Touchpoint where cybersecurity and business continuity meet the webinar will begin shortly
This presentation is the property of its rightful owner.
Sponsored Links
1 / 57

Touchpoint! Where Cybersecurity and Business Continuity Meet The Webinar will begin shortly PowerPoint PPT Presentation


  • 36 Views
  • Uploaded on
  • Presentation posted in: General

Touchpoint! Where Cybersecurity and Business Continuity Meet The Webinar will begin shortly. Touchpoint! Where Cybersecurity and Business Continuity Meet The Webinar will begin in 2 minutes. Touchpoint! Where Cybersecurity and Business Continuity Meet The Webinar will begin in 1 minute.

Download Presentation

Touchpoint! Where Cybersecurity and Business Continuity Meet The Webinar will begin shortly

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Touchpoint where cybersecurity and business continuity meet the webinar will begin shortly

Touchpoint!Where Cybersecurity and Business Continuity MeetThe Webinar will begin shortly


Touchpoint where cybersecurity and business continuity meet the webinar will begin in 2 minutes

Touchpoint!Where Cybersecurity and Business Continuity MeetThe Webinar will begin in 2 minutes


Touchpoint where cybersecurity and business continuity meet the webinar will begin in 1 minute

Touchpoint!Where Cybersecurity and Business Continuity MeetThe Webinar will begin in 1 minute


Touchpoint where cybersecurity and business continuity meet welcome

Touchpoint!Where Cybersecurity and Business Continuity MeetWelcome


Touchpoint where cybersecurity and business continuity meet the webinar will begin shortly

Agenda

  • Introduce our hosts and sponsors

  • Meeting logistics

  • Introduce our panelists

  • Presentations

  • Panel discussion/ Q&A


Touchpoint where cybersecurity and business continuity meet the webinar will begin shortly

www. continuitycompliance.org


Touchpoint where cybersecurity and business continuity meet the webinar will begin shortly

www. continuitycompliance.org


Touchpoint where cybersecurity and business continuity meet the webinar will begin shortly

www. NorthRiverSolutions.com

The Architects of Resiliency


Touchpoint where cybersecurity and business continuity meet the webinar will begin shortly

www.metrix411.com

The Assessment

and

Information Management

Company


Touchpoint where cybersecurity and business continuity meet the webinar will begin shortly

Use the Instant Message feature

to submit questions for discussion

by the panelists.


3 follow on activities

3 Follow-On Activities

  • All questions listed at www.continuitycompliance.org

  • The slide deck and video recording of this session is available on

    • ACP Home Page

    • Continuity Compliance Home Page

  • A Linked-In group entitled “ACP Edu. Webinar Series Q and A Forum” has been set up. All questions will be posted on this forum for discussion.


Touchpoint where cybersecurity and business continuity meet the webinar will begin shortly

www.cyberdiligence.com


Touchpoint where cybersecurity and business continuity meet the webinar will begin shortly

www.fusionrm.com


Touchpoint where cybersecurity and business continuity meet the webinar will begin shortly

Touchpoint!Where Cybersecurity and Business Continuity MeetDavid Kondrup – Cyber Diligence, Inc.www.cyberdiligence.com


Cyber security business continuity

Cyber Security & Business Continuity

How Cyber Security Threats Impact Business Continuity Planning…

Presenter:David A. Kondrup

C.E.O. All Business Management, LLC

Vice President, Cyber Diligence, Inc.


Goals for today s presentation

Goals for today’s presentation

  • Discuss top Cyber-Security Threats in 2010

    • They represent a real risk to business continuity and disaster recovery

  • Some Numbers ($)

  • How the Cyber Threats Impact Your BCM

    • What your BIA should address

    • Planning Considerations

    • Internal or External Help

  • Questions


Technology today

Technology Today

  • Communication via the internet, and the devices used through corporate networks have changed significantly.

    • Blackberry’s, Smart phones, Instant Messaging

    • USB drives, iPhones, iPods, Digital Cameras

    • Facebook, MySpace, LinkedIn, Twitter, Blogs

  • Technologies have created significant opportunities for employers, but they have also created significant risks!

