Legal Seminar, Denver, CO

CSBS Incident Response Plan

• Approved by CSBS/SRR Boards • Reviewed by Outside Counsel (Baker McKenzie) – Undergoing further review by Security & Data Working Group • Five Key Sections – Governance (Authorized Individuals/IR Team) – Identification, Scope & Communications • Classification Levels (Low/Med/High) • Internal/External • AllClearID

– Technical Analysis & Containment – Remediation & Post-Incident Review – Testing* • At least quarterly • Table top exercise conducted on January 23, 2018

Governance

Authorized Individuals • John Ryan • Mike Stevens • Bill Matthews • Alternates – Todd Scharf, Tarcy  Thompson, Buz Gorman

Incident Response Team • Determined by facts of the  incident • Could include outside parties  (counsel, communications,  AllClearID)

Incident Reporting  Responsibility (all staff;  desk cards; training)