It is pointless to mention this stat, that the firms all over planet are on the risk/target of cybercrimes, it’s important for a banking-institute like SSU Inc. to deal with the cyber-attacks/risks to remain open as a service to clients while negligence from this area could make a huge loss for SSU Inc., the cyberattacks are increasing rapidly and it became a need for the SSU Inc. to implement a plan for the cyber-incident so that it can thwarts the digital-offenses.
Cybersecurity-incident recovery-plan steps:
According to SSU Inc. type of business and requirement the following point present the procedure to deal with the incidences that could face the company and how to deal with it:
- Team-germination: It is advisable to SSU Inc. to first filter out the most skilled and experienced employees of your establishment and assign them responsibilities to properly assess/identify the type and affects and the reasons of the breach. Ensure that your team will contain most skilled-IT-related personal and if necessary hire an outside investigation team for best results (BIS, 2019).
- Risk-mitigating: After the SSU-assigned team has identified the type of offense it is time to take feasible steps to resolve the security-issues. In order for to enduringly fix the security-loopholes it is best the a proper vulnerability-investigation is conducted throughout the SSU branches and company-assets/resources to find further issues so that they can be fixed beforehand.
- Data safety/privacy: As SSU Inc. is a financial-institute and the information/data that it can possess can be highly confidential, so it is vitally imperative that SSU protect its data/information by using high-class security-measures like using Encryption-tactics like End-to-end conciliation method that will ensure the data-privacy/security. Moreover It is very crucial for SSU that they held responsible a team that will create latest data-backups that can be used if original data/information gets hi-jacked/damaged (Creasey, 2013).
- SSU-infrastructural-security: It is vital that along with digital-security infrastructure of SSU Inc. is also being safeguarded by its assigned personals. For this purpose proper Intrusion-detection-solutions can be installed along with creating strict access-limitation policies so that no unknown-user can gain control/access to high-profile data/information.
- Network-Security: Networks can be targeted by adversaries and SSU Inc. must have a huge network that may also be linked to all of its organizational-computers present in all the braches of the SSU at many different place not only in one branch. Third-party firewall that regularly scans the network for issues/attacks must be used by SSU to protect is LAN/WAN (Marinescu, 2018).
- Cyber-insurance: It can come in handy for SSU Inc, even that SSU have a lot of employees it does not mean they are all tech-savvy experts. It is best that SSU consider outside professional assistance by cyber-insurance firms that can be control any cyber-incident with tools that SSU may not even have.
- BIS. (2019). 7 Steps to Improve Security-Incident-Handling. Retrieved June 21, 2020, from www.bankinfosecurity.com website: https://www.bankinfosecurity.com/7-steps-to-improve-security-incident-handling-a-4465
- Creasey, J. (2013). Cyber-Security-Incident-Response-Guide. Retrieved from https://www.crest-approved.org/wp-content/uploads/2014/11/CSIR-Procurement-Guide.pdf
- Dan C. Marinescu. (2018). Cloud Computing: Theory and practices (Second Edition, Vol. 2, pp. 1–487). 50 Hampshire Street, 5th Floor, Cambridge, MA 02139, United States: Morgan Kaufmann Publishers.