How to Prepare a Response to Cyber Attack for a Multinational Company.

Similar documents
THE PROCESS FOR ESTABLISHING DATA CLASSIFICATION. Session #155

CipherCloud CASB+ Connector for ServiceNow

Cybersecurity Auditing in an Unsecure World

Cybersecurity The Evolving Landscape

Jeff Wilbur VP Marketing Iconix

The Impact of Cybersecurity, Data Privacy and Social Media

Cyber Security Incident Response Fighting Fire with Fire

Cyber Security. The Question of the Day. Sylint Group, Inc. How did we come up with the company name Sylint and what does it mean?

CCISO Blueprint v1. EC-Council

Cyber Risks in the Boardroom Conference

PRC Cyber Security Law --- How does it affect a UK business? Xun Yang Of Counsel, Commercial IP and Technology

Challenges 3. HAWK Introduction 4. Key Benefits 6. About Gavin Technologies 7. Our Security Practice 8. Security Services Approach 9

Data Breach Preparation and Response. April 21, 2017

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Business Context: Key for Successful Risk Management

DFARS Compliance. SLAIT Consulting SECURITY SERVICES. Mike D Arezzo Director of Security Services. SLAITCONSULTING.com

TIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE

CYBER INSURANCE: MANAGING THE RISK

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

FFIEC Cyber Security Assessment Tool. Overview and Key Considerations

Certified Information Security Manager (CISM) Course Overview

DATA BREACH NUTS AND BOLTS

Changing face of endpoint security

Secure your company s Crown Jewels. workshop

CYBER SECURITY AIR TRANSPORT IT SUMMIT

Cybersecurity Session IIA Conference 2018

Cybersecurity in Higher Ed

Altitude Software. Data Protection Heading 2018

EU GDPR & NEW YORK CYBERSECURITY REQUIREMENTS 3 KEYS TO SUCCESS

Cyber Security Law --- Are you ready?

External Supplier Control Obligations. Cyber Security

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

ISE North America Leadership Summit and Awards

What It Takes to be a CISO in 2017

Business continuity management and cyber resiliency

2016 Data Protection & Breach Readiness Webinar Will Start Shortly. please download the guide at

STANDARD INFORMATION SHARING FORMATS. Will Semple Head of Threat and Vulnerability Management New York Stock Exchange

Ian Speller CISM PCIP MBCS. Head of Corporate Security at Sopra Steria

COPE-ing with Cyber Risk Exposures

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

Cyber Security. It s not just about technology. May 2017

ISSMP is in compliance with the stringent requirements of ANSI/ISO/IEC Standard

Do You Know Your Organization's Top 10 Security Risks?

SIEM: Five Requirements that Solve the Bigger Business Issues

Building a Complete Program around Data Loss Prevention

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

Cybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016

Cybersecurity What Companies are Doing & How to Evaluate. Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security

Integrating Cyber Security with Business Continuity Management to Build the Resilient Enterprise

Securing the cloud ISACA Korea. Han Ther, Lee CISA, CISM, CISSP, CRISC, ITILF, MCSA

Defensible Security DefSec 101

Cyber Security in M&A. Joshua Stone, CIA, CFE, CISA

CompTIA CASP (Advanced Security Practitioner)

Building an Effective Threat Intelligence Capability. Haider Pasha, CISSP, C EH Director, Security Strategy Emerging Markets Office of the CTO

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0

Cybersecurity and the Board of Directors

Cyber Security Risk Management and Identity Theft

CYBER SECURITY WORKSHOP NOVEMBER 2, Anurag Sharma [CISA, CISSP, CRISC] Principal Cyber & Information Security Services

GUIDE. Navigating the General Data Protection Regulation Mini Guide

2017 Cyber Incident & Breach Readiness Webinar Will Start Shortly

Healthcare HIPAA and Cybersecurity Update

Managing Cybersecurity Risk

INFORMATION SECURITY. One line heading. > One line subheading. A briefing on the information security controls at Computershare

GLBA, information security and incident response a compliance perspective

Is your privacy secure? HIPAA Compliance Workshop September Presented by: Andrés Castañeda, Senior Manager Steve Nouss, Partner

Cybersecurity and Nonprofit

Privacy and Security in the Age of Meaningful Use

THE CYBER SECURITY PLAYBOOKECTOR SHOULD KNOW BEFPRE, DURING & AFTER WHAT EVERY DIRECTOR SHOULD KNOW BEFORE, DURING AND AFTER AN ATTACK

Data Protection. Plugging the gap. Gary Comiskey 26 February 2010

Protect Your Institution with Effective Cybersecurity Governance. Baker Tilly Virchow Krause, LLP

Run the business. Not the risks.

RIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015

to protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large

Heavy Vehicle Cyber Security Bulletin

Performing a Vendor Security Review TCTC 2017 FALL EVENT PRESENTER: KATIE MCINTOSH

What is Penetration Testing?

