July 25, 2019

How do you test your Incident Response program?- WST

There are many great ways to answer this question when the examiner asks it, including:

  • “Our Information Security Officer develops scenarios and conducts exercises twice a year.”
  • “We hired 10-D to lead us through a tabletop exercise.”
  • “We publicly insult Vladimir Putin once a year and wait for him to ‘unleash the beast’ on our bank, and then see how we hold up.”

And while some responses will be held in higher regard than others, almost any answer is better than ‘We didn’t test it.’  Your examiner will likely appreciate your honesty, and then turn around ask why you didn’t at least participate in FS-ISAC’s Cyber-Attack Against Payment Systems (CAPS) exercise that is offered at no charge.

Save yourself from this uncomfortable scenario (and the Russians).  The Financial Services Information Sharing and Analysis Center (FS-ISAC) will conduct their “CAPS” exercise three times in 2019; September 24-25, October 1-2, and October 8-9.  CAPS is a virtual tabletop exercise that allows you to participate from your own location, without disclosing any confidential information to anyone outside the bank.  And again, it’s free.  To find out more information or register:

Another option is the FDIC’s “Cyber Challenge” – a set of nine scenarios designed to give financial institutions various operational issues to discuss.  Each scenario includes a short video followed by a set of challenge questions intended to spark discussion and evaluate the institution’s response capabilities.  And, it is another free and confidential option.

These options are free, confidential, require minimal effort to participate, and may head off one less embarrassing moment with an examiner.  Sounds like a win, win, win, and win to me.

Past Weekly Security Tips – WST