Cyber Security Incident Response Program (CSIRT) and Plans
This seminar will help you to establish Key Performance Indicators (KPI) to determine if your Information Systems Incident Response program meets business objectives and operational metrics for ongoing process improvement. We will discuss:
How to tailor & enhance your existing security training program and requirements for specific audiences based on the sensitivity of the information for which they are granted based on policies.
How to strengthen IT Risk Management - Integrate Information Security risk management with enterprise risk management, including using common business terminology, congruent methods, and common or linked risk register, and establishing mechanisms for risk acceptance.
How to build an IS regulation review process, schedule and regulation requirements.
Information Security, Governance & Risk, are all critical aspects of planning and execution of the Information Security Plan. Who in your organization has key responsibility to develop an information security governance program; review existing Information Security policies and standards to ascertain their adequacy in coverage scope against industry best practices, and update them as appropriate, taking into account compliance recommendations?
Do you feel safe enough to bet your reputation on your current CSIRT Plan?
Your Organization must be prepared to respond to a Cyber Incident. Here are some of the cases which happened recently:
On October 3, 2013, The Adobe Systems Incorporated in the United States of America discovered that there was a cyberattack Hackers made it through their network during its regular monitoring of security check.
As Target continues to respond to the security breach that has now been estimated to affect up to 110 million people by NBC News.com, analysts continue to zero in on the statements and actions by CEO, Gregg Steinhafel.
TJX Corporation, a major retailer with stores in the United States, Puerto Rico, and even the United Kingdom, experienced one of the largest security breaches. Millions of their customer’s credit and debit card information were stolen over a seventeen month period. TJX is the parent company of chains such as TJ Maxx, Marshalls, Homegoods, and a host of retail stores across the US and Canada.
Cyber Security Incident Response Program is a must for any organization using the Internet. It must be robust yet flexible. Unfortunately in spite of all of the Cyber Events, many companies are taking a long time to respond. Teams must be trained and have written procedures. Time is critical in responding to an incident. Every incident costs the organization, money and reputation,
In this session you will learn:
Best practices and the standards that make up a great Cyber Incident Response Program
Learn what teams should be part of your CSIRT Team
Get insight into how to create CSIRT Playbooks and Management Plans
Learn how to conduct inexpensive tests of the CSIRT Teams and Programs
This program will help you determine your current Gaps and provide milestones for correcting the Gaps
Key points to be discussed at the session include:
Adopting a systematic approach to risk tracking to enhance the effectiveness of the Cyber Incident Program
Outlining the critical actions to take if an event affects the company or its partners
Understanding an organizations’ susceptibility to a Cyber Attack
Cyber Incident Response: Getting started, research, training, testing and maintaining
Standards and Best Practice: ISO 27001, ISO 27035, ISO 27005. NIST, FFIEC, HIPPA AND HITRUST
Attendees will get below tools and templates:
Documenting for your Organization
Testing for your Organization
How to maintain the program and keep it current
Day One (8:30 AM – 4:30 PM)
Registration Process: 8:30 AM – 9:00 AM
Session Start Time: 9:00 AM
Cyber Security Incident Response Program (CSIRT): Where to Start
Standards and Best Practices
ISO and Information Security as a Guideline
Researching Your Industry
Event vs Incident
NIST, SANS and More
Operation Sequencing for CSIRT
Day Two (8:30 AM – 4:30 PM)
Developing and documenting your Program
Developing and documenting your Plan
Developing and documenting your Playbooks
Creating your CSIRT Team
Testing and Types of Tests