    Business Continuity Planning (BCP):

    Impact ????????????????????????????????????????????????????


Risk analysis strategies and incident response

Risk Analysis Strategies and Incident Response


2010 cyber threat predictions

2010 Cyber-Threat Predictions

  • Social Networks (Phishing, now Whaling and Spearing)

  • Operating Systems & Third-Party Programs

  • Cyber-Warfare (Attack of the Botnets)

  • Smart Phones

  • Data Loss (hard drives, Thumb Drives)

  • Malware Variants

    (Search Engine Optimization - Poisoning Info)

  • Threats to the MAC

  • In the “Clouds”


1 social networks engineering

1. Social Networks & Engineering

  • Highly successful strategy for malware developers.

    • Trick people with important topics in the news

    • High-profile events “World Cup”, Public Holidays

    • Gold mine for “Personal Information”, intelligence gathering, Phishing, Whaling and Spearing

      BC Planning:

      BIA should examine employee training, review of Acceptable Use Policy.

      National Security Cyber Awareness Campaign: “Stop. Think. Connect.”

      People cannot value security without first understanding how much is at risk.

      Therefore, the Federal government should initiate a national public awareness campaign…

      This campaign should focus on public messages to promote responsible us of the Internet and awareness of fraud, identity theft, cyber predators, and cyber ethics.

      - White House Cyberspace Policy Review 6/2009


2 third party programs

2. Third Party Programs

  • Software Flaws (Patches)

  • Where are the Hackers going to go:

    • Third-party applications: Adobe Flash, Adobe Reader, Sun Java

    • Hackers are going to Facebook, MySpace, LinkedIn, other social/business networking

      BC Planning:

      Does the BIA examine updates & patches;

      October 4 new Critical Security Updates by Adobe (Reader & Flash Player)

      Scan of systems, networks and computers for known malware, viruses, Trojans


3 cyber warfare

3. Cyber Warfare


3a attack of the botnets

3A. Attack of the Botnets

  • Governments & Criminal Enterprises are building botnets for use in cyber-warfare & criminal activities such as extortions, blackmail (denial of service attacks)

    • Sneaking Botnets & Trojans onto innocent, unsuspecting civilian and business computers

    • Criminals are bidding their capabilities online

    • Shadowserver, tracking 5,900

    • Recent (Oct 2010) Symantec survey shows 53% of critical infrastructure firms around the globe have been hit with an attack; 48 % of the firms expect more attacks

      • http://www.symantec.com/content/en/us/about/presskits/Symantec_2010_CIP_Study_Global_Data.pdf

    • “Stuxnet worm attack” targets control systems made by Siemens that are commonly used to manage water supplies, oil rigs, factory controls, and plant systems

      BC Planning:

      Does the BIA address resiliency against Cyber attacks through:

      Security Training, Executive Management Awareness, Endpoint Security,

      Cyber Security Response, Cyber Security Audits

      Does the BIA, RTO and RPO address E-Commerce issues?

      Does the BIA address the impact of a Denial of Service attack?

      Is there an Incident Response Plan for Cyber Attacks?

      Plan for In-house or outside cyber security investigations?

      Specialized computer forensic tools & software.


4 smart phones

4. Smart Phones


Smart phones iphones droids blackberry s etc

Smart Phones iPhones, Droids, Blackberry’s, etc.

  • Smart phones are similar to a small computer on your hip or in your purse

    • Web browsing, email, word processing, spreadsheets, applications … of all types

    • Kaspersky Labs has identified 1,550 mobile malware signatures in September

  • Top Cell Phone Spy Products

    • “Spy Phone”: Android Spy App; Blackberry Spy; iPhone Spy App, Nokia Spy; “FlexiSpy”, ”Mobile-Spy”

    • Intercept, text messages, call logs, live interception, remote monitoring, GPS tracking (Wiretapping – crimes)

    • Fake movie player app for Android sent premium SMS’s costing owners $5 each

      BC planning:

      BIA address Enterprise Security Updates

      BIA address the Acceptable Use Policy for use of Private Phones at work

      Don’t leave unattended, do not install unknown apps

      Sweep phones if symptoms occur.

