Business Unusual or BAU: Why Incident Response Planning is Critical for Financial Services
In this episode, CSS’s Director of Cyber IT Services E.J Yerzak and Legal Director at ZwillGen Jason Wool talk about incident response planning. Why is it important to not just have a policy or program in place during a pandemic, but how to build trust with clients by protecting their data, mitigating any enterprise risk and using tabletop testing practices to put plans into action.
About Our Guest Speakers
E.J. Yerzak CISA®, CISM®, CRISC™ assists firms in assessing and managing their cybersecurity risk – from network vulnerability scanning and penetration testing to onsite cybersecurity assessments and assistance in implementing the NIST cybersecurity framework. E.J. has authored articles and alerts on emerging regulatory and technology issues, and is regularly requested to speak as a cybersecurity expert at industry conferences.
Jason Wool is the Legal Director at ZwillGen. His practice focuses on information security, risk management, product counseling, technology, and data security and privacy compliance. He regularly advises companies ranging from startups to Fortune 100 companies during privileged security incident investigations; provides ongoing advice on the development of cybersecurity programs and cybersecurity governance structures; advises on vulnerability management and disclosure; conducts tabletop exercises of incident response plans; advises on cyber risk in connection with transactional due diligence and new product designs; designs vendor risk management programs; devises complex cybersecurity schedules in connection with outsourcing agreements; advises on de-identification; and conducts training on cybersecurity for audiences ranging from IT operations personnel to senior management. He is well-versed in numerous data security and privacy laws and regulations, including GLBA, HIPAA, the GDPR, NERC CIP, and the New York Department of Financial Services’ cybersecurity regulations, and is also highly familiar with a multitude of NIST and ISO standards, among others.