Financial institutions are required to include incident response as part of their information security program. The FDIC has outlined how financial institutions can go beyond the minimum requirements and incorporate industry best practices into their IRP. The ability to detect that an incident is occurring or has occurred is an important component of the incident response process. Identifying potential security incidents can make the possible threats seem more tangible, and thus better enable organizations to design specific incident-handling procedures for each identified threat. The overall effectiveness and efficiency of an organization’s response is related to how well it has organized and prepared for potential incidents.”]
Source: https://www.cuinfosecurity.com/developing-incident-response-program-moving-beyond-basics-a-235