The advancement of information technology has opened the doors to new crime possibilities previously imaginable. The damage done is often not discovered or punished. The increase in computer attacks poses a new challenge in which some believe that it is only a matter of time until suffering the consequences of a security incident that could be related to the theft of sensitive information. In the event that these systems suffer an attack, it will cause a great impact on the economy and on the security of administrative and financial processes, therefore, in addition to the community of experts and researchers, there are teams dedicated to responding quickly to new risks. In this evolving environment, computer attacks and other threats, security incident response teams (CSIRT for the acronym of Computer Security Incident Response Team) gain relevance. CSIRT is a Security Incident Response Center, also known as CERT, whose functions are to attend and respond to computer security incidents. We must avoid all risks, if they materialize, their consequences can be mitigated and the essential activities restored in the shortest possible time, with the minimum acceptable impact for banks.