Hoosier Banker 33 alert the Managed Security Service Provider or Security Operations Center to these scenarios, even without the knowledge of the internal tech team, so that risk monitoring can be focused on the typical threats arising from such scenarios. 3. Participate in incident response tabletop testing. Let’s face it, the time that management becomes most interested in cybersecurity is when somebody has made that terrible mistake, and the bank must decide how to react. Management wants to be involved in the decision to notify our customers. During incident response tabletop testing, the incident response team walks through various scenarios to learn how the response process leverages the SIEM to “turn lemons into lemonade.” This process crosses into management and involves the board. The tabletop test, if properly conducted, can be eye-opening to management. Those inconvenient controls we may have complained about start to make sense. The need for non-technical membership exudes itself. As the information security professionals unfold the proper response process during the test, team members share their knowledge of the systems and controls in place to protect us from risks. This walkthrough of the process helps identify possible gaps in protection as well as trains the team members on the process. We have found that those banks with good incident response testing always end up being safer. Monitoring technology risk takes a team approach. Fulfilling the nontechnical role helps the team monitor against non-technical threats. Alerting the bank’s SOC or MSSP during heightened risk scenarios leverages existing resources to keep more eyes watching. By participating in incident response tabletop tests, team members can share their knowledge and learn how to better monitor technology risks. By doing these three things, you can help make your customers safer, and keep your reputation where it should be. HB Congratulations to Susan Clark and Laura Wilson, who were honored with the Indiana Bankers Association High Five Award in December and January, respectively. Susan is IBA’s events & products/services assistant, and Laura serves as vice president-communications. IBA’s High Five Award supports professional development by inviting Association members and staff to submit names of IBA employees who perform acts of exemplary service. Nominations are read at monthly staff meetings, and a drawing determines the winner. To nominate an IBA employee for the High Five Award, call 317-387-9380 or email HB@indiana.bank. HB HI 5 Susan Clark Laura Wilson Our clients sleep at night. ISO siem.infotex.com webinars.infotex.com ISO z z z z z z z z
RkJQdWJsaXNoZXIy MTg3NDExNQ==