Hacking and Cyber Espionage

Similar documents
Cyber Risks in the Boardroom Conference

The Impact of Cybersecurity, Data Privacy and Social Media

DeMystifying Data Breaches and Information Security Compliance

Cyber Security in M&A. Joshua Stone, CIA, CFE, CISA

Cybersecurity Auditing in an Unsecure World

Investigating Insider Threats

Developing Issues in Breach Notification and Privacy Regulations: Risk Managers Are you having the right conversation with the C Suite?

Protecting Your Business: Best Practices for Implementing a Legally Compliant Cybersecurity Program Trivalent Solutions Expo June 19, 2014

Stephanie Zierten Associate Counsel Federal Reserve Bank of Boston

NYDFS Cybersecurity Regulations: What do they mean? What is their impact?

SECURITY & PRIVACY DOCUMENTATION

Cybersecurity and Nonprofit

DATA BREACH NUTS AND BOLTS

TIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE

Data Breach Preparation and Response. April 21, 2017

Incident Response and Cybersecurity: A View from the Boardroom

Managing Cybersecurity Risk

Mark Your Calendars: NY Cybersecurity Regulations to Go into Effect

NEW YORK CYBERSECURITY REGULATION COMPLIANCE GUIDE

ANATOMY OF A DATA BREACH: DEVELOPMENTS IN DATA SECURITY AND CLOUD COMPUTING LAW

Cybersecurity in Higher Ed

Financial Regulations, Enforcement & Cybersecurity

716 West Ave Austin, TX USA

Subject: University Information Technology Resource Security Policy: OUTDATED

Putting It All Together:

DFARS Cyber Rule Considerations For Contractors In 2018

Cybersecurity and Data Privacy

Credit Card Data Compromise: Incident Response Plan

A Privacy and Cybersecurity Primer for Nonprofits Nonprofits in the Digital Age March 9, 2016

DETAILED POLICY STATEMENT

SEC Key Considerations for Public Companies for Mitigating and Disclosing Cybersecurity Risks

What to do if your business is the victim of a data or security breach?

Sample BYOD Policy. Copyright 2015, PWW Media, Inc. All Rights Reserved. Duplication, Reproduction or Distribution by Any Means Prohibited.

NORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers

University of Pittsburgh Security Assessment Questionnaire (v1.7)

CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018

2017 Annual Meeting of Members and Board of Directors Meeting

Cybersecurity The Evolving Landscape

New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines

Combating Cyber Risk in the Supply Chain

Anatomy of a Data Breach: A Practical Guide for Small Law Departments

The Evolving Threat to Corporate Cyber & Data Security

COUNTERING CYBER CHAOS WITH HIPAA COMPLIANCE. Presented by Paul R. Hales, J.D. May 8, 2017

Elements of a Swift (and Effective) Response to a HIPAA Security Breach

Security Breaches: How to Prepare and Respond

Don t Be the Next Headline! PHI and Cyber Security in Outsourced Services.

GLBA, information security and incident response a compliance perspective

Data Inventory and Classification, Physical Devices and Systems ID.AM-1, Software Platforms and Applications ID.AM-2 Inventory

Security Takes Center Stage

Engaging Executives and Boards in Cybersecurity Session 303, Feb 20, 2017 Sanjeev Sah, CISO, Texas Children s Hospital Jimmy Joseph, Senior Manager,

PROCEDURE COMPREHENSIVE HEALTH SERVICES, INC

PRC Cyber Security Law --- How does it affect a UK business? Xun Yang Of Counsel, Commercial IP and Technology

External Supplier Control Obligations. Cyber Security

Information Security Incident Response Plan

The Stakes Are Going Up: Hacking and the New Paradigm of Data Breaches

Are we breached? Deloitte's Cyber Threat Hunting

ADIENT VENDOR SECURITY STANDARD

CRIMINAL NETWORK INTRUSION AND DATA THEFT: Today s Security Landscape and What to Do If You ve Been Compromised

PTLGateway Data Breach Policy

How Cybersecurity Initiatives May Impact Operators. Ross A. Buntrock, Partner

Cybersecurity Conference Presentation North Bay Business Journal. September 27, 2016

Cybersecurity, safety and resilience - Airline perspective

RMU-IT-SEC-01 Acceptable Use Policy

Information Security Incident Response Plan

Cyber Security Incident Response Fighting Fire with Fire

ID Theft and Data Breach Mitigation

Cyber Liability Preventive Services & Tools Specific & Pre-Emptive Considerations BEFORE the Inevitable Cyber Event.

2018 Data Security Incident Response Report Building Cyber Resilience: Compromise Response Intelligence in Action

Data Processing Agreement for Oracle Cloud Services

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

Cyber Security Issues

Critical Information Infrastructure Protection Law

Checklist: Credit Union Information Security and Privacy Policies

Cybersecurity: Pre-Breach Preparedness and Post-Breach Duties

UTAH VALLEY UNIVERSITY Policies and Procedures

Preventing Corporate Espionage: Investigations, Data Analyses and Business Intelligence

Data Compromise Notice Procedure Summary and Guide

Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud

HIPAA COMPLIANCE WHAT YOU NEED TO DO TO ENSURE YOU HAVE CYBERSECURITY COVERED

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0

Cyber Security. The Question of the Day. Sylint Group, Inc. How did we come up with the company name Sylint and what does it mean?

Business continuity management and cyber resiliency

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

All 3 Billion Yahoo Accounts Were Affected by 2013 Attack NY Times 10/3/17

Cyber-Threats and Countermeasures in Financial Sector

NY State s Cybersecurity Legislation Requirements for Risk Management, Security of Applications, and the Appointed CISO

PROPOSED INTERPRETIVE NOTICE

UPDATE: HEALTHCARE CYBERSECURITY & INCIDENT RESPONSE Lindsay M. Johnson, Esq. Partner, Freund, Freeze & Arnold, LPA

University of North Texas System Administration Identity Theft Prevention Program

Cyber Security Law --- How does it affect the business operations in China? Xun Yang Of Counsel, Commercial IP and Technology

T11: Incident Response Clinic Kieran Norton, Deloitte & Touche

December 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development

Cyber Security Law --- Are you ready?

UNIVERSITY OF MASSACHUSETTS AMHERST INFORMATION SECURITY POLICY October 25, 2017

Cyber Attacks and Data Breaches: A Legal and Business Survival Guide

RIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015

You ve Been Hacked Now What? Incident Response Tabletop Exercise

Standard for Security of Information Technology Resources

HIPAA Privacy, Security and Breach Notification

Protect Your Institution with Effective Cybersecurity Governance. Baker Tilly Virchow Krause, LLP

Transcription:

Hacking and Cyber Espionage September 19, 2013 Prophylactic and Post-Breach Concerns for In-House Counsel Raymond O. Aghaian, McKenna Long & Aldridge LLP Elizabeth (Beth) Ferrell, McKenna Long & Aldridge LLP Janine Sarti, Palomar Health Peter Garza, Forensic West Legal Solutions, DTI mckennalong.com 1

Raymond O. Aghaian Partner, McKenna Long and Aldridge LLP Ray Aghaian is a partner in the Los Angeles office of McKenna Long & Aldridge where he serves as co-chair of the firm's cybersecurity practice. His experience in the area of cybersecurity has been recognized by leading news outlets such as The Wall Street Journal and The Washington Post. Mr. Aghaian previously served as a federal prosecutor in the cyber crimes division of the U.S. Department of Justice. Mr. Aghaian advises clients in assessing and securing their computer systems, mitigating the risk of liability, ensuring compliance with cybersecurity standards, responding to a cyber attack and complying with mandatory disclosure and notification requirements after a data breach. 2

Elizabeth (Beth) Ferrell Partner, McKenna Long and Aldridge LLP Elizabeth (Beth) Ferrell is a Partner at McKenna Long & Aldridge LLP in the Washington, DC office. Ms. Ferrell is co-chair of the firm s Cybersecurity Practice, and counsels clients on cybersecurity legislative and regulatory developments, cybersecurity requirements for government contractors, the development of effective cybersecurity compliance programs and incident response plans, DoD s pilot cybersecurity program for defense industrial base entities, and protecting the integrity of contractor supply chains. Ms. Ferrell conducts internal investigations of cyber incidents, and defends contractors when threatened with government monetary claims or possible default termination arising from alleged failure to comply with cyber requirements or after a cyber incident. Ms. Ferrell is Vice-Chair in the ABA Public Contract Law Section s Cybersecurity, Privacy & Data Protection Committee. 3

Janine Sarti Janine Sarti serves as the Chief Legal Officer of Palomar Health in San Diego, California. As Chief Legal Officer, Ms. Sarti is called upon on various issues related to transactional, regulatory, employment law, medical staff, contractual needs, and clinical ethics. She has been a general counsel for health systems for her entire legal career and has worked closely with the information technology department on matters relating to data privacy and cybersecurity. 4

Peter Garza Managing Director West Coast Forensics, Legal Solutions, DTI Peter has worked as a computer forensics expert in civil litigation since 1999. He has performed computer forensics analysis in hundreds of litigation cases and also computer intrusion investigations, working in a consulting, testifying or neutral expert capacity. Before joining DTI, Peter worked with the government as a Special Agent with the Naval Criminal Investigative Service (NCIS) specializing in computer forensics, computer counterintelligence and computer intrusion ( hacker ) investigations. 5

Agenda Nature of the Threat Prophylactic Measures to Mitigate Cybersecurity Risk Custom-Tailored Solutions for Cybersecurity Risk Management Post Breach Measures In Response to a Data Breach Wrap Up and Questions 6

A Multi-Dimensional Threat Disruptive vs. Destructive Theft of Personal or Financial Data, Marketing Data or Intellectual Property APT - Foreign Statesponsored Espionage Loosely Affiliated Hackers Internal threats / employees 7

Who is at Risk? Cybersecurity Threats Affect Nearly Every Industry and Market Sector Including: 8

Why Should In House Counsel Care? Not a week passes without hearing of a cyber attack Experts say that virtually every major company has suffered an intrusion (even if they are unaware of the breach) Changing landscape of cyber laws and regulations (compliance obligations) Cyber incident risks: Loss of data (e.g., customer data) Theft of IP (cyber espionage is direct threat to US economic interests up to $250B in losses) Disruption/denial of service Reporting obligations under state and federal law Potential liability: FTC, third party actions, shareholder suits, etc. Adverse impact on public opinion and confidence Exposing internal confidential data to government inspection and scrutiny 9

Data Breach Cost Average cost per incident: Most costly breach: $8.9 million vs. 6.75 million in 2010 $46 million Least costly breach: $1,400,000 Denial of service, malicious insiders and web-based attacks: Information theft represents the highest external cost: 58% of all cybercrime costs. These remain the most costly form of data breaches due to additional investigation and consulting fees. Includes trade secrets, source code, customer information and employee records. Also includes cost of data breach notification. Source: Ponemon Institute, U.S. Cost of a Data Breach Study, 2012 at http://www.ponemon.org/data-security 10

The Threat Your Users/Employees Social engineering Email with links Clean up your computer Antivirus Email attachments Malware Botnets 11

The Threat - Mobile Devices Does your corporation allow BYOD? Is the use of passwords enforced? Is there a MDM in place Malicious Apps Vulnerable Apps 12

The Threat - Social Media Hackers troll social media For reconnaissance when targeting an organization Also for information to compromise the user Social engineering Malicious links Malware Worms 13

Pre-Breach Considerations IDS, IPS, Firewalls Security and system logs Aggregating log data (SIEM) Splunk Security policy PHI, PCI Data retention policy Service agreements (e.g. Cloud) Encryption Penetration Testing 14

Understanding Your Platform What standards are you governed by Select a standard, or subset of a standard NIST FIPS ISO CAG 15

Pre-Breach Considerations Have a breach response plan in place Who has ownership of each system in your organization Who is notified Arrange for communication off-network Be ready to address the media Know which laws and regulations will apply 16

Responding to an Incident Have a system administrator or IT security person start a written log of what occurred. Record detection Describe preservation efforts Detail recovery efforts Identify responders Decide if you watch intruder or lock them out Begin remediation. 17

Intrusion Incident Forensics Vital to Record processes running in live memory Quick review of aggregated logs (SIEM) may payoff big here Obtaining a forensic image of relevant systems a must. Forensic analysis an iterative process Confirm compromise Was administrator level access obtained What unauthorized activity was performed What data was exfiltrated from corporate environment 18

Notification Obligations HIPPA PHI - Individually identifiable health information State Breach Notification Statutes PCI DSS Payment Card Industry Data Security Standard SEC Other Contractual Obligations FTC 19

For more information contact: Raymond O. Aghaian raghaian@mckennalong.com Elizabeth (Beth) Ferrell eferrell@mckennalong.com Janine Sarti Janine.Sarti@palomarhealth.org Peter Garza PGarza@dtiglobal.com Copyright 2012 by McKenna Long & Aldridge No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means electronic, mechanical, photocopying, recording, or otherwise without the permission of Integreon. This document provides an outline of a presentation and is incomplete without the accompanying oral commentary and discussion. 20

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback