I 23 Table of Contents 25 30

PUB. 11 2021-2022 Issue 2

coloradobankers.org 24 departments, along with internal or external legal counsel. Here’s how to create and maintain an incident response plan: 1. Review and update policies, prepare checklists, communication strategies, and templates for internal and external parties. 2. Establish a process to detect and triage security events, including defining event types and actions to follow for each type of event, from nuisance to data breach. 3. Investigate and analyze a breach that includes assistance from forensic examiners, cyber professionals, and cyber insurance agents to determine the origin of when the attack occurred and the potential impact zone. 4. Contain the incident to prevent further damage and enact business continuity or disaster recovery plans as needed. 5. Complete a post-incident assessment to identify corrective actions and lessons learned. 6. Prepare a documented summary of events and report lessons learned, and update policies and plans as needed. Step 4: Focus on a culture of awareness. Finally, increase awareness and vigilance among your staff. An essential factor in data security is human behavior. Uninformed users can jeopardize an entire system. Therefore, cyber threat awareness training is imperative to help users identify threats to information security and take proper action in response. All users need to stay up to date on the latest types of attacks. Security awareness training helps mitigate these top security breaches: • Targeted ransomware • Phishing attacks, beyond just email • Mobile device attacks • Cloud & wireless attacks As cyberattacks grow more sophisticated, complex, and financially devastating, don’t sit and wait for support from your examiners. Proactively work on preventing them! Cyber resilience allows you to embrace disruption safely and operate while under persistent threats and sophisticated attacks. You can’t anticipate every possible cyber risk, but we can help protect your organization with forward-planning and improved cyber safeguards. continued from page 23

RkJQdWJsaXNoZXIy ODQxMjUw