      Most enterprise platforms are OK if security maintained.


Smart phones

Smart Phones

  • SIM Card Readers (don’t work on all phones)

    • No cell phone spyware installed

    • SIM Card Reader allows you to recover & read text messages (deleted), phone history, address book contacts

    • SIM card is removed then inserted into a device (can look like a USB thumb drive)

      BC Planning:

      BIA address policies on lost phones

      Training on safeguarding phones, do not lend out your phone.


5 data loss data theft

5. Data Loss & Data Theft

  • CA Security Report Highlights Insider Threats

    • “rather than write variants of malware, they will hire ‘moles’ to pinpoint weaknesses within businesses, and use employees to siphon data for a profit”.

    • Two types of attacks: “internal threat” and “quiet attacks”

      • http://www.securecomputing.net.au/News/166248,ca-security-report-highlights-insider-threat.aspx

      • http://www.ca.com/files/SecurityAdvisorNews/h12010threatreport_244199.pdf

    • Lost laptops, loss of thumb drives, use of USB devices. “Pod-Slurp” use of email & FTP

      • Ponemon Institute reports that 800,000 devices are lost each year

    • Use of private e-mail accounts

      • Yahoo mail, Google mail, AOL, Hotmail, etc.

        BC Planning:

        Does the BIA examine policies for end point users (USB ports)?

        Does IT use a program to alert them when USB’s are accessed & copied?

        BIA examine policies on encryption, travel, transport, use of USB ports?

        Does Acceptable Use Policy address employee privacy expectations on use of

        private e-mail accounts on the corporate network?

        Private vendor to monitor networks or investigate “data in motion”


6 malware

6. Malware

  • New malware variants have grown significantly over the past 3 years.

    • In 2009 PandaLabs identified 25 million new

    • Previously they identified 15 million over 20 yrs

    • NY Times 2/19/10 Page B3 “Malicious Software…”

    • Cyber criminals are using removable media & end-user naivety to introduce malware

    • SillyFDC Worm plagued the US Army; Conficker

    • Rouge Mail, pop-ups and re-directs (poison info), fake security software (stealing credit card info)

    • Used to install keystroke loggers to capture information

      BC Planning:

      BIA address Social media training (used to distribute malicious programs)

      BIA address network & computer scanning for malware & trojans

      (More than 55% of all Malware were trojans in the 3Q 2010 – per PandaLabs)

      BIA to address training executives and employees with financial responsibilities

      (Panda Security reports most malware are “Banker Trojans” to trick web users into navigating to fake financial sites so cybercriminals can steal login details and passwords)


7 threats to the mac

7. Threats to the MAC

  • MAC’s don’t get Viruses (is now a myth)

    • MAC’s are not bulletproof against malware

    • In 2009 Apple fixed hundreds of vulnerabilities in its OS and supporting products

    • MAC Malware like DNS changer will increase;

    • First 6 months of 2010

      • Jan – Traffic Redirector

      • Feb - Ransomware Blocker;

      • March - Safari Drive-by-attack CVE-2010-1120;

      • April - HellRaiser 4.2;

      • May - Safari Carpet Bomb attack;

      • June - PremiereOpinion” MAC OS X Spyware

  • As MAC’s continue to gain market share they will continue to be targeted by the bad guys for vulnerabilities in their OS platform

    BC Planning:

    BIA address security updates on MAC platforms


8 cloud computing

8. Cloud Computing

  • Can cloud vendors protect your sensitive data?

  • Will your ‘crown jewels” reside in the cloud?

  • Security vendors are finding ways to provide more robust and dynamic security services to cloud computing.

  • Someone will hack or penetrate the cloud.

    BC planning:

    Does your BIA address security and privacy regulations when sensitive data (“crown jewels”) resides in the cloud? Location of the equipment?

    BIA and Risk Assessment include Cloud Vendor certification of security?

    Cost benefit analysis should include fines & risks for loss of PII, HIPPA and financial data.

    You reap all the benefits from Cloud Computing however while you are responsible you are not in charge of managing the cloud security.


