New cybersecurity threats to the financial industry, which includes automated threats such as malware, are now produced and actively deployed at an exponential rate. Newly introduced technologies that increase organizational efficiency, employee productivity, and profitability, also introduce new “zero-day” vulnerabilities (security flaws discovered by cyber-criminals before the release of a security patch), resulting in cyber-attacks targeting vulnerabilities that security updates cannot fix. For this reason, best practice cyber security defense planning and implementation are essential to ensure your organization is not an easy target, also enabling the organization to detect cyber-attacks trigger a pre-planned security incident response to thwart attacks and prevent compromise of organization and customer confidential information.

Cybersecurity Planning

Cybersecurity planning starts with leadership support. Once leadership announces support for an organizational cyber security planning initiative, they appoint a cyber security planning leader and grant authority necessary to meet the organization’s cyber security objectives (which should include securing critical and sensitive information systems and assets, developing a cybersecurity incident response plan, and regulatory compliance).

Determine Current Cybersecurity Status

Identifying current and critical system and information assets is an essential step to understanding and prioritizing what the organization must protect. Assessing the value of each asset to the organization, potential for loss due to identified threats, and impact of asset compromise to the organization enables the organization to prioritize assets and determine appropriate cost and justification for protecting each asset.

Define Future Cybersecurity Status

Establish organization specific objectives for the developing cyber security plan by identifying what the organization must accomplish with the plan. Areas to address include regulatory compliance, cyber security system administration and maintenance objectives (such as centralized management and system status visibility for management), employee training, change management, and security incident response and business continuity planning objectives.

Develop Cybersecurity Plan Objectives

Formulation of the cyber security plan framework occurs through the development of policies and procedures that dictate how the organization will configure and maintain a secure environment. Responsibility and accountability assignment ensure policy implementation, status monitoring, and maintenance. Written procedures define vulnerability countermeasure assignments and deployment specifics. Cybersecurity and incident response teams (which could be in-house or outsourced) are also established during this step.

Final Approval and Strategic Implementation

Since a best practice, cyber security plan addresses security for the entire organization, plan presentation to the management team must occur before deployment. The final schedule for implementation is also presented and resources assigned according to the schedule and authority granted to the cyber security team to move forward with the cyber security initiative.


The cyber security, incident response, and change control board teams are responsible for maintaining cyber security within the organization and providing the leadership team with continuous visibility into the organization’s cyber security status. The cyber security team ensures that technical implementation meets the new cyber security policy standards through regularly scheduled audits and monitoring and maintenance of all cyber security systems (such as firewalls and intrusion detection systems) and documentation. The incident response team meets regularly to rehearse incident response procedures and crisis management communications so that response to a detected cyber-attack will be quick and communications effective. The change control board will work with both the cyber security team and incident response team, along with IT staff, to ensure that all maintenance activities are well planned, avoiding business system disruptions.

Organizations within the financial sector are a primary target for cyber-attacks. Incident prevention starts with a best practice cyber security plan designed to protect all company assets according to their priority and importance within the organization. Since some attacks, such as Denial of Service, cannot always be prevented, establishing detection systems and an incident response team ensures quick reaction to protect company assets, system up-time, and avoid/minimize loss of productivity during business hours. Contact us to learn more about cyber security planning, incident response, and crisis management communications.