Boston, October 26, 2021 – The need for financial services firms to have a well-rehearsed incident response program is essential. A rule proposed in December 2020 seeks to reduce breach notification time to bank examiners to 36 hours. This proposed rule and other IR-related regulations make an IR program not only standard practice but also a regulatory requirement for institutions and their third-party service providers.

This report focuses on the IRR services market segment in which financial services firms may acquire external help with cybersecurity incidents through prenegotiated terms and conditions. It is based on an August and September 2021 survey of 24 IRR global vendors of comprehensive IRR services.

This 69-page Impact Report contains nine figures and 11 tables. Clients of Aite-Novarica Group’s Cybersecurity service can download this report, the corresponding charts, and the Executive Impact Deck.

This report mentions: Air Partner, Aon, Apax Partners, AT&T Canada, BakerHostetler, Beazley, Booz Allen Hamilton, CFC Underwriters, CREST International, Crowdstrike, Cynet Security, eSentire, Federal Reserve System, Federal Deposit Insurance Corporation, F5 Networks, Field Effect, Fortinet, Forum of Incident Response and Security Teams Inc., Google, Greenfield Partners, Group-IB, Ingalls, Herjavec Group, Incident Response Consortium, Lloyd’s Register, Nettitude Group, Omnigo Software, PwC, Rapid7, The National Cybersecurity and Communications Integration Center, SANS, Sophos, The United States Computer Emergency Readiness Team, Treasury’s Office of the Comptroller, Warburg Pincus