Welcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time

Similar documents
Jeff Marron, IT Specialist Security National Institute of Standards and Technology (NIST)

Brian S. Dennis Director Cyber Security Center for Small Business Kansas Small Business Development Center

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

DHS Cybersecurity: Services for State and Local Officials. February 2017

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

Federal Information Sharing Resources for Small and Midsize Businesses

INCIDENT RESPONDER'S FIELD GUIDE INCIDENT RESPONDER'S INCIDENT RESPONSE PLAN FIELD GUIDE LESSONS FROM A FORTUNE 100 INCIDENT RESPONSE LEADER

NW NATURAL CYBER SECURITY 2016.JUNE.16

National Policy and Guiding Principles

What It Takes to be a CISO in 2017

Cyber Resilience. Think18. Felicity March IBM Corporation

CYBER SOLUTIONS & THREAT INTELLIGENCE

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager

Election Infrastructure Security: The How and Why of It

American Association of Port Authorities Port Security Seminar & Expo Cyber Security Preparedness and Resiliency in the Marine Environment

Cyber Security & Homeland Security:

Standing Together for Financial Industry Resilience Quantum Dawn 3 After-Action Report. November 19, 2015

Insider Threat Program: Protecting the Crown Jewels. Monday, March 2, 2:15 pm - 3:15 pm

Department of Homeland Security Updates

Emerging Issues: Cybersecurity. Directors College 2015

Cybersecurity What Companies are Doing & How to Evaluate. Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security

COUNTERING CYBER CHAOS WITH HIPAA COMPLIANCE. Presented by Paul R. Hales, J.D. May 8, 2017

Stephanie Zierten Associate Counsel Federal Reserve Bank of Boston

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

DHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1

2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management. Follow Along

NYDFS Cybersecurity Regulations: What do they mean? What is their impact?

What to do if your business is the victim of a data or security breach?

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

300 Riverview Plaza Odysseus Marcopolus, Chief Operating Officer Trenton, NJ POLICY NO: SUPERSEDES: N/A VERSION: 1.0

Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure

CYBERSECURITY. Protecting Against the Financial, Regulatory and Reputational Impacts of Cyber Attack

2017 Cyber Incident & Breach Readiness Webinar Will Start Shortly

How Cybersecurity Initiatives May Impact Operators. Ross A. Buntrock, Partner

Bradford J. Willke. 19 September 2007

Plenary Session: Branch Cybersecurity Controls Thursday, February 22 1:15 p.m. 2:15 p.m.

National Preparedness System (NPS) Kathleen Fox, Acting Assistant Administrator National Preparedness Directorate, FEMA April 27, 2015

Managing Cybersecurity Risk

Framework for Improving Critical Infrastructure Cybersecurity

New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines

Cybersecurity Overview

Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City

Monthly Cyber Threat Briefing

The Impact of Cybersecurity, Data Privacy and Social Media

Cybersecurity, Trade, and Economic Development

Gujarat Forensic Sciences University

NY State s Cybersecurity Legislation Requirements for Risk Management, Security of Applications, and the Appointed CISO

Doug Couto Texas A&M Transportation Technology Conference 2017 College Station, Texas May 4, 2017

New Zealand National Cyber Security Centre Incident Summary

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

TIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE

Mission: Continuity BUILDING RESILIENCE AGAINST UNPLANNED SERVICE INTERRUPTIONS

The Office of Infrastructure Protection

Commonwealth Cyber Declaration

Cyber Security: Threat and Prevention

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

The CERT Top 10 List for Winning the Battle Against Insider Threats

The Office of Infrastructure Protection

Cybersecurity for the Electric Grid

NORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers

The NIST Cybersecurity Framework

December 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development

UPDATE: HEALTHCARE CYBERSECURITY & INCIDENT RESPONSE Lindsay M. Johnson, Esq. Partner, Freund, Freeze & Arnold, LPA

PERSON SPECIFICATION. Cyber PROTECT Officer. Job Title: Status: Established

Defending Our Digital Density.

Protecting Your Business: Best Practices for Implementing a Legally Compliant Cybersecurity Program Trivalent Solutions Expo June 19, 2014

Business Continuity Planning

Cybersecurity for Health Care Providers

10 Cybersecurity Questions for Bank CEOs and the Board of Directors

DFARS Compliance. SLAIT Consulting SECURITY SERVICES. Mike D Arezzo Director of Security Services. SLAITCONSULTING.com

Structuring Security for Success

CCISO Blueprint v1. EC-Council

Office of Infrastructure Protection Overview

Federal Civilian Executive branch State, Local, Tribal, Territorial government (SLTT) Private Sector (PS) Unclassified / Business Networks

Cybersecurity Conference Presentation North Bay Business Journal. September 27, 2016

