Roles and Responsibilities in the Bank of America IRP
Added on 2022-12-18
6 Pages882 Words63 Views
Running head: INFORMATION AND SYSTEMS SECURITY
1
Information and systems security
Name
Student
1
Information and systems security
Name
Student
INFORMATION AND SYSTEMS SECURITY 2
Roles and Responsibilities in the Bank of America IRP
For success in the technology-based transactional operations and sustainable maintenance
of the clients’ sensitive banking details, the Bank of America has a perfectly outlined incident
response plan. The primary goal of this plan is to prepare and mitigate security incident that can
affect the banking system through distributed denial of service (DDoS) breaches,
malware/ransomware attacks, or even risks associated with the sensitive personally identifiable
information (PII) (Taylor, 2013). In the pursuit of this security, the bank response team is
subdivided into three categories of functional personnel namely:
1. Computer Security Incident Response Team (CSIRT).
2. Legal and Advocacy Professionals (LAP).
3. Communication and Relations Experts (CRE).
The CSIRT team is responsible for the technical functionalities of the IRP in that they
define the prospective technical response to mitigate the occurrence. Moreover, this team is
responsible for uncovering the suspicion of system breaches, contain the implication and
eventually eradicate the security hazards ("Incident Response Guidelines," 2015). This team
works around the clock to oversee the security status of the bank by use of intrusion alerts and
detectors, firewalls and robust security systems such as those provided by the Managed Security
Service Provider (MSSP).
The LAP team is responsible for any lawsuits arrangements and responses as a result of
the security breaches while the CRE works under the overall manager in coordinating the whole
bank personnel concerning the incident. The CRE also passes the fundamental training,
communication, and pieces of advice that the customers might need for the security f their
accounts. Moreover, the CRE is the department to which customers and employees first report a
Roles and Responsibilities in the Bank of America IRP
For success in the technology-based transactional operations and sustainable maintenance
of the clients’ sensitive banking details, the Bank of America has a perfectly outlined incident
response plan. The primary goal of this plan is to prepare and mitigate security incident that can
affect the banking system through distributed denial of service (DDoS) breaches,
malware/ransomware attacks, or even risks associated with the sensitive personally identifiable
information (PII) (Taylor, 2013). In the pursuit of this security, the bank response team is
subdivided into three categories of functional personnel namely:
1. Computer Security Incident Response Team (CSIRT).
2. Legal and Advocacy Professionals (LAP).
3. Communication and Relations Experts (CRE).
The CSIRT team is responsible for the technical functionalities of the IRP in that they
define the prospective technical response to mitigate the occurrence. Moreover, this team is
responsible for uncovering the suspicion of system breaches, contain the implication and
eventually eradicate the security hazards ("Incident Response Guidelines," 2015). This team
works around the clock to oversee the security status of the bank by use of intrusion alerts and
detectors, firewalls and robust security systems such as those provided by the Managed Security
Service Provider (MSSP).
The LAP team is responsible for any lawsuits arrangements and responses as a result of
the security breaches while the CRE works under the overall manager in coordinating the whole
bank personnel concerning the incident. The CRE also passes the fundamental training,
communication, and pieces of advice that the customers might need for the security f their
accounts. Moreover, the CRE is the department to which customers and employees first report a
INFORMATION AND SYSTEMS SECURITY 3
security breach suspicion. Generally, the CSIRT is the backbone of the IRP team because it
formulates and implements the technical practices expected to reinstall the bank’s security status.
Roles and Responsibilities of the CSIRT Team in Bank of America
Due to the gravity of the banking system security, this team is categorized as a separate
section of the whole IT section of the bank. The members of this section include the manager,
the IRP Technical Lead (TL), and the general team members (GTM). The GTM include the help
desk staffs who handle any alert from the CRE, the incident handlers, the system platform
specialists, the vulnerability handlers, the technology, and artificial analysts who examine the
root course of the breach and track down the attacker.
Role Responsibility Nature/Sovereignty of
Incidence
Reason
Mana
ger
Tests and upgrades
the IRP as a preparation
to incident response
When the security system is
developed and when there is
suspicion of security breaches.
The manager is the
overall leader who
oversees the security
system. He will
certify the stats of
banking security and
confirm any breach
when suspected.
Secures fundamental
technology resources
and personnel and
evaluate the IRP
When designing the
response, and when a severe
incident occurs that is beyond
what the team and its facilities
He coordinates the
operations to ensure
the success of the
security system even
security breach suspicion. Generally, the CSIRT is the backbone of the IRP team because it
formulates and implements the technical practices expected to reinstall the bank’s security status.
Roles and Responsibilities of the CSIRT Team in Bank of America
Due to the gravity of the banking system security, this team is categorized as a separate
section of the whole IT section of the bank. The members of this section include the manager,
the IRP Technical Lead (TL), and the general team members (GTM). The GTM include the help
desk staffs who handle any alert from the CRE, the incident handlers, the system platform
specialists, the vulnerability handlers, the technology, and artificial analysts who examine the
root course of the breach and track down the attacker.
Role Responsibility Nature/Sovereignty of
Incidence
Reason
Mana
ger
Tests and upgrades
the IRP as a preparation
to incident response
When the security system is
developed and when there is
suspicion of security breaches.
The manager is the
overall leader who
oversees the security
system. He will
certify the stats of
banking security and
confirm any breach
when suspected.
Secures fundamental
technology resources
and personnel and
evaluate the IRP
When designing the
response, and when a severe
incident occurs that is beyond
what the team and its facilities
He coordinates the
operations to ensure
the success of the
security system even
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Reported Network Issues for City Banklg...
|21
|4141
|16