Cyber Response: That's a Technology thing, right?

By Rayleen Pirnie BCJ, AAP, CERP posted 09-10-2018 15:38


I often get questions about what cyber response has to do with, say, Operations, A/R, A/P, the Board or Compliance. The answer – a LOT! Consider your technology teams’ response to a cyber-attack. What do you think they will do if your business or institution comes under attack and confidential data is at risk. Yep – shut it down!

Ok, admittedly it’s not as simple as “shut it down” but the fact is that their primary goal is different than yours – their goal is network integrity. Yours? Very different. Their response to the attack can have a negative affect against the rest of your organization from account holder support to payments, and increase your legal, operational and reputational risk along the way. So what are you going to do about that? Between FFIEC and Regulator requirements for Operational Resilience plans to state laws requiring effective cyber response, it’s easy for any organization to struggle with a truly effective cyber incident response plan that goes beyond a technology response.

I’ve presented this interactive, fast-paced workshop for years and too often I find that organizations’ cyber response plans are missing some of the most critical parts that effect operational resilience. And that’s what the October 11 workshop focuses on. I assume your technology department has their plan covered. We will explore how their response to various attack scenarios affect YOUR area, from Compliance to Operations, the Board and CEO to the frontline, and more importantly, what your operational resilience plan must encompass.

BRING YOUR QUESTIONS! I never present this course the same way twice. Why you ask? Good question! Because at the very beginning, attendees tell me what we’re going to cover that day. Yep, you actually write our agenda to ensure you leave with what you need, regardless of how far along you are in program development.

During the course, I jot down areas where it’s apparent attendees need further assistance – after all, we only have a day together. So I take these back home to research, find the answers and resources, and provide a valuable follow-up resource document to make sure every attendee, no matter the industry, has plenty of actionable materials following the course.

So come join us on October 11th in Westborough to kick start your plan development or to ensure that your current efforts are headed in the right direction. From team development to communication strategies, escalation procedures to testing, and vendor management we’re going to cover it all. And oh yay, some seriously valuable goodies including a sample plan developed by a law firm, testing and playbook samples, and more are all waiting for you!

If you can’t join us on October 11th, there is a webinar option on October 9th where I’ll hit the high-points of an operational resilience plan. It obviously doesn’t go into as much detail or have as many actionable items given the time constraint, but will provide attendees with an overview of the basics of an effective cyber incident response plan. The webinar is best for institutions and organizations who already have a plan, to double-check that you have critical components covered.

Cyber Security Incident Response Interactive Workshop
Thursday, October 11, 2018
9:00 am - 4:00 pm
DoubleTree by Hilton Boston/Westborough