Having a program for managing incidents is critical for any company, but especially for financial institutions such as banks, savings associations, credit unions, and trust companies. According to the Interagency Guidance on Response Programs, “a response program should be a key part of an institution’s security program.” As such, an effective incident response plan should be designed to protect customer and member information, prevent losses, and return systems to normal operation as soon as possible.
Improve your response process with features designed to help you develop and manage your formal Incident Response Plan.
Based on FFIEC-recommended elements, tailor action plans for analyzing, containing, and recovering from an incident; communication guidelines for coordinating with law enforcement, third parties, and customers; and handling processes to help facilitate the institution’s resilience.
Use the incident tracking system to document incidents as they occur. From incident detection through post-incident activities, use the flexible framework to ensure all aspects of an incident are adequately documented and can be referenced to improve future incident response processes.
Review updates to incident records using the automated timeline. This audit trail provides a series of date-and-time stamped actions, designed to improve communication among members of the incident response team and provide an authoritative listing of what took place during the response process.
Develop standard response procedures for certain types of incidents. Starting with a base action plan, stack category-specific action plans to build a series of steps for your teams to follow in the event of any type of incident. With both template and custom plans, you can ensure accurate and efficient responses.
CoNetrix offers online software to facilitate the development and maintenance of an incident response plan, following guidance from the Federal Financial Institutions Examination Council (FFIEC), National Institute of Standards and Technology (NIST), and other regulating bodies (e.g., FDIC, FRB, NCUA, OCC, etc.). Our software and templates help institutions comply with expectations in the FFIEC’s Information Security Booklet and Cybersecurity Assessment Tool, as well as the FDIC’s Information Technology Risk Examination (InTREx) Program.
The Incident Management product also features the ability to track and document the response process through the six stages of an incident as outlined by the NIST SP800-61 Rev. 2, Computer Security Incident Handling Guide. With date-and-time stamped events recorded and ready for download, your organization will be able to regroup after an incident and update the response plan accordingly.
Identify teams to oversee your organization’s security incident response processes. To ensure the team can adequately perform, coordinate, and support responses to security intrusions , document each team member’s contact information, outline the team’s roles and responsibilities, and assign handler roles to team members in the incident tracking system.
Define incident handler roles and responsibilities to ensure response processes are comprehensive and coordinated . Create and assign handler roles to ensure applicable personnel understand their role in containing intrusions, restoring systems, communicating with affected parties, and more.
To enable timely classification of incidents , apply categories to classify the incident and trigger certain responses through associated action plans. Associate template categories (e.g., data breach, malicious code, social engineering, third party, etc.) or create your own.
Review your action plans prior to using them in incident response. Using the action plan preview offers an easy way to ensure action steps are comprehensive, ordered logically, and would be easy to follow in the event of an incident.
Effortlessly generate your incident response plan or details about incidents that have occurred to share with your executive team, board of directors, auditors, and examiners.
These customizable documents are available in Microsoft Word and Adobe PDF formats.
The CoNetrix Tandem Incident Management software is feature-rich, including: