Legal Seminar, Denver, CO
CSBS Incident Response Plan
• Approved by CSBS/SRR Boards • Reviewed by Outside Counsel (Baker McKenzie) – Undergoing further review by Security & Data Working Group • Five Key Sections – Governance (Authorized Individuals/IR Team) – Identification, Scope & Communications • Classification Levels (Low/Med/High) • Internal/External • AllClearID
– Technical Analysis & Containment – Remediation & Post-Incident Review – Testing* • At least quarterly • Table top exercise conducted on January 23, 2018
Governance
Authorized Individuals • John Ryan • Mike Stevens • Bill Matthews • Alternates – Todd Scharf, Tarcy Thompson, Buz Gorman
Incident Response Team • Determined by facts of the incident • Could include outside parties (counsel, communications, AllClearID)
Incident Reporting Responsibility (all staff; desk cards; training)
Made with FlippingBook - Online magazine maker