1 / 8

VML Annual Conference

October 7, 2019. VML Annual Conference. Developing an Effective Incident Response Plan. Amanda Surovec Claims Manager – Cyber Risk Beazley. John Conroy Associate Principal, Forensic Services Charles River & Associate s. Christine Czuprynski Member McDonald Hopkins, LLC.

dates
Download Presentation

VML Annual Conference

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. October 7, 2019 VML Annual Conference Developing an Effective Incident Response Plan Amanda Surovec Claims Manager – Cyber Risk Beazley John Conroy Associate Principal, Forensic Services Charles River & Associates Christine Czuprynski Member McDonald Hopkins, LLC

  2. Overview & Goals • Threat and Incident Response Trends • Learn about what we are seeing and why • Incident Response Plan • Learn practical tips for preparing for an incident BEFORE it happens

  3. Current Threats and Trends • Business Email Compromise • Ransomware

  4. What is an Incident Response Plan? • A written roadmap by which organizations intake, evaluate, and respond to suspected incidents • Purpose: manage privacy or security incidents in a way that limits damage, increases the confidence of external stakeholders, satisfies legal obligations, and reduces costs. • Where to start? – Incident Response Team

  5. The Incident Response Team • Start the IRP drafting process by first appointing an incident response team (IRT) – i.e., the individuals who will actually perform the substantive tasks at hand. • Incident Response Contact List • Internal contacts • Legal • IT • Risk Management • External contacts • Privacy Counsel • Digital Forensic Experts • Insurance • We have our Incident Response Plan and Team in place – now what? Practice!

  6. Table Top Exercise • Understand the likely threats leading to security incidents considering your line of business, global reach and the type of data you store. • Anticipate and prepare for issues you may face if an incident occurs, including inquiries from regulators and the press as well as potential class action litigation. • Building and improving an Incident Response Plan (IRP) and Incident Response Team (IRT). • Building IR instincts, defining roles, creating channels for information and decision-making. • Testing the limits of your IR to prepare for the unexpected, i.e. “ The Black Swan.”

  7. Additional Considerations Train employees (i.e. phishing training) Data segregation/retention Backups Keep it simple!

  8. Questions?

More Related