touchpoint where cybersecurity and business continuity meet the webinar will begin shortly
Download
Skip this Video
Download Presentation
Touchpoint! Where Cybersecurity and Business Continuity Meet The Webinar will begin shortly

Loading in 2 Seconds...

play fullscreen
1 / 57

Touchpoint! Where Cybersecurity and Business Continuity Meet The Webinar will begin shortly - PowerPoint PPT Presentation


  • 81 Views
  • Uploaded on

Touchpoint! Where Cybersecurity and Business Continuity Meet The Webinar will begin shortly. Touchpoint! Where Cybersecurity and Business Continuity Meet The Webinar will begin in 2 minutes. Touchpoint! Where Cybersecurity and Business Continuity Meet The Webinar will begin in 1 minute.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Touchpoint! Where Cybersecurity and Business Continuity Meet The Webinar will begin shortly' - tacita


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
touchpoint where cybersecurity and business continuity meet the webinar will begin in 2 minutes
Touchpoint!Where Cybersecurity and Business Continuity MeetThe Webinar will begin in 2 minutes
touchpoint where cybersecurity and business continuity meet the webinar will begin in 1 minute
Touchpoint!Where Cybersecurity and Business Continuity MeetThe Webinar will begin in 1 minute
slide5

Agenda

  • Introduce our hosts and sponsors
  • Meeting logistics
  • Introduce our panelists
  • Presentations
  • Panel discussion/ Q&A
slide8

www. NorthRiverSolutions.com

The Architects of Resiliency

slide9

www.metrix411.com

The Assessment

and

Information Management

Company

slide10

Use the Instant Message feature

to submit questions for discussion

by the panelists.

3 follow on activities
3 Follow-On Activities
  • All questions listed at www.continuitycompliance.org
  • The slide deck and video recording of this session is available on
    • ACP Home Page
    • Continuity Compliance Home Page
  • A Linked-In group entitled “ACP Edu. Webinar Series Q and A Forum” has been set up. All questions will be posted on this forum for discussion.
slide14
Touchpoint!Where Cybersecurity and Business Continuity MeetDavid Kondrup – Cyber Diligence, Inc.www.cyberdiligence.com
cyber security business continuity
Cyber Security & Business Continuity

How Cyber Security Threats Impact Business Continuity Planning…

Presenter: David A. Kondrup

C.E.O. All Business Management, LLC

Vice President, Cyber Diligence, Inc.

goals for today s presentation
Goals for today’s presentation
  • Discuss top Cyber-Security Threats in 2010
    • They represent a real risk to business continuity and disaster recovery
  • Some Numbers ($)
  • How the Cyber Threats Impact Your BCM
    • What your BIA should address
    • Planning Considerations
    • Internal or External Help
  • Questions
technology today
Technology Today
  • Communication via the internet, and the devices used through corporate networks have changed significantly.
    • Blackberry’s, Smart phones, Instant Messaging
    • USB drives, iPhones, iPods, Digital Cameras
    • Facebook, MySpace, LinkedIn, Twitter, Blogs
  • Technologies have created significant opportunities for employers, but they have also created significant risks!

Business Continuity Planning (BCP):

Impact ????????????????????????????????????????????????????

2010 cyber threat predictions
2010 Cyber-Threat Predictions
  • Social Networks (Phishing, now Whaling and Spearing)
  • Operating Systems & Third-Party Programs
  • Cyber-Warfare (Attack of the Botnets)
  • Smart Phones
  • Data Loss (hard drives, Thumb Drives)
  • Malware Variants

(Search Engine Optimization - Poisoning Info)

  • Threats to the MAC
  • In the “Clouds”
1 social networks engineering
1. Social Networks & Engineering
  • Highly successful strategy for malware developers.
    • Trick people with important topics in the news
    • High-profile events “World Cup”, Public Holidays
    • Gold mine for “Personal Information”, intelligence gathering, Phishing, Whaling and Spearing

BC Planning:

BIA should examine employee training, review of Acceptable Use Policy.

National Security Cyber Awareness Campaign: “Stop. Think. Connect.”

People cannot value security without first understanding how much is at risk.

Therefore, the Federal government should initiate a national public awareness campaign…

This campaign should focus on public messages to promote responsible us of the Internet and awareness of fraud, identity theft, cyber predators, and cyber ethics.