79th OREGON LEGISLATIVE ASSEMBLY Regular Session. Senate Bill 90

DHS Cybersecurity Services and Resources

Cyber Incident Response. Prepare for the inevitable. Respond to evolving threats. Recover rapidly. Cyber Incident Response

Managing IT & Election Systems. U.S. Election Assistance Commission 1

Statement for the Record

Implementing the Administration's Critical Infrastructure and Cybersecurity Policy

2016 Nationwide Cyber Security Review: Summary Report. Nationwide Cyber Security Review: Summary Report

Jeff Wilbur VP Marketing Iconix

STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE

About Issues in Building the National Strategy for Cybersecurity in Vietnam

You ve Been Hacked Now What? Incident Response Tabletop Exercise

THE WHITE HOUSE. Office of the Press Secretary EXECUTIVE ORDER

Heavy Vehicle Cyber Security Bulletin

Cyber Crime Update. Mark Brett Programme Director February 2016

Toward All-Hazards Security and Resilience for the Power Grid

PIPELINE SECURITY An Overview of TSA Programs

Security Breaches: How to Prepare and Respond

ISAO SO Product Outline

THE WHITE HOUSE Office of the Press Secretary EXECUTIVE ORDER

Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

Critical Infrastructure Partnership

The Office of Infrastructure Protection

Transcription:

TM Plan. Protect. Respond. Welcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time Registration is open for the April webinar: Learn How to Choose and Protect Your SMB Website Hosting Service visit www.staysafeonline.org To view previous webinars, visit our Resources Library at https://staysafeonline.org/resources/

TM Plan. Protect. Respond. Welcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time Registration is open for the April webinar Learn How to Choose and Protect Your SMB Website Hosting Service visit www.staysafeonline.org To view previous webinars, visit our Resources Library at https://staysafeonline.org/resources/

TM Plan. Protect. Respond. Moderated by Daniel Eliot, Director Small Business Programs NCSA Jeff Marron, IT Specialist Security National Institute of Standards and Technology (NIST) Jon Clay, Director Global Threat Communications Trend Micro Matthew Stevens, Strategic Initiatives Manager Office of Entrepreneurial Development U. S. Small Business Administration Scott Taber, Cyber Security Awareness Program Specialist Michigan Small Business Development Center

TM Plan. Protect. Respond. Jeff Marron, IT Specialist Security National Institute of Standards and Technology

NIST 5-Step Approach The NIST Cybersecurity Framework Covers 5 Major Functions This internationally recognized framework gives businesses a way to think about cybersecurity and was created by public and private sector working together. 1. IDENTIFY assets you need to protect 2. PROTECT assets and limit impact 3. DETECT security problems 4. RESPOND to an incident 5. RECOVER from an incident

TM Plan. Protect. Respond. Jon Clay, Director Global Threat Communications Trend Micro

NIST Framework: Recover March 2018

Recover Systems from an Infection Ransomware https://www.nomoreransom.org/en/index.html 8 Copyright 2018 Trend Micro Inc.

Don t Assume Actors are Gone! Double Whammy: When One Attack Masks Another Attack 9 Copyright 2018 Trend Micro Inc.

Don t Assume Malware is Gone! Virus Data Stealing Malware Ransomware Spyware 10 Copyright 2018 Trend Micro Inc. Botnet O-day

TM Plan. Protect. Respond. Matthew Stevens, Strategic Initiatives Manager Office of Entrepreneurial Development U.S. Small Business Administration

NCSA CyberSecure My Business Webinar: Know What Recovery Looks Like Tools/Resources from the U.S. Small Business Administration Tuesday, March 13, 2018

Webinar Objectives SBA 101 What we do Learn about the breadth of SBA-supported cybersecurity resources Highlight specific resources/tools to recover from a cyber attack U.S. Small Business Administration 13

SBA Mission & Goals The U.S. Small Business Administration was created in 1953 as an independent agency of the federal government. Our mission is to maintain and strengthen the nation s economy by enabling the establishment and vitality of small businesses and by assisting in the economic recovery of communities after disasters. Goal 1 Support small business revenue and job growth Goal 2 Build healthy entrepreneurial ecosystems Goal 3 Restore small businesses and communities after disaster Goal 4 Strengthen SBA s ability to serve small businesses U.S. Small Business Administration 14

SBA 101: 3 C s and a D Capital Contracting Counseling Disaster Assistance U.S. Small Business Administration 15

Supporting the Entrepreneurial Ecosystem Office of Entrepreneurial Development Partnerships Individual Guidance Virtual Tools Intensive Support Strategic Resources TIPS U.S. Small Business Administration 16

SBA Technology and Innovation Partners ( TIPs ) SBA TIPS is a public-private partnership between the US Small Business Administration and best in class technology companies to provide free technology education and training to US small businesses TIPS is for: Small businesses Entrepreneurs Start-ups SDVOBs WOSBs TIPS is about: Leveraging technology Digital marketing Online banking Cyber security Making small business efficient and effective U.S. Small Business Administration 17

SBA Cybersecurity Resources - online www.sba.gov/cybersecurity U.S. Small Business Administration 18

SBA Cybersecurity Resources Recovering from Social Media Cyber-Vandalism Recovery 1. Contact social media companies to regain control 2. Audit your social media inventory 3. Communicate cybervandalism as appropriate 4. Initiate restoration activities after gaining control Response 1. Confirm incident and recovery 2. Confirm and verify changes to access 3. Conduct a review of lessons learned 4. Apply data and analysis of outcomes to improving your program U.S. Small Business Administration 19

Quick Steps to Respond to Cyber Attack 1. Inform local law enforcement or the state attorney general 2. Report stolen finances or identities and other cybercrimes to the Internet Crime Complaint Center 3. Report fraud to the Federal Trade Commission 4. Report computer or network vulnerabilities to US-CERT via the hotline: 1.888.282.0870 or www.us-cert.gov U.S. Small Business Administration 20

SBA Cybersecurity Resources Local Resources https://www.sba.gov/tools/local-assistance/ U.S. Small Business Administration 21

SBA Curated Cybersecurity Resources Top Cybersecurity Tools The C3 Voluntary Program Toolkit Department of Homeland Security (DHS) and its partners have established a Critical Infrastructure Cyber Community (C3) Voluntary Program to help educate business owners about cybersecurity Small Biz Cyber Planner Developed by Federal Communications Commission (FCC),an easy-to-use, free online tool that will help you create a customized planning guide to protect your business from cybersecurity threats SBA Online Course: Cybersecurity for Small Business An SBA developed course that will help you learn more about the ways you can protect your information and networks in case of a cyberattack. Cyber Resilience Review Assessment Tool Developed by DHS, this no-cost, voluntary CRR assessment tool helps businesses assess their information technology resilience. FTC s Start with Security: A Guide for Business Guide developed by the Federal Trade Commission offers10 practical lessons businesses can learn from the FTC's 50+ data security settlements. Cybersecurity Advisors (CSAs) CSAs are regionally-located DHS personnel who offer immediate and sustained cybersecurity assistance to prepare and protect organizations, including small and mid-sized businesses. email for more info (hyperlink above) Local Resources This collection of resources from various levels of government can help small and midsize businesses recognize and address their cybersecurity risks. U.S. Small Business Administration 22

TM Plan. Protect. Respond. Scott Taber Cyber Security Awareness Program Specialist Michigan Small Business Development Center

The Michigan SBDC Funded through a cooperative agreement with the U.S. Small Business Administration (SBA) Michigan Economic Development Corporation (MEDC) Matching funds from Local Network partners in each region. Scott Taber Cyber Security Awareness Program Specialist tabers@gvsu.edu

What I will Cover 1. Breached now what? 2. Process to Follow 3. People to Involve 4. Technology Can Help 5. Take Away

Breached now what? 1. Review Your Legal and Ethical Obligations In advance 2. Don t Panic and Don t Rush Your Response 3. Perform an Analysis and Act on Your Results 4. Keep Your Customers and Employees in the Loop

Process to Follow and People to Involve Process to Follow Identify Contain Investigate Remediate Communicate Lessons Learned People to Involve Cyber Security Expert & IT Vendors Attorney Employees Customers Partners Vendors Law Enforcement

Technology Can Help Consider company wide improvements Encryption (full disk, file/folder, email, VPN) Multi-factor Authentication (MFA, 2-factor) Mobile Device Management (MDM) Data Loss Prevention (DLP) Security Information and Event Management (SIEM) Intrusion Prevention/Detection System (IPS/IDS)

Take Away Business Continuity Plan Incident Response Plan Disaster Recovery Identify Key Assets Choose Protection Considering Budget Industry Requirements Capacity Legal Regulations

Cyber Security Awareness for Small Business www.smallbusinessbigthreat.com

TM Plan. Protect. Respond. Moderated by Daniel Eliot, Director Small Business Programs NCSA Jeff Marron, IT Specialist Security National Institute of Standards and Technology (NIST) Jon Clay, Director Global Threat Communications Trend Micro Matthew Stevens, Strategic Initiatives Manager Office of Entrepreneurial Development U. S. Small Business Administration Scott Taber, Cyber Security Awareness Program Specialist Michigan Small Business Development Center

TM Plan. Protect. Respond. Webinar Series Second Tuesdays 2:00 p.m. EDT April Website Hosting May Protect Email Accounts To Register: www.staysafeonline.org

TM Plan. Protect. Respond. NIST www.nist.gov/cyberframework Michigan SBDC ww.smallbusinessbigthreat.com U.S. Small Business Administration www.sba.gov/cybersecurity Trend Micro https://www.trendmicro.com National Cyber Security Alliance www.staysafeonline.org/cybersecure-business

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback