4 Phases of Cyber Crisis Management

There are four phases in Cyber Crisis Management, namely Detection, Response, Containment & Recovery. Here is a glimpse of the four phases.



>>Get the Complete Report on Crisis Management Plan (Banking Industry)

Detection Phase:

Input to this phase comes both from external sources, such as – customer complaint, regulator complaint, and any other third party; and also from internal sources like helpdesk team and the team engaged for “Security Incident Management Procedure”.

Response / Containment / Recovery Phase:

Various activities which will be carried out by the respective stakeholders under this phase include:

a. Cyber Crisis Management Team (CCMT)

i. Chief Information Officer (CIO) •Coordinates the IT implementation efforts with the technology team within the bank and with the third parties who are maintaining or managing the IT infrastructure

ii. Chief Information Security Officer (CISO) •Coordinates the security controls evaluation and implementation efforts with the Information Security Team within the bank and with the third parties who are maintaining or managing the IT infrastructure •To coordinate with Business Heads and advise them on the situation

iii. Chief Risk Officer (CRO) •CRO will be directly involved fir the Risk Assessment phases and give guidance to the CCMT during the crisis management 10

iv. Chief Financial Officer (CFO) •Provide the justified approval / guidance on the investments/ expenses during the crisis situation •Monitor cost-to-benefit ratio for the efforts and IT/ controls implementation

v. Chief Technology Officer (CTO) / Head (IT Infrastructure) •Engage with his team for isolating systems affected / restoring backups if necessary and all other infrastructure and application related operational issues

vi. Head (Legal) / Legal Counsel •Provide consultation on the legal standing of the bank during the Cyber security crisis situation •Provide consultation on the legal standing of the decisions taken by the Board members and/or CCMT •Provide legal support during the litigation or law suit

vii. Head (Corporate Communication) / Public Relations Officer (PRO) •Consult with the Board members and CCMT members on understanding the crisis and preparing an appropriate public response for the situation – if required •Work with the external parties and media on providing the bank’s stand on the Cyber crisis situation •Continuously provide internal communication and update to employees on the current situation and appropriate steps to be taken by them

viii. Respective Business Heads • Continuously work with their respective teams to address the concerns and issues of the customers

>>Get the Complete Report on Crisis Management Plan (Banking Industry)

E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)



CISO Breakfast at BlackHat Las Vegas 2024!

  • Description:

    We are thrilled to invite you to the CISO Breakfast at BlackHat 2024. 

    CISOPlatform is a community partner for the event which is co-hosted by Silicon Valley Bank, Stage One, First Rays Venture Partners, Latham & Watkins.


    Event Details: 

    • Date: Thursday, August 8th,…
  • Created by: pritha
  • Tags: blackhat usa, las vegas, ciso breakfast, usa