
 
Case Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information SecurityCase Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information Security
 
College Presentation
College PresentationCollege Presentation
College Presentation
 
No More Snake Oil: Why InfoSec Needs Security Guarantees
No More Snake Oil: Why InfoSec Needs Security GuaranteesNo More Snake Oil: Why InfoSec Needs Security Guarantees
No More Snake Oil: Why InfoSec Needs Security Guarantees
 
Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019
 
What Not-for-Profits Can Do To Prevent "Uninspired" Theft
What Not-for-Profits Can Do To Prevent "Uninspired" TheftWhat Not-for-Profits Can Do To Prevent "Uninspired" Theft
What Not-for-Profits Can Do To Prevent "Uninspired" Theft
 
Banks and cybersecurity v2
Banks and cybersecurity v2Banks and cybersecurity v2
Banks and cybersecurity v2
 
Cyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework PanelCyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework Panel
 
Cybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsCybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial Institutions
 
Security assessment isaca sv presentation jan 2016
Security assessment isaca sv presentation jan 2016Security assessment isaca sv presentation jan 2016
Security assessment isaca sv presentation jan 2016
 

Similar to What to Do Before a Cyber Incident Occurs

Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gaps
IBM Security
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk Management
Daren Dunkel
 
The Security Circle- Services Offered
The Security Circle- Services OfferedThe Security Circle- Services Offered
The Security Circle- Services Offered
Rachel Anne Carter
 
Incident Response: Security's Special Teams
Incident Response: Security's Special TeamsIncident Response: Security's Special Teams
Incident Response: Security's Special Teams
Resilient Systems
 

Similar to What to Do Before a Cyber Incident Occurs (20)

How to Manage Increasing Data Compliance Issues in Community Banks
How to Manage Increasing Data Compliance Issues in Community BanksHow to Manage Increasing Data Compliance Issues in Community Banks
How to Manage Increasing Data Compliance Issues in Community Banks
 
How to Measure and Mitigate Conduct Risk
How to Measure and Mitigate Conduct RiskHow to Measure and Mitigate Conduct Risk
How to Measure and Mitigate Conduct Risk
 
Operational Risk Governance: 5 Core Regulatory Expectations
Operational Risk Governance: 5 Core Regulatory ExpectationsOperational Risk Governance: 5 Core Regulatory Expectations
Operational Risk Governance: 5 Core Regulatory Expectations
 
Key Challenges Facing Vendor Risk Management Programs
Key Challenges Facing Vendor Risk Management ProgramsKey Challenges Facing Vendor Risk Management Programs
Key Challenges Facing Vendor Risk Management Programs
 
10 Key Principles of Operational Risk Management
10 Key Principles of Operational Risk Management10 Key Principles of Operational Risk Management
10 Key Principles of Operational Risk Management
 
Cyber Risk and Marine Insurance
Cyber Risk and Marine InsuranceCyber Risk and Marine Insurance
Cyber Risk and Marine Insurance
 
Meeting the Challenge of HMDA Compliance
Meeting the Challenge of HMDA ComplianceMeeting the Challenge of HMDA Compliance
Meeting the Challenge of HMDA Compliance
 
7 Tips to Help You Prepare for CECL
7 Tips to Help You Prepare for CECL7 Tips to Help You Prepare for CECL
7 Tips to Help You Prepare for CECL
 
Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gaps
 
Infocom security 2016 - Cromar Presentation
Infocom security 2016 - Cromar PresentationInfocom security 2016 - Cromar Presentation
Infocom security 2016 - Cromar Presentation
 
Winning Tactics for Data Governance
Winning Tactics for Data GovernanceWinning Tactics for Data Governance
Winning Tactics for Data Governance
 
Equifax
Equifax Equifax
Equifax
 
Robert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government ContractorsRobert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government Contractors
 
Cyber Risks - Maligec and Eskins
Cyber Risks - Maligec and EskinsCyber Risks - Maligec and Eskins
Cyber Risks - Maligec and Eskins
 
Provide a MEMO.docx
Provide a MEMO.docxProvide a MEMO.docx
Provide a MEMO.docx
 
Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...
Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...
Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk Management
 
The Security Circle- Services Offered
The Security Circle- Services OfferedThe Security Circle- Services Offered
The Security Circle- Services Offered
 
Incident Response: Security's Special Teams
Incident Response: Security's Special TeamsIncident Response: Security's Special Teams
Incident Response: Security's Special Teams
 
Small Business Lending Outlook
Small Business Lending OutlookSmall Business Lending Outlook
Small Business Lending Outlook
 

More from Colleen Beck-Domanico

More from Colleen Beck-Domanico (20)

The Top 7 Risks Challenging the Financial Services Industry in the COVID-19 E...
The Top 7 Risks Challenging the Financial Services Industry in the COVID-19 E...The Top 7 Risks Challenging the Financial Services Industry in the COVID-19 E...
The Top 7 Risks Challenging the Financial Services Industry in the COVID-19 E...
 
