Transforming Incident Response for a Prominent Regional Bank
A large regional bank in the United States provides financial services to customers through 58 full-service branches across eight states. Their top priority is to provide comprehensive financial solutions to their customers and deliver these through a best-in-class service. Recognizing that an incident could upend their solutions and disrupt their service, the bank drafted an initial approach for managing incidents. However, they realized their plan could not withstand multiple points of failure. They experienced a minor event where they needed the help of an external IT service to manage part of their firewall. Because they used their existing collaboration tools for their response process, the bank:
- Could not bring in third parties in an accessible and effective way.
- Had no way to communicate and notify these third parties as part of the response.
In another event, the bank experienced an internal security breach where they were locked out of their systems. Again, because they used their existing collaboration suite they had no way to collaborate for a response.
CafeX supported the bank through multiple points of failure by continuing to provide them with a way to structure and coordinate their response even as the course of the incident changed. In the security breach case, once a monitoring application detected that the internal collaboration suite was compromised, an automated trigger in CafeX created a workspace for the team to respond.
With CafeX, they could still collaborate despite losing access to their internal applications. Once the workspace was triggered, the response team triaged the event, orchestrating and completing tasks, utilizing voice, video and chat to break off into task-oriented discussions, and aligning all information throughout the response. CafeX was transformative for the bank’s response team. It provided them with a way to structure their response, getting the most out of their information, people and content. CafeX provided the bank with the ability to:
- Connect multiple stakeholders, information and tasks according to developments of the incident.
- Link information across the response for comprehensive knowledge sharing.
- Provide communications, such as voice, video and chat for task groups to align on work.