4a. ALL - Establishing a Cyber Incident Response Playbook (Intermediate)

The Financial industry is facing a plethora of unprecedented and sophisticated cyber-criminal activities, including threats of fraud, account takeovers, and bad actor malicious acts (e.g., ransomware attacks).  Firms must be prepared to act swiftly in responding to an incident.  Effectively managing an incident response program requires careful planning, effective deployment, and the ability to adapt to various circumstances.  In this lab, participants will take a hands-on learning approach to designing and implementing a practical incident response playbook.  The following learning objectives will be met using case studies, examples, group discussions, and other application activities:

• Develop a process for scoping, planning, and executing an incident response plan for internal and third-party breaches.

• Decipher common cyber-attacks and consider the enterprise-wide impacts.

• Explore preventative practices including testing with tabletop exercises to detect gaps and enhance incident response efforts.

• Review timing for involving insurance and outside counsel and develop an effective communication plan for regulators, employees, clients, vendors, and other critical stakeholders.

• Share best practices for staying informed on emerging cyber issues and incidents.