The RMA COVID-19 Resource Center
The RMA COVID-19 Resource CenterThe RMA COVID-19 Resource Center
The RMA COVID-19 Resource Center
 
How Modernized Training Is Influencing the Banking Industry
How Modernized Training Is Influencing the Banking IndustryHow Modernized Training Is Influencing the Banking Industry
How Modernized Training Is Influencing the Banking Industry
 
The Top Risks Challenging the Financial Services Industry
The Top Risks Challenging the Financial Services IndustryThe Top Risks Challenging the Financial Services Industry
The Top Risks Challenging the Financial Services Industry
 
Recruiting, Developing, and Retaining Risk Talent
Recruiting, Developing, and Retaining Risk TalentRecruiting, Developing, and Retaining Risk Talent
Recruiting, Developing, and Retaining Risk Talent
 
How will climate change affect financial services?
How will climate change affect financial services?How will climate change affect financial services?
How will climate change affect financial services?
 
Credit Risk Certification (CRC): 5 Reasons to Up Your Game
Credit Risk Certification (CRC): 5 Reasons to Up Your GameCredit Risk Certification (CRC): 5 Reasons to Up Your Game
Credit Risk Certification (CRC): 5 Reasons to Up Your Game
 
5 Risks in Commercial Lending
5 Risks in Commercial Lending5 Risks in Commercial Lending
5 Risks in Commercial Lending
 
What Skills Will Risk Managers Need in 2028
What Skills Will Risk Managers Need in 2028What Skills Will Risk Managers Need in 2028
What Skills Will Risk Managers Need in 2028
 
Implementing the CECL Standard: 5 Actions to Take Now
Implementing the CECL Standard: 5 Actions to Take Now Implementing the CECL Standard: 5 Actions to Take Now
Implementing the CECL Standard: 5 Actions to Take Now
 
What is Blockchain and How Can It Change the Game for Financial Institutions?
What is Blockchain and How Can It Change the Game for Financial Institutions?What is Blockchain and How Can It Change the Game for Financial Institutions?
What is Blockchain and How Can It Change the Game for Financial Institutions?
 
Implementing the New BSA Customer Due Diligence Rule
Implementing the New BSA Customer Due Diligence RuleImplementing the New BSA Customer Due Diligence Rule
Implementing the New BSA Customer Due Diligence Rule
 
3 Things You Should Know about Appraisals
3 Things You Should Know about Appraisals3 Things You Should Know about Appraisals
3 Things You Should Know about Appraisals
 
How to Keep Your Balance as a Risk Manager
How to Keep Your Balance as a Risk ManagerHow to Keep Your Balance as a Risk Manager
How to Keep Your Balance as a Risk Manager
 
Being a Banker Today: The Changing Role of the Underwriter
Being a Banker Today: The Changing Role of the UnderwriterBeing a Banker Today: The Changing Role of the Underwriter
Being a Banker Today: The Changing Role of the Underwriter
 
5 Commercial Real Estate (CRE) Challenges in 2017
5 Commercial Real Estate (CRE) Challenges in 20175 Commercial Real Estate (CRE) Challenges in 2017
5 Commercial Real Estate (CRE) Challenges in 2017
 
The Rise and Risks of Lending to Non-Depository Financial Institutions
The Rise and Risks of Lending to Non-Depository Financial InstitutionsThe Rise and Risks of Lending to Non-Depository Financial Institutions
The Rise and Risks of Lending to Non-Depository Financial Institutions
 
8 Risk Management Tips You Need to Know Now
8 Risk Management Tips You Need to Know Now8 Risk Management Tips You Need to Know Now
8 Risk Management Tips You Need to Know Now
 
A Quick Guide to Credit Considerations in Hospitality Lending
A Quick Guide to Credit Considerations in Hospitality LendingA Quick Guide to Credit Considerations in Hospitality Lending
A Quick Guide to Credit Considerations in Hospitality Lending
 
How to Make Your Specialty Services Lending Rock: Credit Considerations for 4...
How to Make Your Specialty Services Lending Rock: Credit Considerations for 4...How to Make Your Specialty Services Lending Rock: Credit Considerations for 4...
How to Make Your Specialty Services Lending Rock: Credit Considerations for 4...
 

