|By Business Wire||
|August 21, 2014 01:14 PM EDT||
Safe Systems, a national provider of compliance-centric IT support and hosted services for financial institutions, today announced the launch of its Incident Response Plan Testing service, which has been designed to guide and support banks in the current cyber-threat environment.
All regulatory statements about cybersecurity have singled out the need for an effective incident response plan, and the FFIEC refers specifically to incident response testing as one of the primary takeaways from its recent webinar, encouraging all institutions to consider:
How often is my institution testing its plans to respond to a cyber-attack? Do these tests include our key internal and external stakeholders?
While vendor oversight does provide some measure of assurance in outsourced relationships, banks have very little actual control over specific vendor-based preventive controls. Additionally, regulators make no distinction between a financial institution’s responsibilities for data security within direct control, and data outside direct control of the institution. Essentially, when outsourcing, institutions have 100 percent of the responsibility and zero control. Detective and corrective/responsive controls must compensate for the lack of preventive controls in order to maintain compliance and reinforce security. An institution’s plan is only as good as it proves to be during testing.
There are three key areas of support that Safe Systems provides to its customers through this service:
1. Assures that the objectives of the test align completely with regulatory guidance and best practices.
2. Identifies the scenario of the incident being tested. Ideally it should be drawn from recent industry events, something the institution has actually experienced, or even derived from a recent social engineering test.
3. Fully documented and presented in a manner that can be delivered to the board, as well as auditors and examiners.
“Vendor due diligence and on-going oversight are still very important, but because of the relative lack of control in an outsourced relationship, an effective incident response plan is the best, and perhaps only, defense,” said Tom Hinkel, VP of Compliance Services of Safe Systems. “Just as with disaster recovery plans, incident response plans must be both compliant, and viable. They must pass regulatory scrutiny, and a bank’s incident response team must be able to follow it when an incident occurs. Knowing how to classify an incident, and understanding if and when customer and regulator notification is required, is critical to a plan’s effectiveness. Through the Incident Response Plan Testing service, an institution can rest assured that their plan will not only pass regulatory scrutiny, it will provide the framework an institution’s incident response team needs to confidently manage any cyber event.”
About Safe Systems
Founded in 1993, Safe Systems is the national leader in providing compliance-centric IT solutions exclusively to financial institutions. We currently manage hundreds of financial institutions representing more than $61 billion in combined assets, 1,100 locations and over 25,000 network devices. Our network management services are the bridge between the core and other third-party applications. These cost effective solutions include IT support and managed services, internal network/cloud design and installation, hosted email, business continuity and disaster recovery, compliance consulting, security services, and IT and compliance training. Safe Systems helps financial institutions to significantly decrease costs, increase performance, and improve their compliance posture. For additional information about Safe Systems, Inc., please visit http://www.safesystems.com or call 877.752.0550.
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at 20th Cloud Expo, Ed Featherston, director/senior enterprise architect at Collaborative Consulting, will discuss the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
Dec. 11, 2016 01:30 AM EST Reads: 1,741
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
Dec. 11, 2016 01:15 AM EST Reads: 1,332
Dec. 11, 2016 12:00 AM EST Reads: 2,397
Dec. 11, 2016 12:00 AM EST Reads: 920
Dec. 11, 2016 12:00 AM EST Reads: 1,118
Dec. 10, 2016 11:45 PM EST Reads: 1,796
Dec. 10, 2016 11:15 PM EST Reads: 1,219
Dec. 10, 2016 10:15 PM EST Reads: 2,073
Dec. 10, 2016 09:15 PM EST Reads: 1,355
Dec. 10, 2016 07:30 PM EST Reads: 1,823
Dec. 10, 2016 07:00 PM EST Reads: 4,159
Dec. 10, 2016 06:30 PM EST Reads: 1,552
Dec. 10, 2016 06:30 PM EST Reads: 1,037
Dec. 10, 2016 06:30 PM EST Reads: 1,973
Dec. 10, 2016 06:15 PM EST Reads: 1,099