Addressing Vulnerabilities By Integrating Your Incident Response Plans. Brian Coates Enaxis Consulting

Similar documents
locuz.com SOC Services

John Snare Chair Standards Australia Committee IT/12/4

Certified Information Security Manager (CISM) Course Overview

TSC Business Continuity & Disaster Recovery Session

Business Continuity Planning

CCISO Blueprint v1. EC-Council

Cybersecurity Overview

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

BPS Suite and the OCEG Capability Model. Mapping the OCEG Capability Model to the BPS Suite s product capability.

Table of Contents. Sample

Appendix 3 Disaster Recovery Plan

BUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW

Certified Information Systems Auditor (CISA)

Canada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?

Bundling Arrows: Making a Business Case for Adopting an Incident Command System (ICS) 2012 The Flynt Group, Inc.; All Rights Reserved. FlyntGroup.

Securing Your Digital Transformation

White Paper. How to Write an MSSP RFP

Suma Soft s IT Risk & Security Management Solutions for Global Enterprises

ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION

Risk Advisory Academy Training Brochure

Maintaining Resiliency Within the Defense Industrial Base Through Preparedness Response and Recovery

NW NATURAL CYBER SECURITY 2016.JUNE.16

Balancing Compliance and Operational Security Demands. Nov 2015 Steve Winterfeld

Introduction to Business Continuity Management

"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary

NYDFS Cybersecurity Regulations

Industrial Control System Cyber Security

TIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE

Driving Global Resilience

Cybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016

Cyber Diligence. EY Deals Forum Ian McCaw EY Transaction Advisory Services

One Hospital s Cybersecurity Journey

MassMutual Business Continuity Disclosure Statement

SOLUTION BRIEF RSA ARCHER BUSINESS RESILIENCY

2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager

Convergence of BCM and Information Security at Direct Energy

IT Consulting and Implementation Services

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

IT People has been offering end-to-end IT outsourcing & staffing solutions to companies since two decades.

WHITE PAPER OCTOBER 2017 VMWARE ENTERPRISE RESILIENCY. Integrating Resiliency into Our Culture and DNA

The ITIL Foundation Examination

Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO #IIACHI

How to Write an MSSP RFP. White Paper

Member of the County or municipal emergency management organization

Cybersecurity. Securely enabling transformation and change

Skybox Security Vulnerability Management Survey 2012

Cyber Security in M&A. Joshua Stone, CIA, CFE, CISA

Introduction to Business continuity Planning

Cyber Security Incident Response Fighting Fire with Fire

PECB Change Log Form

The NIST Cybersecurity Framework

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

Les joies et les peines de la transformation numérique

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

How to Optimize Cyber Defenses through Risk-Based Governance. Steven Minsky CEO of LogicManager & Author of the RIMS Risk Maturity Model

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Cisco Secure Ops Solution

MultiPlan Selects CyrusOne for Exceptional Colocation and Flexible Solutions

Challenges 3. HAWK Introduction 4. Key Benefits 6. About Gavin Technologies 7. Our Security Practice 8. Security Services Approach 9

Disaster Recovery Webinar August 11, 2015

Framework for Improving Critical Infrastructure Cybersecurity

Cyber Resilience. Think18. Felicity March IBM Corporation

Facilities Management and Business Continuity. 10 May 2017

3.4 DISASTER RECOVERY (L , M.3.9, comp_req_id 806)

ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)

November 14, Emergency Management and Hurricane Irma. Florida Human Resources People and Strategy (FLHRPS)

Cybersecurity Session IIA Conference 2018

Disaster Recovery and Business Continuity Planning (Mile2)

Rejuvenating BCM - Infrastructure. Business Continuity Awareness Week March 2009

Cybersecurity Protecting your crown jewels

Implementing a Global Business

Position Description IT Auditor

RFP/RFI Questions for Managed Security Services. Sample MSSP RFP Template

IT Service Management Process Maps: Select Your Route to ITIL Best Practices

Continuous protection to reduce risk and maintain production availability

POSITION DESCRIPTION

Business Continuity Management Program Overview

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Cyber Incident Response. Prepare for the inevitable. Respond to evolving threats. Recover rapidly. Cyber Incident Response

Business continuity management and cyber resiliency

Business Continuity Policy

People risk. Capital risk. Technology risk

Solution Oil & Gas. tgood.com

Internet of Things. The Digital Oilfield: Security in SCADA and Process Control. Mahyar Khosravi

Security and Privacy Governance Program Guidelines

How Secure is Blockchain? June 6 th, 2017

FEMA Update. Tim Greten Technological Hazards Division Deputy Director. NREP April 2017

L18: Integrate Control Disciplines to Increase Control and Save Money

Building resilience. Delivering assurance.