112 th Annual Conference May 6-9, 2018 St. Louis, Missouri

From Managed Security Services to the next evolution of CyberSoc Services

No Country for Old Security Compliance in the Cloud. Joel Sloss, CDSA Board of Directors May 2017

Moving from Prevention to Detection March 2017

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft

Information Security Incident Response Plan

Aligning IT, Security and Risk Management Programs. Ahmed Qurram Baig, CISSP, CBCP, CRISC, CISM Information Security & GRC Expert

Cybersecurity Risk Oversight: the NIST Framework and EU approaches

Baseline Information Security and Privacy Requirements for Suppliers

Information Security Incident Response Plan

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

Bradford J. Willke. 19 September 2007

2017 Annual Meeting of Members and Board of Directors Meeting

DHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1

Changing the Game: An HPR Approach to Cyber CRM007

Microsoft Security Management

Avanade s Approach to Client Data Protection

GDPR: The Day After. Pierre-Luc REFALO

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald

Assessing Your Incident Response Capabilities Do You Have What it Takes?

10 Cybersecurity Questions for Bank CEOs and the Board of Directors

Hacking and Cyber Espionage

EXECUTIVE SUMMARY JUNE 2016 Multifamily and Cybersecurity: The Threat Landscape and Best Practices

SEC Issues Updated Guidance on Cybersecurity Disclosure

Transcription:

You Have Been Breached! How to Prepare a Response to Cyber Attack for a Multinational Company. Chayan Chakravarti, MBA, CISM, PMP Patrick Enyart, CISA, CISM, CRISC

Presenters Chayan Chakravarti Manager, IT Vendor Risk Management, McKesson Extensive experience in managing IT operations and risk management Responsible for IT vendor risk assessments and ongoing risk monitoring Managed global IT operations for offshore IT vendors Patrick Enyart Senior Director, Security Operations and Engineering Years of experience leading operations, risk management, and vulnerability management teams in healthcare and financial sectors Responsible for IT security and communicating system and business security based metrics to senior management

Agenda Impacts to the Enterprise Big Data Considerations Potential Breach Scenarios Existing Controls Proactive Cloud & Big Data Controls Reactive Cloud & Big Data Controls Implications for a Global Company Being Prepared Planning for Breach Response Breach Containment Planning for Breach Aftermath Lesson Learned Other Considerations

Impacts to the Enterprise Brand reputation Customer retention Intellectual Property Competitive Advantage Loss of (Sensitive) Data Regulatory penalties Legal and financial implications Employee attraction and retention

Big Data Considerations Implications Data for sale Data Integrity Data authorizations Data privacy Tools Hadoop Cloudera Key Management Identity Management Cloud Access Security Brokers (CASB)

Potential Breach Scenarios Lost systems containing Personally Identifiable Information (PII) Delivery of sensitive data to an unintended party Multi-tenancy issues Posting of inappropriate data disclosing it to unintended parties Compromised systems Loss or theft of physical property containing sensitive data Lost back-up data A breach of a business partner or vendor with access to your data Improper disposal or destruction of data Storage items (documents, drives)

Existing Controls Process based Vendor Management User Authentication User Authorization User Profiling Data Classification/Tagging Device Based DLP Data in Use/Data at Rest SIEM Log consolidation Log correlation Identity Management (IdM) Infrastructure based DLP Data in Motion Network connections IPS Firewall

Proactive Cloud & Big Data Controls Business view Security Awareness Training Vulnerability Management Patching OS and Application Configuration Management system hardening Identity Management (IdM) Indicators of Attack discovery and remediation Developers/development Secure Programming training Code Analysis as part of SDLC Customers view IdM Security Awareness Portal Management

Reactive Cloud & Big Data Controls Incident Management Response Communications Operational Responses Forensic Analysis Detective Controls DLP EndPoint Security Indicators of Compromise Discovery and remediation Threat Analysis Threat Actor fingerprinting Zero Day publications

Implications for a Global Company Cloud technologies Changing global foot print Acquisitions Divestitures IT outsourcing Data privacy and compliance Social and economic differences Productivity measures

Being Prepared Identify the Crown Jewels Identify internal key players Identify external key players Customers Regulatory resources Legal resources Vendors/ partners Put a plan in place Data/Application Owner Checklist Collaborate with Compliance, Privacy and Legal teams Vendor management Get Board and leadership support Update and test the plan periodically Table Top exercises Incident Breach Communication Cyber insurance

Planning for Breach Response Breach classification Crisis response team Appropriate communication Law enforcement agencies

Breach Containment Keep the business running Identify where attack is coming from Identify impact by system Isolate the network segment\data population Contain the breach and data loss Quantifying the breach Identify types of data lost Keep the business running

Planning for Breach Aftermath Litigation Corporation Image Brand management change of focus Rebuild integrity What is going to be the Positive spin Financial impact Process and System in scope Redesign Redeploy Global Process and System Evaluate and review Communications and post event management Individual level Employees Customers General public

Lessons Learned Updating controls Improved processes Tighten contracts Update breach response plan Incident Management Communications

Other Considerations Investor communications Shareholders Wall Street Long term assessment Residual activities Changing threat landscape

Thank you

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback