Welcome!

News Feed Item

Safe Systems Launches Incident Response Plan Testing

Safe Systems, a national provider of compliance-centric IT support and hosted services for financial institutions, today announced the launch of its Incident Response Plan Testing service, which has been designed to guide and support banks in the current cyber-threat environment.

All regulatory statements about cybersecurity have singled out the need for an effective incident response plan, and the FFIEC refers specifically to incident response testing as one of the primary takeaways from its recent webinar, encouraging all institutions to consider:

How often is my institution testing its plans to respond to a cyber-attack? Do these tests include our key internal and external stakeholders?

While vendor oversight does provide some measure of assurance in outsourced relationships, banks have very little actual control over specific vendor-based preventive controls. Additionally, regulators make no distinction between a financial institution’s responsibilities for data security within direct control, and data outside direct control of the institution. Essentially, when outsourcing, institutions have 100 percent of the responsibility and zero control. Detective and corrective/responsive controls must compensate for the lack of preventive controls in order to maintain compliance and reinforce security. An institution’s plan is only as good as it proves to be during testing.

There are three key areas of support that Safe Systems provides to its customers through this service:

1. Assures that the objectives of the test align completely with regulatory guidance and best practices.

2. Identifies the scenario of the incident being tested. Ideally it should be drawn from recent industry events, something the institution has actually experienced, or even derived from a recent social engineering test.

3. Fully documented and presented in a manner that can be delivered to the board, as well as auditors and examiners.

“Vendor due diligence and on-going oversight are still very important, but because of the relative lack of control in an outsourced relationship, an effective incident response plan is the best, and perhaps only, defense,” said Tom Hinkel, VP of Compliance Services of Safe Systems. “Just as with disaster recovery plans, incident response plans must be both compliant, and viable. They must pass regulatory scrutiny, and a bank’s incident response team must be able to follow it when an incident occurs. Knowing how to classify an incident, and understanding if and when customer and regulator notification is required, is critical to a plan’s effectiveness. Through the Incident Response Plan Testing service, an institution can rest assured that their plan will not only pass regulatory scrutiny, it will provide the framework an institution’s incident response team needs to confidently manage any cyber event.”