Framework for Improving Critical Infrastructure Cybersecurity

Manager, Infrastructure Services. Position Number Community Division/Region Yellowknife Technology Service Centre

Accelerate Your Enterprise Private Cloud Initiative

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

Business Continuity Management Standards A Side-by-Side Comparison

Our key considerations include:

Function Category Subcategory Implemented? Responsible Metric Value Assesed Audit Comments

RISK INTELLIGENCE Assurance and efficiency improvement through a robust Enterprise Risk Management approach

Cisco Technical Services Advantage

Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS

Business Continuity Management

Transcription:

Addressing Vulnerabilities By Integrating Your Incident Response Plans Brian Coates Enaxis Consulting

Contents Enaxis Introduction Presenter Bio: Brian Coates Incident Response / Incident Management in Oil and Gas within the Business within Information Technology Current Levels of Integration An Integrated Approach to Incident Response Case Study: Multiple Threat Incidents Questions The Houston Flood of 2016

Enaxis Introduction The Right Partner for Energy Clients Positioned between business & technology in complex O&G industry Founded and led by consultants from large consulting firms in 2002 Houston and Dallas locations with consistent growth Strong value proposition and flexibility in engagement Committed to Quality of Service Specialized player in IT in the Energy Business Proven methodologies, thought leadership, templates and knowledge base Our People Average consultant experience is 15 years Advanced degrees from top tier universities Approximately 50% come from large consulting firms and the rest from the Energy industry Work-life balance is very important Heavy emphasis on training and certifications

Enaxis Introduction Practice Areas within Service Offerings Addressing clients issues with flexibility & market knowledge Management Consulting IT Strategic Services Project Leadership Data Management Process Optimization Merger Integration Organizational Development Value Assurance Business Continuity & Compliance Design Thinking IT Strategy & Planning Outsourcing Advisory & Vendor Management IT Governance & Operations IT Portfolio Management IT Infrastructure Strategy Application & ERP Strategy Cybersecurity Project & Program Management Business Analysis & Requirements Change Management & Training Technical SME MCP Project Management Data Management Strategy Data Governance Master Data Management Data Quality Management Upstream Midstream Downstream Utilities

Presenter Bio: Brian Coates Brian Coates is a Senior Manager with over 18 years of experience in enterprise risk management, business continuity and disaster recovery, IT audit, Program/Project Management, service delivery, compliance, governance, information management, change management, process improvement and work management. Brian's diverse skillset and ability to execute have allowed him to lead and deliver successful projects in the energy, financial services, logistics, and retail industries. Brian has a demonstrated ability to lead teams to innovative solutions to complex business and IT challenges. Prior, Brian held positions with two of the Big 4 consulting firms and an oilfield engineering firm. Brian earned his BS in Emergency Administration and Planning from The University of North Texas.

Incident Response / Incident Management in Oil and Gas Incident management and response is a very mature and prescriptive process within the oil and gas industry. Focus is on responding to events affecting assets, human capital and the environment. Crisis Management Emergency Management (EOC) HR Ops/Prod HSE Legal Finance Procurement Technical Commercial Emergency Response Evacuation Life Safety Conservation Communications & Data Sharing Incident Command System (ICS) Federal State Local

Incident Response / Incident Management in the Business Incident management and response from a business perspective is significantly different than an emergency event or an IT related event. The focus is on restoring any damage to the overall business image or to minimize any legal risks. 57% of business disasters are IT related. The loss of IT capacity and telecommunication is viewed as the worst disruption scenario for a business. What does the business consider to be an Incident? Source: www.crn.com What does the business typically do to respond to this Incident? Identify, log, categorize, prioritize, diagnose, escalate, investigate, resolve, recover, and close Invoke Recovery Plans

Incident Response / Incident Management in Information Technology The goal of incident management within Information Technology is to restore normal service operation and access to information and data as quickly as possible following any form of unplanned outage or loss of data. 86% of businesses experienced downtime in the last 12 months and the average downtime lasted for 2.2 days Source: www.crn.com What does IT consider to be an Incident? What does the business typically do to respond to this Incident? Identify, log, categorize, prioritize, diagnose, escalate, investigate, resolve, recover, and close Invoke Recovery Plans Technical capabilities to recover and restore information systems and data

Incident Management Current Levels of Integration Oil and gas companies continue to operate in silos where each business unit is responsible for implementing processes and tools Crisis Management Incident Response Team Security Team Emergency Operations Center Notification and Resource Tracking Systems Incident Management Service Delivery Incident Management Escalation Health, Safety and Environmental Incident Response Corporate Security Business Continuity Disaster Recovery Cyber Security Incident Management Service Delivery Incident Management HSE Systems Security Systems Planning & Response Systems SIEM Tool Event

An Integrated Approach to Incident Response Oil and gas companies continue to operate in silos where each business unit is responsible for implementing processes and tools Emergency Operations Center / Crisis Management Incident Monitoring & Response Health, Safety and Environmental Incident Response Business Continuity Corporate Security Disaster Recovery Cyber Security Incident Response Service Management Incident Response Anomaly Based Detection Threat Correlation Business Responses IT Responses Common Processes and Tools All Hazards, Integrated Approach to Incident Management Process and Systems Integration

Case Study: Multiple Threat Incidents Event #1: People with unauthorized access to the building are identified and escorted off the premises (Corporate Security) Event #2: IT systems failure that impacted the virtualized servers where all security monitoring tools are hosted, disabling monitoring and logging of systems (Information Technology) Event #3: Fraudulent e-mail using legitimate executive names and email addresses is received requesting the Controller to wire money to an international account (Cybersecurity Incident Response Team)

Questions & Discussion

The Houston Flood of 2016 5-17 Inches of rain that fell in the Houston area in less than 24 hours

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback