Back to Course

Incident Response

0% Complete
0/71 Steps
  1. Incident Response
    Incident Reporting
  2. Incident Response Use Cases
    Lab Setup
  3. Role Playing - Shift Manager
  4. Demonstrating: Investigating and Escalating
  5. Report from Malware Analyst
  6. Exercise 1.1: Exploring Suspicious Executable Detected using SIEM
  7. Exercise 1.2: Investigating Multiple Failed Logins using SIEM
  8. Exercise 3: Mitigating Risk
  9. Exercise 4.1: Asking the Right Questions
  10. Scenario 4.1: Asking the Right Questions
  11. Scenario 4.2: Suspicious or Malicious?
  12. Exercise 4.2: Reviewing the Shift Log
  13. Exercise 4.3: Investigating an Unauthorized Login Attempt
  14. Exercise 4.4: Investigating Firewall Traffic
  15. Exercise 4.5: Reviewing the Security Operations Mailbox
  16. Exercise 5.1: Reviewing New Intelligence
  17. Exercise 5.2: Assessing Threat Severity
  18. Exercise 6: Recommending Remediation
  19. Exercise 7: Conducting a Post-Incident Review
  20. Exercise 8: Communicating with Operations and Senior Management
  21. Business Continuity
    Business Continuity Plan Development
    8 Topics
  22. BCP Invocation Process
    2 Topics
  23. Emergency Procedures
    7 Topics
  24. Crisis Management Team
    10 Topics
  25. BCP Seating Plan
  26. Overview
  27. Disaster Recovery
    Scope of Critical Services
  28. Network Services
  29. Application Hosting Service
  30. File Hosting Services
  31. Call Centre and Voice Recording Services
  32. Regulatory Links
  33. Thin Client Environment
  34. Voice System (Non-Service Desk)
  35. Printing Services
  36. Recovery Time Objective (RTO) & Recovery Point Objective
  37. Single Point of Failure
  38. Redundancy Requirements
  39. Alternate Locations
  40. Contact Protocol
    4 Topics

Participants3

Incident Response BCP Invocation Process Communication
In Progress
Lesson 22, Topic 1
In Progress

Communication

Secure x Design
Lesson Progress
0% Complete

Efficient communication is very important, especially in a crisis situation, therefore, a contact process is established for exchange of information:

  1. Internal Communication
  2. External Communication
  3. Customer Inquiries

2.1 Internal Communication

Since employees are the most important resource during business disruption, a call tree method (attached) is implemented to keep them updated every step of the way.

The MD & CEO triggers the call tree by communication of BCP invocation decision to O&T Head and selective Senior Management members.

O&T Head handles further communication of notifications / announcements / Management instructions through Country BCP Coordinator.

According to available means of communication (e-mail/ mobile phone/ landline), business disruption notice and BCP invocation note will be announced to all staff members according to the sequence detailed in attached call tree (Appendix I).

Each staff member will be responsible for calling contacts listed on relative wallet card.

In absence of mobile coverage / e-mail access, communication will be via landlines or telephone bridges and for selective Senior Management Team members, Satellite phones.

Information communicated to employees should include:

  • The nature and extent of the event
  • The number of services affected and expected disruption duration –       Any contact data changes due to the event
2.2External Communication

The Head of Corporate Communication and the External Communication Manager are the sole contact points with media and have the right to release any official statements on behalf of the bank based on the bank’s strategy at the time of crisis after obtaining the MD & CEO approval on any course of action. Their role is to closely monitor the media scene and keep the MD & CEO updated with any article related to the crisis / about ADIB with the help of the PR agency and act accordingly.

It is strictly prohibited for other employees to release any statements to third party without the approval of the MD & CEO.

In case business is resumed from the alternative location, notification should be sent to customers and correspondents via any of the following means:

  • Branch Manager / alternate advertise in original branch’s premises advising the temporary location, contact numbers, fax numbers of the temporary location and services available.
  • Relationship Managers contact key customers.
  • FI broadcast via SWIFT to all correspondents.
  • Country BCP Coordinator broadcast to all ADIB staff members via e-mail advising the disruption situation and any updates related thereto.
  • General Administration informs courier, delivery services and other key service providers of the temporary location.
2.3Customer Inquiries

A general holding statement about the bank’s status should be distributed circulated by the Corporate Communication Department to all staff members in case of business disturbance to act as a general standard response to customers.

Any changes to the standard script should be prepared by the business owner and approved by Legal prior to circulation.