Recently uploaded

Call Girls Service Pune ₹7.5k Pick Up & Drop With Cash Payment 9352852248 Cal...
Call Girls Service Pune ₹7.5k Pick Up & Drop With Cash Payment 9352852248 Cal...Call Girls Service Pune ₹7.5k Pick Up & Drop With Cash Payment 9352852248 Cal...
Call Girls Service Pune ₹7.5k Pick Up & Drop With Cash Payment 9352852248 Cal...
roshnidevijkn ( Why You Choose Us? ) Escorts
 
VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...
VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...
VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...
dipikadinghjn ( Why You Choose Us? ) Escorts
 
Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...
Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...
Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...
priyasharma62062
 
call girls in Sant Nagar (DELHI) 🔝 >༒9953056974 🔝 genuine Escort Service 🔝✔️✔️
call girls in Sant Nagar (DELHI) 🔝 >༒9953056974 🔝 genuine Escort Service 🔝✔️✔️call girls in Sant Nagar (DELHI) 🔝 >༒9953056974 🔝 genuine Escort Service 🔝✔️✔️
call girls in Sant Nagar (DELHI) 🔝 >༒9953056974 🔝 genuine Escort Service 🔝✔️✔️
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
(INDIRA) Call Girl Srinagar Call Now 8617697112 Srinagar Escorts 24x7
(INDIRA) Call Girl Srinagar Call Now 8617697112 Srinagar Escorts 24x7(INDIRA) Call Girl Srinagar Call Now 8617697112 Srinagar Escorts 24x7
(INDIRA) Call Girl Srinagar Call Now 8617697112 Srinagar Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Call Girls in Nagpur High Profile
 
Call Girls Banaswadi Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
Call Girls Banaswadi Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...Call Girls Banaswadi Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
Call Girls Banaswadi Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
amitlee9823
 
Top Rated Pune Call Girls Sinhagad Road ⟟ 6297143586 ⟟ Call Me For Genuine S...
Top Rated Pune Call Girls Sinhagad Road ⟟ 6297143586 ⟟ Call Me For Genuine S...Top Rated Pune Call Girls Sinhagad Road ⟟ 6297143586 ⟟ Call Me For Genuine S...
Top Rated Pune Call Girls Sinhagad Road ⟟ 6297143586 ⟟ Call Me For Genuine S...
Call Girls in Nagpur High Profile
 
VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...
VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...
VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...
dipikadinghjn ( Why You Choose Us? ) Escorts
 
VIP Independent Call Girls in Mumbai 🌹 9920725232 ( Call Me ) Mumbai Escorts ...
VIP Independent Call Girls in Mumbai 🌹 9920725232 ( Call Me ) Mumbai Escorts ...VIP Independent Call Girls in Mumbai 🌹 9920725232 ( Call Me ) Mumbai Escorts ...
VIP Independent Call Girls in Mumbai 🌹 9920725232 ( Call Me ) Mumbai Escorts ...
dipikadinghjn ( Why You Choose Us? ) Escorts
 
Top Rated Pune Call Girls Pashan ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...
Top Rated Pune Call Girls Pashan ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...Top Rated Pune Call Girls Pashan ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...
Top Rated Pune Call Girls Pashan ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...
Call Girls in Nagpur High Profile
 
VIP Call Girl in Thane 💧 9920725232 ( Call Me ) Get A New Crush Everyday With...
VIP Call Girl in Thane 💧 9920725232 ( Call Me ) Get A New Crush Everyday With...VIP Call Girl in Thane 💧 9920725232 ( Call Me ) Get A New Crush Everyday With...
VIP Call Girl in Thane 💧 9920725232 ( Call Me ) Get A New Crush Everyday With...
dipikadinghjn ( Why You Choose Us? ) Escorts
 
Enjoy Night⚡Call Girls Patel Nagar Delhi >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Patel Nagar Delhi >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Patel Nagar Delhi >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Patel Nagar Delhi >༒8448380779 Escort Service
Delhi Call girls
 
VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...
VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...
VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...
dipikadinghjn ( Why You Choose Us? ) Escorts
 
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
Call Girls in Nagpur High Profile
 

Recently uploaded (20)

Solution Manual for Financial Accounting, 11th Edition by Robert Libby, Patri...
Solution Manual for Financial Accounting, 11th Edition by Robert Libby, Patri...Solution Manual for Financial Accounting, 11th Edition by Robert Libby, Patri...
Solution Manual for Financial Accounting, 11th Edition by Robert Libby, Patri...
 
