What happens if your institution suffers an ATM skimming attack and customer accounts have been compromised? Or if a payments processor is hacked and thousands of your credit/debit cardholders are potentially exposed to fraud?
These aren't hypothetical breaches; they've occurred. Repeatedly. And they prove that an Incident Response plan isn't just a 'nice to have' for a financial institution - it's a must. This webinar outlines the critical components of documenting, testing and updating Incident Response plans.
Matthew Speare, who created and oversees the Incident Response program at M&T Bank in New York, will discuss the hottest trends in Incident Response, including:
The latest regulatory guidance;
How to fulfill the elements of a good plan;
How to handle one of the most critical elements of Incident Response - customer communications;
What to do when the incident occurs at one of your vendors.
Incident Response by definition refers to the formal reaction to a security breach, i.e. a physical or electronic hack. Every financial institution is required to document, test, update and communicate a formal Incident Response Plan, which may include forensics, eDiscovery and other tactics necessary in the wake of a security breach.
Increasingly, Incident Response Plans also include Legal and Public Relations teams as appropriate, as well as costumer communications, to ensure the timely release of accurate information.
And then there's the new focus of Incident Response: Third-party service providers. It's one thing to account for incidents at your own institution. As recent breaches have taught us, what if the incident occurs at one of your vendors? The damage can be just as devastating to your business and to customer confidence.
In this webinar, Matthew Speare will discuss the requirements of incident response guidance and the steps that the industry has taken to implement solutions to address the guidance. Among the topics he'll discuss:
Current regulatory guidance on Incident Response
What today constitutes a security incident?
What information is considered sensitive customer information?
How to handle customer communications
Steps to take if there is an ongoing investigation
How to address incidents that occur at a vendor.
Premium Members Only
OnDemand access to this webinar is restricted to Premium Members.
Executive Vice President & Enterprise CIO, Regions Bank
Speare joined Regions in 2013 and serves as the head of governance and integration. Regions is a top U.S. bank-holding company headquartered in Birmingham, Ala., with $117 billion in assets, operating approximately 1,700 banking offices in 16 states. In this role, Speare has responsibility for information security; check, ATM/debit, and credit card fraud operations; and systems integration for consumer, business and commercial banking groups. Prior to assuming his current role in 2013, Speare was the chief technology officer for M&T Bank, an $82 billion financial institution based out of Buffalo, N.Y.