Building Your Incident Response Program

Dan Hadaway and Chad Smith are presenting their workshop titled “Building Your Incident Response Program – “Do we HAVE to tell our customers?”” through the Indiana Bankers Association. This workshop is scheduled for November 17, 2011.

Program Overview
Every time we choose “accept” as a risk response decision, we rely more heavily on our ability to respond when a threat truly does exploit a vulnerability. Even when we select “mitigate” and implement new controls, we do so knowing that those controls will sometimes break. We know the notion of 100% security is a myth. There’s always that event nobody could predict. Our defenses will eventually be breached. This workshop will help you create a program that addresses residual technology risk.

Seminar Topics

  • The FFIEC standards vs. the Law vs. Examiner Focus vs. Effective Information Security Strategy.
  • Fitting Incident Response into your existing IT Governance program.
  • Creating an Incident Response Policy that your Board understands.
  • Creating the Incident Response Team.
  • Incident Response Team responsibilities and how to streamline meetings for maximum productivity.
  • Incident response planning.
  • Creating and using a decision tree.
  • Integrating incident response into your existing Risk Management Program.
  • Identifying Potential Incidents to Plan for (knowing that the one that will hit is the one we didn’t plan for!)
  • Managed Security Service Providers and how to put them on your team.
  • Monitoring techniques, reporting methodologies, and how to maximize their value.
  • When do we have to inform our customers?
  • Dealing with the Media, your Customers, and your Employees during an incident.
  • When to bring law enforcement in, and how to actually get something done.
  • Forensics: Why, What, When, and How.

Who Should Attend
Information Security Officers, Security Officers, and any member of your Incident Response Team will greatly benefit from the deliverables and ideas shared in this workshop.


  • Board-Level Incident Response Policy
  • Incident Response Plan
  • Decision Tree
  • Incident Management and Reporting Tools
  • Media Kit
  • Customer Communication Kit

For complete details and to register for the event, see the Indiana Bankers Association’s event brochure:     Building Your Incident Response Program


Related Posts

Considerations – Why you should choose infotex, Inc. as your next MSOC!

Reasons why we should be considered! infotex provides a number of services that can be checked out if you click over to! We even made a movie with all the reasons why infotex...

The Magnificent Seven 2023

Seven Trends . . . …that small bank Information Security Officers face in 2023 Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Welcom...

Cybersecurity Awareness Month Awareness Poster

About Services Audit & Assessment Policies & Procedures EDR/MDR/XDR Managed SIEM Consulting Services Network Monitoring Education Resource Library Webinars & Workshops V...