Business Principles, Tools, and Techniques in Participating in Various Types...
Business Principles, Tools, and Techniques in Participating in Various Types...Business Principles, Tools, and Techniques in Participating in Various Types...
Business Principles, Tools, and Techniques in Participating in Various Types...
 
Call Girls Service Pune ₹7.5k Pick Up & Drop With Cash Payment 9352852248 Cal...
Call Girls Service Pune ₹7.5k Pick Up & Drop With Cash Payment 9352852248 Cal...Call Girls Service Pune ₹7.5k Pick Up & Drop With Cash Payment 9352852248 Cal...
Call Girls Service Pune ₹7.5k Pick Up & Drop With Cash Payment 9352852248 Cal...
 
VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...
VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...
VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...
 
Mira Road Memorable Call Grls Number-9833754194-Bhayandar Speciallty Call Gir...
Mira Road Memorable Call Grls Number-9833754194-Bhayandar Speciallty Call Gir...Mira Road Memorable Call Grls Number-9833754194-Bhayandar Speciallty Call Gir...
Mira Road Memorable Call Grls Number-9833754194-Bhayandar Speciallty Call Gir...
 
Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...
Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...
Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...
 
call girls in Sant Nagar (DELHI) 🔝 >༒9953056974 🔝 genuine Escort Service 🔝✔️✔️
call girls in Sant Nagar (DELHI) 🔝 >༒9953056974 🔝 genuine Escort Service 🔝✔️✔️call girls in Sant Nagar (DELHI) 🔝 >༒9953056974 🔝 genuine Escort Service 🔝✔️✔️
call girls in Sant Nagar (DELHI) 🔝 >༒9953056974 🔝 genuine Escort Service 🔝✔️✔️
 
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
 
(INDIRA) Call Girl Srinagar Call Now 8617697112 Srinagar Escorts 24x7
(INDIRA) Call Girl Srinagar Call Now 8617697112 Srinagar Escorts 24x7(INDIRA) Call Girl Srinagar Call Now 8617697112 Srinagar Escorts 24x7
(INDIRA) Call Girl Srinagar Call Now 8617697112 Srinagar Escorts 24x7
 
Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
 
Call Girls Banaswadi Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
Call Girls Banaswadi Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...Call Girls Banaswadi Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
Call Girls Banaswadi Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
 
Top Rated Pune Call Girls Sinhagad Road ⟟ 6297143586 ⟟ Call Me For Genuine S...
Top Rated Pune Call Girls Sinhagad Road ⟟ 6297143586 ⟟ Call Me For Genuine S...Top Rated Pune Call Girls Sinhagad Road ⟟ 6297143586 ⟟ Call Me For Genuine S...
Top Rated Pune Call Girls Sinhagad Road ⟟ 6297143586 ⟟ Call Me For Genuine S...
 
VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...
VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...
VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...
 
Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )
Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )
Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )
 
VIP Independent Call Girls in Mumbai 🌹 9920725232 ( Call Me ) Mumbai Escorts ...
VIP Independent Call Girls in Mumbai 🌹 9920725232 ( Call Me ) Mumbai Escorts ...VIP Independent Call Girls in Mumbai 🌹 9920725232 ( Call Me ) Mumbai Escorts ...
VIP Independent Call Girls in Mumbai 🌹 9920725232 ( Call Me ) Mumbai Escorts ...
 
Top Rated Pune Call Girls Pashan ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...
Top Rated Pune Call Girls Pashan ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...Top Rated Pune Call Girls Pashan ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...
Top Rated Pune Call Girls Pashan ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...
 
VIP Call Girl in Thane 💧 9920725232 ( Call Me ) Get A New Crush Everyday With...
VIP Call Girl in Thane 💧 9920725232 ( Call Me ) Get A New Crush Everyday With...VIP Call Girl in Thane 💧 9920725232 ( Call Me ) Get A New Crush Everyday With...
VIP Call Girl in Thane 💧 9920725232 ( Call Me ) Get A New Crush Everyday With...
 