- White House Cyberspace Policy Review 6/2009

2 third party programs
2. Third Party Programs
  • Software Flaws (Patches)
  • Where are the Hackers going to go:
    • Third-party applications: Adobe Flash, Adobe Reader, Sun Java
    • Hackers are going to Facebook, MySpace, LinkedIn, other social/business networking

BC Planning:

Does the BIA examine updates & patches;

October 4 new Critical Security Updates by Adobe (Reader & Flash Player)

Scan of systems, networks and computers for known malware, viruses, Trojans

3a attack of the botnets
3A. Attack of the Botnets
  • Governments & Criminal Enterprises are building botnets for use in cyber-warfare & criminal activities such as extortions, blackmail (denial of service attacks)
    • Sneaking Botnets & Trojans onto innocent, unsuspecting civilian and business computers
    • Criminals are bidding their capabilities online
    • Shadowserver, tracking 5,900
    • Recent (Oct 2010) Symantec survey shows 53% of critical infrastructure firms around the globe have been hit with an attack; 48 % of the firms expect more attacks
      • http://www.symantec.com/content/en/us/about/presskits/Symantec_2010_CIP_Study_Global_Data.pdf
    • “Stuxnet worm attack” targets control systems made by Siemens that are commonly used to manage water supplies, oil rigs, factory controls, and plant systems

BC Planning:

Does the BIA address resiliency against Cyber attacks through:

Security Training, Executive Management Awareness, Endpoint Security,

Cyber Security Response, Cyber Security Audits

Does the BIA, RTO and RPO address E-Commerce issues?

Does the BIA address the impact of a Denial of Service attack?

Is there an Incident Response Plan for Cyber Attacks?

Plan for In-house or outside cyber security investigations?

Specialized computer forensic tools & software.

smart phones iphones droids blackberry s etc
Smart Phones iPhones, Droids, Blackberry’s, etc.
  • Smart phones are similar to a small computer on your hip or in your purse
    • Web browsing, email, word processing, spreadsheets, applications … of all types
    • Kaspersky Labs has identified 1,550 mobile malware signatures in September
  • Top Cell Phone Spy Products
    • “Spy Phone”: Android Spy App; Blackberry Spy; iPhone Spy App, Nokia Spy; “FlexiSpy”, ”Mobile-Spy”
    • Intercept, text messages, call logs, live interception, remote monitoring, GPS tracking (Wiretapping – crimes)
    • Fake movie player app for Android sent premium SMS’s costing owners $5 each

BC planning:

BIA address Enterprise Security Updates

BIA address the Acceptable Use Policy for use of Private Phones at work

Don’t leave unattended, do not install unknown apps

Sweep phones if symptoms occur.

Most enterprise platforms are OK if security maintained.

smart phones
Smart Phones
  • SIM Card Readers (don’t work on all phones)
    • No cell phone spyware installed
    • SIM Card Reader allows you to recover & read text messages (deleted), phone history, address book contacts
    • SIM card is removed then inserted into a device (can look like a USB thumb drive)

BC Planning:

BIA address policies on lost phones

Training on safeguarding phones, do not lend out your phone.

5 data loss data theft
5. Data Loss & Data Theft
  • CA Security Report Highlights Insider Threats
    • “rather than write variants of malware, they will hire ‘moles’ to pinpoint weaknesses within businesses, and use employees to siphon data for a profit”.
    • Two types of attacks: “internal threat” and “quiet attacks”
      • http://www.securecomputing.net.au/News/166248,ca-security-report-highlights-insider-threat.aspx
      • http://www.ca.com/files/SecurityAdvisorNews/h12010threatreport_244199.pdf
    • Lost laptops, loss of thumb drives, use of USB devices. “Pod-Slurp” use of email & FTP
      • Ponemon Institute reports that 800,000 devices are lost each year
    • Use of private e-mail accounts
      • Yahoo mail, Google mail, AOL, Hotmail, etc.

BC Planning:

Does the BIA examine policies for end point users (USB ports)?

Does IT use a program to alert them when USB’s are accessed & copied?

BIA examine policies on encryption, travel, transport, use of USB ports?

Does Acceptable Use Policy address employee privacy expectations on use of

private e-mail accounts on the corporate network?

Private vendor to monitor networks or investigate “data in motion”

6 malware
6. Malware
  • New malware variants have grown significantly over the past 3 years.
    • In 2009 PandaLabs identified 25 million new
    • Previously they identified 15 million over 20 yrs
    • NY Times 2/19/10 Page B3 “Malicious Software…”
    • Cyber criminals are using removable media & end-user naivety to introduce malware
    • SillyFDC Worm plagued the US Army; Conficker
    • Rouge Mail, pop-ups and re-directs (poison info), fake security software (stealing credit card info)
    • Used to install keystroke loggers to capture information

BC Planning:

BIA address Social media training (used to distribute malicious programs)

BIA address network & computer scanning for malware & trojans

(More than 55% of all Malware were trojans in the 3Q 2010 – per PandaLabs)

BIA to address training executives and employees with financial responsibilities

(Panda Security reports most malware are “Banker Trojans” to trick web users into navigating to fake financial sites so cybercriminals can steal login details and passwords)

7 threats to the mac
7. Threats to the MAC
  • MAC’s don’t get Viruses (is now a myth)
    • MAC’s are not bulletproof against malware
    • In 2009 Apple fixed hundreds of vulnerabilities in its OS and supporting products
    • MAC Malware like DNS changer will increase;
    • First 6 months of 2010
      • Jan – Traffic Redirector
      • Feb - Ransomware Blocker;
      • March - Safari Drive-by-attack CVE-2010-1120;
      • April - HellRaiser 4.2;
      • May - Safari Carpet Bomb attack;
      • June - PremiereOpinion” MAC OS X Spyware
  • As MAC’s continue to gain market share they will continue to be targeted by the bad guys for vulnerabilities in their OS platform

BC Planning:

BIA address security updates on MAC platforms

8 cloud computing
8. Cloud Computing
  • Can cloud vendors protect your sensitive data?
  • Will your ‘crown jewels” reside in the cloud?
  • Security vendors are finding ways to provide more robust and dynamic security services to cloud computing.
  • Someone will hack or penetrate the cloud.

BC planning:

Does your BIA address security and privacy regulations when sensitive data (“crown jewels”) resides in the cloud? Location of the equipment?

BIA and Risk Assessment include Cloud Vendor certification of security?

Cost benefit analysis should include fines & risks for loss of PII, HIPPA and financial data.

You reap all the benefits from Cloud Computing however while you are responsible you are not in charge of managing the cloud security.

some numbers
Some Numbers $
  • Fraud by Employees is Common, Hard to Detect.
    • Assoc Certified Fraud Examiners - $175,000 median loss
    • Most are first-timers, 7% prior convictions, 12% previously terminated for fraud related conduct
  • EEO Verdicts
    • Jury Verdict Research: Avg. $900,000 jury award
    • EEOC: Avg. negotiated settlement $550,000
    • One $54 million settlement in sex harassment case with $12 million to one plaintiff
  • “Insider Threat”, Dr. Eric Cole & Sandra Ring. Syngress Press.
    • Average monetary loss on cases worked $350 million annually
  • The Symantec 2010 Critical Infrastructure Protection Study
    • Reports that the average cost to Small Businesses from malware attacks was $850,000 per attack
  • CBS Evening News (4/22/10) “Where America Stands”
    • U.S. estimates $20 Billion/year loss from Cyber Espionage
bc planning considerations
BC Planning Considerations

Cyber Threat

BC Impact

Unauthorized Access

Unauthorized Access

Denial of Service, E-Commerce

Industrial espionage

IP – PII – Reputational Losses

Unauthorized Access, DOS

OS Exploitation

Loss of controls, but responsible for losses, regulatory issues

  • Social Networks
  • OS & 3rd Party Programs
  • Cyber-War
  • Smart Phones
  • Data Losses – Thefts
  • Malware Variants
  • MAC Computers
  • Cloud Computing
what can you do some solutions
What Can You Do, Some Solutions
  • Strategic Partnerships:
    • Security, It Department, HR Department, Agency Counsel
  • Employee Awareness & Training
    • Social Engineering: Train Employees to “Spot & Stop”
    • Develop “Smart Policies for Workplace Technologies”
  • USB Insecurity:
    • Encrypt devices, validate removable devices to prevent malware introduction, enforce device usage policies
    • Auto alerts to IT Security for unauthorized USB access/copying
    • Authorize key corporate individuals & pre-authorized devices
  • Internal or External Help
    • Pros & cons of internal vs. external help
    • Need to protect attorney client privileged information and work product
internal vs external
Internal vs. External
  • Time is your enemy
    • Internal departments have other pressing duties
  • Capabilities
    • Equipment & specialized Software
  • Experience
    • Investigative as well as technical
    • Litigation Support & testimony
  • Confidentiality
    • Targets are IT, senior members, etc.
    • Preserve work product, attorney-client privilege
  • Duty of Care responsibilities
    • Independent outside Subject Matter Experts
cyber security vendor what can they do
Cyber Security Vendor: What Can They Do
  • Information Technology Investigations
  • Network Forensics
  • Computer Forensics
  • Incident Response
  • E-Discovery
  • Expert Witness and Litigation Support
  • Training and Briefings
  • Technical Experts for Investigations
  • Information Technology Security-Risk Assessments
  • IT / Communication TSCM
cyber security csi capabilities continued
Cyber Security CSI Capabilities continued
  • Periodic Checks for Compliance with Corporate Responsibilities
  • Insider Threats
  • Outsider Threats
  • Operational Risks
  • Director’s & Officer’s
    • Duty of Care
contact information
Contact information
  • Contact:

David Kondrup (516) 507-4322

Vice President, Strategic Initiatives

Email: [email protected]

www.CyberDiligence.com

Cyber Diligence, Inc.

