When things hit the fan, what do you do and who do you call? Every bank needs to have a plan that is updated and practiced annually.
This workshop opens with a discussion of the fundamental elements of a response plan, who should be part of the incident response team, what needs to happen first, second, third, etc., and what the board’s role should be. Experts then guide participants through a series of realistic scenarios associated with a significant cyber event.
All the while, participants gain a better understanding of their role in ensuring the bank is prepared to respond to a real-world cyber attack and breach, and have actionable materials to improve the bank’s ability to respond quickly and effectively.
9:30 AM – 10:00 AM
Registration + Breakfast
10:00 AM – 10:05 AM
Mika Moser, President, Bank Director
10:05 AM – 10:45 AM
An Introduction to Cyber Risk and Incident Response Planning
This session provides an overview of cyber risk from the point of view of the bank board and discusses the inter-relationship of cybersecurity and cyber compliance. This content lays the groundwork for the day’s real-world simulations and for discussions around “preparing for” and “responding to” a cyber attack and breach, while outlining the importance of having a well-defined Incident Response Plan.
10:45 AM – 11:25 AM
Cyber Incident Tabletop Exercise – Part One
Attendees break into groups of fictitious banks and assume various management roles for their assigned bank. Each group receives a current “state of affairs” for cybersecurity and cyber compliance on their bank, and experts work with each team on Part One of a real-world simulation. Participants discuss responses within their group, as well as with the broader group. All attendees gain key takeaways for ensuring preparedness, as well as the critical steps needed during the initial uncovering of a significant cyber incident.
11:25 AM – 11:40 AM
11:40 AM – 12:30 PM
Cyber Incident Tabletop Exercise – Part Two
The simulation continues with the second chapter of a real-world simulation. Participants uncover more information to factor into the decisions they need to make to ensure the bank and its customers are protected. The bank groups discuss and share their findings and decisions with the broader group.
12:30 PM – 1:30 PM
1:30 PM – 2:10 PM
Cyber Incident Tabletop Exercise – Part Three
The final chapter of the simulation plays out with participants learning that they must execute a broader response beyond just the bank and required notification channels. Minimizing risk and longer-term fallout are key considerations. Participants can expect a healthy discussion around handling external requests for information as the simulation comes to its final conclusion.
2:10 PM – 2:50 PM
Participants join together with their peers to discuss the information provided, the lessons learned during the simulations and what their own bank’s expectations should be around cybersecurity, cyber compliance and preparing for a real cyber event.
2:50 PM – 3:10 PM
3:10 PM – 4:00 PM
Best Practices and Takeaways
Our experts reconvene to provide best practices for cybersecurity, cyber compliance and incident response plans. A summary of the lessons from the simulation are discussed as well as actionable details that participants can take back with them to improve practices within their banks. This session also allows the workshop participants to ask any questions that were not answered during the day’s presentations and hands-on activities.
4:00 PM – 5:00 PM
Networking Peer + Guest Reception
Sponsored by: Mazars USA LLP