Enjoy Night⚡Call Girls Patel Nagar Delhi >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Patel Nagar Delhi >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Patel Nagar Delhi >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Patel Nagar Delhi >༒8448380779 Escort Service
 
VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...
VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...
VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...
 
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
 

What to Do Before a Cyber Incident Occurs

  • 1. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 1 JOIN. ENGAGE. LEAD. 8 STEPS TO TAKE BEFORE A CYBER INCIDENT OCCURS AND HOW TO RESPOND TO AN INTRUSION From The RMA Journal on the USDOJ’s best- practice guidance.
  • 2. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 2 JOIN. ENGAGE. LEAD. The U.S. Department of Justice has released “Best Practices for Victim-Response and Reporting of Cyber Incidents.” The guidance emphasizes the importance of planning before an incident occurs. BEST-PRACTICE GUIDANCE ON CYBER INCIDENTS
  • 3. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 3 JOIN. ENGAGE. LEAD. BEST-PRACTICE GUIDANCE ON CYBER INCIDENTS (CONT.) • The guidance outlines steps you should take before, during, and after an incident and provides a summary checklist. What to do? • Included in the guidance are the Justice Department’s positions on the legal permissibility of a number of monitoring techniques and the impermissibility of many forms of hacking back. What’s legal?
  • 4. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 4 JOIN. ENGAGE. LEAD. 8 STEPS TO TAKE BEFORE A CYBER INCIDENT OCCURS Identify your crown jewels. Create an actionable plan. Have appropriate technology and services. Have appropriate authorization to permit network monitoring. Ensure legal counsel is familiar with technology and cyber incident management. Ensure organization policies align with the incident response plan. Engage with law enforcement before an incident. Establish information-sharing relationships.
  • 5. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 5 JOIN. ENGAGE. LEAD. 1. IDENTIFY YOUR CROWN JEWELS The expense and resources required to protect your enterprise may force you to prioritize your efforts and may shape planning.
  • 6. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 6 JOIN. ENGAGE. LEAD. 1. IDENTIFY YOUR CROWN JEWELS (CONT.) Before formulating a cyber- incident response plan, you should first determine which data, assets, and services warrant the most protection.
  • 7. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 7 JOIN. ENGAGE. LEAD. 1. IDENTIFY YOUR CROWN JEWELS (CONT.) The guidance suggests that this prioritization of protection is an important first step in preventing a cyber intrusion or an attack from causing catastrophic harm.
  • 8. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 8 JOIN. ENGAGE. LEAD. Your organization should have a plan in place before an intrusion occurs. 2. CREATE AN ACTIONABLE PLAN
  • 9. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 9 JOIN. ENGAGE. LEAD. 2. CREATE AN ACTIONABLE PLAN (CONT.) The plan should provide specific, concrete procedures to follow in the event of a cyber incident.
  • 10. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 10 JOIN. ENGAGE. LEAD. 2. CREATE AN ACTIONABLE PLAN (CONT.) The procedures should address: • Who has lead responsibility for different elements of an organization’s response. • How to contact critical personnel at any time. • How to proceed if critical personnel are unreachable. • What mission-critical data, networks, or services should be prioritized. • How to preserve data related to the intrusion in a forensically sound manner. • Which criteria will be used to ascertain whether data owners, customers, or partner companies should be notified. • Procedures for notifying law enforcement and others.
  • 11. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 11 JOIN. ENGAGE. LEAD. This may include off-site data backup, intrusion-detection capabilities, and data loss prevention technologies. 3. HAVE APPROPRIATE TECHNOLOGY AND SERVICES IN PLACE
  • 12. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 12 JOIN. ENGAGE. LEAD. 3. HAVE APPROPRIATE TECHNOLOGY AND SERVICES IN PLACE (CONT.) The technology should already be installed, tested, and ready to deploy.
  • 13. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 13 JOIN. ENGAGE. LEAD. Your organization should adopt the necessary mechanisms to obtain user consent to monitor users’ communications so it can detect and respond to a cyber incident. 4. HAVE APPROPRIATE AUTHORIZATION TO PERMIT NETWORK MONITORING
