Tech Time: The step-by-step cyber incident response

Familiarize yourself with these 10 post-breach responsibilities before formulating your credit union’s cyber crisis management plan.

February 28, 2019 by Seth Jaffe, CBCP, JD, CU Management

We never think it will happen to us, that a cyberattack like February’s credit union phishing campaign will be successful. But what if is? By now, you are probably aware that NCUA Part 748 Appendix A requires credit unions have a data breach incident response plan. But before you author or update your organization’s cyber crisis management plan, consider the steps of an incident response.

Step 1: Attorney-Client Privilege

Data breaches may result in litigation against the credit union. Communication with an attorney for the purpose of obtaining legal advice regarding the incident is privileged, meaning it is generally not discoverable during litigation. Attorney-client privilege, afforded by the courts so that clients may speak freely with their counsel, is important when dealing with potential data breaches. Be sure to train your team on how it works and when it applies, and review and implement it in each incident response.

Tech Time: The step-by-step cyber incident response

Familiarize yourself with these 10 post-breach responsibilities before formulating your credit union’s cyber crisis management plan.

Featured

3 terrible reasons for not teaching financial education in school

Five ways financial education drives brand awareness

Credit unions + financial education = brighter futures

Live event coverage: 2024 NACUSO Network

Stay connected to the credit union community with our free newsletter!

You have Successfully Subscribed!