Some numbers

Some Numbers $

  • Fraud by Employees is Common, Hard to Detect.

    • Assoc Certified Fraud Examiners - $175,000 median loss

    • Most are first-timers, 7% prior convictions, 12% previously terminated for fraud related conduct

  • EEO Verdicts

    • Jury Verdict Research: Avg. $900,000 jury award

    • EEOC: Avg. negotiated settlement $550,000

    • One $54 million settlement in sex harassment case with $12 million to one plaintiff

  • “Insider Threat”, Dr. Eric Cole & Sandra Ring. Syngress Press.

    • Average monetary loss on cases worked $350 million annually

  • The Symantec 2010 Critical Infrastructure Protection Study

    • Reports that the average cost to Small Businesses from malware attacks was $850,000 per attack

  • CBS Evening News (4/22/10) “Where America Stands”

    • U.S. estimates $20 Billion/year loss from Cyber Espionage


Bc planning considerations

BC Planning Considerations

Cyber Threat

BC Impact

Unauthorized Access

Unauthorized Access

Denial of Service, E-Commerce

Industrial espionage

IP – PII – Reputational Losses

Unauthorized Access, DOS

OS Exploitation

Loss of controls, but responsible for losses, regulatory issues

  • Social Networks

  • OS & 3rd Party Programs

  • Cyber-War

  • Smart Phones

  • Data Losses – Thefts

  • Malware Variants

  • MAC Computers

  • Cloud Computing


What can you do some solutions

What Can You Do, Some Solutions

  • Strategic Partnerships:

    • Security, It Department, HR Department, Agency Counsel

  • Employee Awareness & Training

    • Social Engineering: Train Employees to “Spot & Stop”

    • Develop “Smart Policies for Workplace Technologies”

  • USB Insecurity:

    • Encrypt devices, validate removable devices to prevent malware introduction, enforce device usage policies

    • Auto alerts to IT Security for unauthorized USB access/copying

    • Authorize key corporate individuals & pre-authorized devices

  • Internal or External Help

    • Pros & cons of internal vs. external help

    • Need to protect attorney client privileged information and work product


Internal vs external

Internal vs. External

  • Time is your enemy

    • Internal departments have other pressing duties

  • Capabilities

    • Equipment & specialized Software

  • Experience

    • Investigative as well as technical

    • Litigation Support & testimony

  • Confidentiality

    • Targets are IT, senior members, etc.

    • Preserve work product, attorney-client privilege

  • Duty of Care responsibilities

    • Independent outside Subject Matter Experts


Cyber security vendor what can they do

Cyber Security Vendor: What Can They Do

  • Information Technology Investigations

  • Network Forensics

  • Computer Forensics

  • Incident Response

  • E-Discovery

  • Expert Witness and Litigation Support

  • Training and Briefings

  • Technical Experts for Investigations

  • Information Technology Security-Risk Assessments

  • IT / Communication TSCM


Cyber security csi capabilities continued

Cyber Security CSI Capabilities continued

  • Periodic Checks for Compliance with Corporate Responsibilities

  • Insider Threats

  • Outsider Threats

  • Operational Risks

  • Director’s & Officer’s

    • Duty of Care


Contact information

Contact information

  • Contact:

    David Kondrup (516) 507-4322

    Vice President, Strategic Initiatives

    Email: [email protected]

    www.CyberDiligence.com

    Cyber Diligence, Inc.

    575 Underhill Blvd – suite 209

    Syosset, N.Y. 11791


Touchpoint where cybersecurity and business continuity meet the webinar will begin shortly

Touchpoint!Where Cybersecurity and Business Continuity MeetDaniel Dec – Fusion Risk Management, Inc.www.fusionrm.com


Cybersecurity meets business continuity planning a bcp view

CyberSecurity Meets Business Continuity PlanningA BCP View

  • Daniel A. Dec

  • SVP Information Security

Fusion Risk Management Inc.


T opics

TOPICS

Agenda

  • 6 Typical BCP / Security Challenges

  • Program Structure

  • Executive Commitment

  • Key Observations

  • Questions


L eading or b egging

LEADINGOR BEGGING?

