Building Best Practices into Your Cyber Incident Response Program

Event ID:72040

Choose Option

Please Select an Option
On-Demand (OD)     $299.00
Duration: 90 minutes, including question and answer period.
Presenter(s): Gary Deutsch, CPA, president, BRT Publications, LLC
$299.00 On-Demand includes full audio presentation, question and answer session, and presentation slides.
Who Should Attend? Internal auditors, risk managers, contracting officers, IT officers, legal counsel, operations officers, compliance officers, persons responsible for electronic security

Cyber threats impacting financial institutions continue to evolve. According to AO Kaspersky Lab, arresting participants in major cybercrime groups hasn’t stopped the groups from attacking financial institutions. In fact, as old groups disband, new groups are being formed to attack institutions. Protecting against these groups is also problematic. When institutions implement cybersecurity controls, cybercrime groups create new threats. For instance, instead of attacking institutions directly, they attack software providers that support third party vendors to financial institutions.

Establishing anti-fraud measures doesn’t deter the cybercriminals either. The groups have found leaks of data in biometric systems used for identification and authentication. They are going after those who use debit and credit cards without chips and those who don’t use two-factor authorization. They bypass anti-fraud systems by copying all computer and browser system settings.

Cybercriminals take advantage of the lack of physical security and control over connected devices in many networks by installing computer boards to steal data from the network and transfer the information using 4G/LTE modems. These attacks enable cybergangs to access customer information as well as the institution’s network infrastructure.

They also attack mobile banking for business users and use social engineering to target operators, secretaries and other internal employees in charge of wires to steal customer funds.

If there’s a weak link in cyber security, the cybercriminals will find it.

Faced with these types of cyber risks, institutions must seek to implement incident response best practices. Thinking that cyber crime is under control is not a solution. That’s why focus must turn to implementing strong cyber defenses including active employee training as well as best practices such as Security Information and Event Management (SIEM) solutions. To evaluate and manage cyber risks, SIEM software systems capture incident logs and security system events to generate information that incident response team members and security specialists can use to quickly detect cyber threats and initiate an incident response plan. The information can also be used to learn from forensic investigations of past security incidents and to conduct cyber security compliance audits.

Please join our expert, Gary Deutsch, CPA MBA CIA CBA CMA, as he discusses how to build best practices into your cyber incident response program.


  • What should be included in your cyber incident response plan
  • What types of tests to conduct to learn if your incident response plan is going to work
  • How to determine who should be part of the incident response team – the team should include more members than you may think
  • Systems solutions to consider to help your teams to recognize and respond to cyber threats and incidents and to prevent data or funds losses


    Your conference leader for "Vendor Management: Assessing API Security Risks” is Gary Deutsch, president, BRT Publications LLC. Mr. Deutsch is a licensed CPA in Maryland and has a B.A. in accounting and an MBA in finance from Loyola University Maryland. He has also achieved the Certified Management Accountant, Certified Internal Auditor and Certified Bank Auditor designations. Mr. Deutsch is the founder and president of BRT Publications LLC.

    Mr. Deutsch has trained thousands of financial institution professionals in all aspects of risk management and has written numerous books in the U.S. and Europe on topics such as credit risk, internal audit and compliance with Generally Accepted Accounting Principles. Mr. Deutsch has extensive risk management and internal audit experience through his association with financial institutions of all sizes as well as through his role leading the KPMG financial institution consulting practice in the Mid-Atlantic region. QUALITY COMMITMENT

    BankersWEB, a division of DKG Media, LP, wants you to be satisfied with your webinar. If this webinar does not meet your expectations, email us at


    BankersWEB certificates of participation are available to everyone completing this webinar.