Print Page   |   Contact Us   |   Sign In   |   Register
Developing an Incident Response Plan for an Information Security Breach
Tell a Friend About This EventTell a Friend

When: 12:30 PM
Where: United States

« Go to Upcoming Event List  

Program Content:

We’ve all heard the news concerning the breach at Equifax. It isn’t a matter of "if" but "when", when it comes to an event that exposes confidential customer or corporate information. Any breach regardless of the type or size can be potentially devastating. Financial losses are not the only concern, what about your reputation? Financial institutions are particularly vulnerable by the very nature of the business. You have information that thieves want, information they can parlay into cold hard cash, if not the cash itself. Despite the fact that rapid response is key to successfully responding to a data breach and minimizing the negative effects, the financial services industry is mandated to implement security controls that include identifying potential risks, monitoring for and detecting unauthorized access, mitigating the outcome, and notifying customers, law enforcement, and regulators when it does happen. Examiners will be looking for your plan now more than ever.

Covered Topics:
       •Key regulatory requirements including state level data breach notification laws
       •Key elements of an Incident Response Plan
       •Computer Incident Response Team
       •Roles and Responsibilities
       •Overview of types of incidents
       •Response steps
       •Things you can do that may help prevent a breach


Who Should Attend:

Senior management, audit, compliance, risk management, security officers, operations, IT or anyone responsible for developing and executing the incident response plan or involved in the handling of an incident.



Susan Orr is a leading financial services expert with vast regulatory, risk management, and security best practice knowledge and expertise.

As an auditor and consultant, Susan is dedicated to assisting financial institutions in implementing appropriate policies and controls to protect confidential information and comply with regulatory mandates and best practices. Her expertise as an auditor and former examiner provides her the knowledge and expertise to conduct comprehensive IT general control and data security reviews and assist de novo institutions in the vendor selection process, preparing policies and procedures, and instituting controls. She also consults for numerous security providers and vendors helping them align products and services to meet institution regulatory mandates. Susan is a Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), and Certified Risk Professional (CRP).


Membership Management Software Powered by YourMembership  ::  Legal