Consider this question as we run

Through the next few slides


6 typical bcp security challenges

6 Typical BCP/Security Challenges

  • 1) Security generally is more prominent in Business Risk Management activities

Today’s typical

Risk Management

Situation

Perceived Impact

= Unknown Risk

Control Effectiveness


Effective d ecision f ramework

Effective DECISION FRAMEWORK

Focus Up Here…

Q: Does BCP/DR try to eliminate ALL risk?

Perceived Impact

…not down here!!!!!!!

Control Effectiveness


6 typical bcp security challenges1

6 Typical BCP/Security Challenges

  • 2) Security Changes affect BCP requirements and capabilities

    • Security is often part of Change Management

    • Too often these changes are not communicated to BC/DR

    • Q) Is the BC/DR team actively involved at the Change Management table?


6 typical bcp security challenges2

6 Typical BCP/Security Challenges

  • 3) Supply Chain / Third Party Vendors

    • Security often evaluates vendors as part of vendor procurement

    • Security is often involved in regular reviews or audits of vendors for contract compliance

    • Too often these evaluations do not focus enough on “Availability” even though Security should be covering Confidentiality, Integrity and Availability

    • Q) Is BC/DR part of the vendor evaluation/certification process?


6 typical bcp security challenges3

6 Typical BCP/Security Challenges

  • 4) Security and Human Resources

    • Security often has a direct link to the authoritative source for personnel (usually H/R)

    • Security utilizes this relationship to effectively manage provisioning and deprovisioning of access

    • This direct connection to H/R would benefit BC/DR because of the affect personnel changes have on the roles and responsibility of recovery plans.

    • Q) Does BC/DR have a direct link to H/R? Can it leverage from the Security/HR communication process?


6 typical bcp security challenges4

6 Typical BCP/Security Challenges

  • 5) Security generally have forms of training and awareness in place, but lack BCP/DR focus

    • Security often has a security training and awareness embedded in new hire processes

    • Security may have annual certifications an various other require training tied to gaining system access. Often in compliance with regulations like HIPAA or other policy, standards or requirements

    • Security is often visible as the media regularly highlights failures in security. Think about Information Breach incidents, and the laws and requirements surrounding notifications

    • Q) How robust is your BC/DR training and awareness program?


6 typical bcp security challenges5

6 Typical BCP/Security Challenges

  • 6) Security generally has collaborated and maintains business alignment

    • Security often deals with various risk mitigation solutions and has focused on the prioritization of risks and controls because:

    • “ Vulnerabilities and threats are endless, the funds to address them are not”

    • CEO, Fusion Risk Management

    • Security has established cross functional executive management teams

    • Q) How aligned is your BC/DR program with the business? awareness program?


Touchpoint where cybersecurity and business continuity meet the webinar will begin shortly

Promote

Collaboration!

PROGRAM STRUCTURE


E xecutive c ommitment

EXECUTIVE COMMITMENT


Key observations

Key Observations

  • Do you know how much your firm spends on risk?

  • Do you know how those decisions get made?

  • Are threats, vulnerabilities, impacts and controls part of the management consciousness?

  • Are your BC/DR activities connected with revenues, profits and market share?

  • Are you managing risk or managing BC/DR plans or simply reacting to everything?

  • Are you a valuable asset or an expense?

  • How well can you improve BC/DR and Security collaboration so as to not duplicate efforts?


Q uestions

QUESTIONS

[email protected](630) 240-7113

www.fusionrm.com


It s your turn

It’s Your Turn


Touchpoint where cybersecurity and business continuity meet the webinar will begin shortly

Thank You!


Touchpoint where cybersecurity and business continuity meet the webinar will begin shortly

Final Words


Touchpoint where cybersecurity and business continuity meet the webinar will begin shortly

Questions ,Comments, Suggestions

[email protected]

or

Tweet: @PSPrep_question


Touchpoint where cybersecurity and business continuity meet thank you

Touchpoint!Where Cybersecurity and Business Continuity MeetThank You!


  • Login