  • 14. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 14 JOIN. ENGAGE. LEAD. Having readily available access to advice from lawyers well acquainted with cyber incident response can speed up your organization’s decision making and help ensure that your incident response activities remain on firm legal footing. 5. ENSURE THAT LEGAL COUNSEL IS FAMILIAR WITH TECHNOLOGY AND CYBER INCIDENT MANAGEMENT
  • 15. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 15 JOIN. ENGAGE. LEAD. Review personnel and human resource policies to ensure they will reasonably minimize the risk of cyber incidents, including insider threats. 6. ENSURE ORGANIZATION POLICIES ALIGN WITH THE INCIDENT RESPONSE PLAN
  • 16. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 16 JOIN. ENGAGE. LEAD. 6. ENSURE ORGANIZATION POLICIES ALIGN WITH THE INCIDENT RESPONSE PLAN (CONT.) Proper personnel and IT policies may help prevent a cyber incident.
  • 17. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 17 JOIN. ENGAGE. LEAD. Having a point of contact and a preexisting relationship will facilitate any subsequent interaction that may occur if your organization needs to enlist assistance from law enforcement agencies. 7. ENGAGE WITH LAW ENFORCEMENT BEFORE AN INCIDENT
  • 18. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 18 JOIN. ENGAGE. LEAD. 7. ENGAGE WITH LAW ENFORCEMENT BEFORE AN INCIDENT (CONT.) On a federal level, these include the Federal Bureau of Investigation and the U.S. Secret Service.
  • 19. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 19 JOIN. ENGAGE. LEAD. Information-sharing organizations exist to provide details on new or commonly exploited vulnerabilities. 8. ESTABLISH INFORMATION- SHARING RELATIONSHIPS
  • 20. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 20 JOIN. ENGAGE. LEAD. 8. ESTABLISH INFORMATION-SHARING RELATIONSHIPS (CONT.) The Financial Services Information Sharing and Analysis Center (FSISAC) provides daily reports on new cyber attacks.
  • 21. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 21 JOIN. ENGAGE. LEAD. RESPONDING TO AN INTRUSION The guidance suggests that you first assess the nature and scope of the incident and determine whether it is an attack or just a technical glitch.
  • 22. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 22 JOIN. ENGAGE. LEAD. RESPONDING TO AN INTRUSION (CONT.) If the incident is an intrusion or attack, you might consider rerouting network traffic, filtering or blocking a distributed denial-of-service attack, or isolating all or parts of the compromised network.
  • 23. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 23 JOIN. ENGAGE. LEAD. RESPONDING TO AN INTRUSION (CONT.) Preserve relevant forensic images and logs and notify relevant law enforcement agencies and other potential victims.
  • 24. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 24 JOIN. ENGAGE. LEAD. RESPONDING TO AN INTRUSION (CONT.) You should not use compromised systems to communicate. • You should not attempt to access, damage, or impair another system that may appear to be involved in the attack.
  • 25. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 25 JOIN. ENGAGE. LEAD. Once a your organization has recovered from an attack, you should initiate measures to prevent similar attacks. AFTER AN ATTACK OR INTRUSION
  • 26. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 26 JOIN. ENGAGE. LEAD. AFTER AN ATTACK OR INTRUSION (CONT.) Conduct a post-incident review of the response and assess the strengths and weaknesses of your organization’s performance.
  • 27. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 27 JOIN. ENGAGE. LEAD. AFTER AN ATTACK OR INTRUSION (CONT.) Response gaps and weaknesses should be noted and discussed and necessary remedial action taken.
  • 28. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 28 JOIN. ENGAGE. LEAD. LEARN MORE The RMA Journal is the award-winning magazine published by The Risk Management Association: • It is the only professional journal written by risk practitioners for risk practitioners. • Each article is peer reviewed by our Editorial Advisory Board prior to publication. • Published 10 times a year, The RMA Journal offers practical advice on managing risk across the enterprise. Learn more at: http://www.rmahq.org/tools-publications/the-rma-journal/the-rma-journal Become an RMA member and get The RMA Journal free.
  • 29. Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 29 JOIN. ENGAGE. LEAD. SHARE THIS PRESENTATION Visit http://www.rmahq.org for information on risk management Visit our blog at http://rmablog.rmahq.org/ RMA is a member-driven professional association whose sole purpose is to advance sound risk principles in the financial services industry. RMA helps its members use sound risk principles to improve institutional performance and financial stability, and enhance the risk competency of individuals through information, education, peer sharing, and networking. Become a member today.