About Safe Systems

Founded in 1993, Safe Systems is the national leader in providing compliance-centric IT solutions exclusively to financial institutions. We currently manage hundreds of financial institutions representing more than $61 billion in combined assets, 1,100 locations and over 25,000 network devices. Our network management services are the bridge between the core and other third-party applications. These cost effective solutions include IT support and managed services, internal network/cloud design and installation, hosted email, business continuity and disaster recovery, compliance consulting, security services, and IT and compliance training. Safe Systems helps financial institutions to significantly decrease costs, increase performance, and improve their compliance posture. For additional information about Safe Systems, Inc., please visit http://www.safesystems.com or call 877.752.0550.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Cognitive Computing is becoming the foundation for a new generation of solutions that have the potential to transform business. Unlike traditional approaches to building solutions, a cognitive computing approach allows the data to help determine the way applications are designed. This contrasts with conventional software development that begins with defining logic based on the current way a business operates. In her session at 18th Cloud Expo, Judith S. Hurwitz, President and CEO of Hurwitz & ...
Everyone wants to use containers, but monitoring containers is hard. New ephemeral architecture introduces new challenges in how monitoring tools need to monitor and visualize containers, so your team can make sense of everything. In his session at @DevOpsSummit, David Gildeh, co-founder and CEO of Outlyer, will go through the challenges and show there is light at the end of the tunnel if you use the right tools and understand what you need to be monitoring to successfully use containers in your...
Financial Technology has become a topic of intense interest throughout the cloud developer and enterprise IT communities. Accordingly, attendees at the upcoming 20th Cloud Expo at the Javits Center in New York, June 6-8, 2017, will find fresh new content in a new track called FinTech.
SYS-CON Events announced today that Interoute, owner-operator of one of Europe's largest networks and a global cloud services platform, has been named “Bronze Sponsor” of SYS-CON's 20th Cloud Expo, which will take place on June 6-8, 2017 at the Javits Center in New York, New York. Interoute is the owner-operator of one of Europe's largest networks and a global cloud services platform which encompasses 12 data centers, 14 virtual data centers and 31 colocation centers, with connections to 195 add...
In recent years, containers have taken the world by storm. Companies of all sizes and industries have realized the massive benefits of containers, such as unprecedented mobility, higher hardware utilization, and increased flexibility and agility; however, many containers today are non-persistent. Containers without persistence miss out on many benefits, and in many cases simply pass the responsibility of persistence onto other infrastructure, adding additional complexity.
@DevOpsSummit at Cloud taking place June 6-8, 2017, at Javits Center, New York City, is co-located with the 20th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long developm...
The age of Digital Disruption is evolving into the next era – Digital Cohesion, an age in which applications securely self-assemble and deliver predictive services that continuously adapt to user behavior. Information from devices, sensors and applications around us will drive services seamlessly across mobile and fixed devices/infrastructure. This evolution is happening now in software defined services and secure networking. Four key drivers – Performance, Economics, Interoperability and Trust ...
Grape Up is a software company, specialized in cloud native application development and professional services related to Cloud Foundry PaaS. With five expert teams that operate in various sectors of the market across the USA and Europe, we work with a variety of customers from emerging startups to Fortune 1000 companies.
Blockchain is a shared, secure record of exchange that establishes trust, accountability and transparency across supply chain networks. Supported by the Linux Foundation's open source, open-standards based Hyperledger Project, Blockchain has the potential to improve regulatory compliance, reduce cost and time for product recall as well as advance trade. Are you curious about Blockchain and how it can provide you with new opportunities for innovation and growth? In her session at 20th Cloud Exp...
Cybersecurity is a critical component of software development in many industries including medical devices. However, code is not always written to be robust or secure from the unknown or the unexpected. This gap can make medical devices susceptible to cybersecurity attacks ranging from compromised personal health information to life-sustaining treatment. In his session at @ThingsExpo, Clark Fortney, Software Engineer at Battelle, will discuss how programming oversight using key methods can incre...
Cloud Expo, Inc. has announced today that Aruna Ravichandran, vice president of DevOps Product and Solutions Marketing at CA Technologies, has been named co-conference chair of DevOps at Cloud Expo 2017. The @DevOpsSummit at Cloud Expo New York will take place on June 6-8, 2017, at the Javits Center in New York City, New York, and @DevOpsSummit at Cloud Expo Silicon Valley will take place Oct. 31-Nov. 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Multiple data types are pouring into IoT deployments. Data is coming in small packages as well as enormous files and data streams of many sizes. Widespread use of mobile devices adds to the total. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists will look at the tools and environments that are being put to use in IoT deployments, as well as the team skills a modern enterprise IT shop needs to keep things running, get a handle on all this data, and deli...
In his keynote at 19th Cloud Expo, Sheng Liang, co-founder and CEO of Rancher Labs, discussed the technological advances and new business opportunities created by the rapid adoption of containers. With the success of Amazon Web Services (AWS) and various open source technologies used to build private clouds, cloud computing has become an essential component of IT strategy. However, users continue to face challenges in implementing clouds, as older technologies evolve and newer ones like Docker c...
Did you know that you can develop for mainframes in Java? Or that the testing and deployment can be automated across mobile to mainframe? In his session at @DevOpsSummit at 20th Cloud Expo, Vaughn Marshall, Sr. Principal Product Owner at CA Technologies, will discuss and demo how increasingly teams are developing with agile methodologies using modern development environments and automating testing and deployments, mobile to mainframe.
SYS-CON Events announced today that Grape Up will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct. 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Grape Up is a software company specializing in cloud native application development and professional services related to Cloud Foundry PaaS. With five expert teams that operate in various sectors of the market across the U.S. and Europe, Grape Up works with a variety of customers from emergi...