575 Underhill Blvd – suite 209

Syosset, N.Y. 11791

slide38
Touchpoint!Where Cybersecurity and Business Continuity MeetDaniel Dec – Fusion Risk Management, Inc.www.fusionrm.com
cybersecurity meets business continuity planning a bcp view
CyberSecurity Meets Business Continuity PlanningA BCP View
  • Daniel A. Dec
  • SVP Information Security

Fusion Risk Management Inc.

t opics
TOPICS

Agenda

  • 6 Typical BCP / Security Challenges
  • Program Structure
  • Executive Commitment
  • Key Observations
  • Questions
l eading or b egging
LEADINGOR BEGGING?

Consider this question as we run

Through the next few slides

6 typical bcp security challenges
6 Typical BCP/Security Challenges
  • 1) Security generally is more prominent in Business Risk Management activities

Today’s typical

Risk Management

Situation

Perceived Impact

= Unknown Risk

Control Effectiveness

effective d ecision f ramework
Effective DECISION FRAMEWORK

Focus Up Here…

Q: Does BCP/DR try to eliminate ALL risk?

Perceived Impact

…not down here!!!!!!!

Control Effectiveness

6 typical bcp security challenges1
6 Typical BCP/Security Challenges
  • 2) Security Changes affect BCP requirements and capabilities
    • Security is often part of Change Management
    • Too often these changes are not communicated to BC/DR
    • Q) Is the BC/DR team actively involved at the Change Management table?
6 typical bcp security challenges2
6 Typical BCP/Security Challenges
  • 3) Supply Chain / Third Party Vendors
    • Security often evaluates vendors as part of vendor procurement
    • Security is often involved in regular reviews or audits of vendors for contract compliance
    • Too often these evaluations do not focus enough on “Availability” even though Security should be covering Confidentiality, Integrity and Availability
    • Q) Is BC/DR part of the vendor evaluation/certification process?
6 typical bcp security challenges3
6 Typical BCP/Security Challenges
  • 4) Security and Human Resources
    • Security often has a direct link to the authoritative source for personnel (usually H/R)
    • Security utilizes this relationship to effectively manage provisioning and deprovisioning of access
    • This direct connection to H/R would benefit BC/DR because of the affect personnel changes have on the roles and responsibility of recovery plans.
    • Q) Does BC/DR have a direct link to H/R? Can it leverage from the Security/HR communication process?
6 typical bcp security challenges4
6 Typical BCP/Security Challenges
  • 5) Security generally have forms of training and awareness in place, but lack BCP/DR focus
    • Security often has a security training and awareness embedded in new hire processes
    • Security may have annual certifications an various other require training tied to gaining system access. Often in compliance with regulations like HIPAA or other policy, standards or requirements
    • Security is often visible as the media regularly highlights failures in security. Think about Information Breach incidents, and the laws and requirements surrounding notifications
    • Q) How robust is your BC/DR training and awareness program?
6 typical bcp security challenges5
6 Typical BCP/Security Challenges
  • 6) Security generally has collaborated and maintains business alignment
    • Security often deals with various risk mitigation solutions and has focused on the prioritization of risks and controls because:
    • “ Vulnerabilities and threats are endless, the funds to address them are not”
    • CEO, Fusion Risk Management
    • Security has established cross functional executive management teams
    • Q) How aligned is your BC/DR program with the business? awareness program?
slide49

Promote

Collaboration!

PROGRAM STRUCTURE

key observations
Key Observations
  • Do you know how much your firm spends on risk?
  • Do you know how those decisions get made?
  • Are threats, vulnerabilities, impacts and controls part of the management consciousness?
  • Are your BC/DR activities connected with revenues, profits and market share?
  • Are you managing risk or managing BC/DR plans or simply reacting to everything?
  • Are you a valuable asset or an expense?
  • How well can you improve BC/DR and Security collaboration so as to not duplicate efforts?
q uestions
QUESTIONS

[email protected](630) 240-7113

www.fusionrm.com

ad