How to Prepare for a Data Breach

Size: px
Start display at page:

Download "How to Prepare for a Data Breach"

Transcription

1 IT Forum How to Prepare for a Data Breach Expediting Response and Minimizing Losses Presentation for SURA IT Committee November 5,,2014 Laura Whitaker, Senior Research Director eab.com

2 Getting to Know You EAB in Brief Thirty Years Serving Health Care, Eight with Colleges and Universities 2 Advisory Board founded in Washington, DC doing bespoke research Membership for Fortune 500 C- level executives, spun off as Corporate Executive Board First membership for healthcare executives; practice now serves 3,000 executives EAB launched serving university president s cabinet Academic Affairs Forum Business Affairs Forum Student Affairs Forum Research and Insights Memberships Enrollment Management Forum COE Forum Advancement Forum IT Forum Performance Collaboratives University Spend Collaborative Student Success Collaborative EAB Today: Work with 600+ institutions in North America Conduct 1000s of research interviews annually Serve members through best-practice research leadership meetings analyst consultations virtual events implementation artifacts diagnostics survey tools

3 Road Map For Discussion Preparing for an Inevitable Threat What Happens During a Breach? Resources to Get Your Team Started (see handout)

4 A Tantalizing Target Institutional Data At Risk Turnover, Mobile Devices, and Weak Compliance Generate Risk 4 A Familiar Problem With Diverse Sources Data Breaches in Higher Education , All Institution Types Payment Card Fraud, 0.18% Unknown, 1.41% Stationary Device, 6.51% Insider Theft, 3.17% Portable Device, 17.25% Physical Loss, 5.28% Hacking or Malware, 36.80% Unintended Disclosure, 29.40% Chronology of Data Breaches 2005-Present, Privacy Rights Clearinghouse, https://www.privacyrights.org/data-breach. Last updated December 31, Higher Education totals reflect manual grouping of like institutions.

5 A Closer Look No Immunity from Data Breaches Research Titans and Teaching-Focused Schools at Risk 5 Date Made Public Institution Name Type of Breach Records Compromised 1-Oct-14 Fort Hays State University Unintended Disclosure Sep-14 California State University, East Bay Hack Unknown 7-Aug-14 University California Santa Barbara Hack Unknown 14-Jul-14 Orangeburg-Calhoun Technical College Portable Device 20, Jul-14 University of Illinois, Chicago Hacking or Malware Unknown 10-Jul-14 Penn State College of Medicine Hacking or Malware 1, Jun-14 Butler University Hacking or Malware 163, Jun-14 Riverside Community College Unintended Disclosure 35,212 9-Jun-14 College of the Desert Insider Theft 1, May-14 Arkansas State University Hacking or Malware 50, May-14 San Diego State University Unintended Disclosure Unknown 14-May-14 University California Irvine Hacking or Malware Unknown 22-Apr-14 Iowa State University Hacking or Malware 29, Mar-14 The University of Wisconsin-Parkside Hacking or Malware 15,000 7-Mar-14 John Hopkins University Hacking or Malware Unknown 6-Mar-14 North Dakota University Hacking or Malware 290,780 5-Mar-14 Point Park University Unknown 1,800 Chronology of Data Breaches 2005-Present, Privacy Rights Clearinghouse, https://www.privacyrights.org/data-breach. Last updated December 31, Higher Education totals reflect manual grouping of like institutions.

6 The State of Play A Matter of When, Not If Higher Education Significant Target of Malicious Attacks on Data 6 Financial data, intellectual property, and research information put institutions in the crosshairs. Accidental exposure, petty theft, and major criminal attacks compromise systems daily. Mobile device expansion, increased wireless access, and extensive collaboration between higher education institutions and private partners expose more data faster than ever before. Without strong budgets or levers on diverse institutional partners, IT leaders struggle to enable the gains of new technology while protecting vital data of participants. While Chief Information Officers may not directly control department policies, effective preparation and processes may reduce the likelihood, duration, and cost of data breaches.

7 Complacency Not An Option The Spiraling Costs of Inaction Incidence and Cost of Breaches On the Rise 7 Ineffective procedures for a security breach can put sensitive information at risk and damage the reputation of the whole institution Smaller breaches might can cost several thousand dollars, and a data breach earlier in 2014 at Maricopa Community College District in Arizona is estimated to cost the system at least $17 million; major breaches can impact every campus constituency. While the IT team might identify and repair a security threat quickly, the escalating costs of forensics and verification can take months away from the most valuable technology staff, necessitate expensive vendor consultation, and result in lasting damage to the institution s reputation. Cost per Capita $294 The most recent analysis by the Ponemon Institute calculates that breaches in higher education cost an average of $294 per compromised record. Across all industries, the per capita cost of data breaches is rising. Ponemon Institute, Sponsored by Symantec, 2013 Cost of Data Breach Study: Global Analysis, https://www4.symantec.com/mktginfo/whitepaper/053013_gl_na_w P_Ponemon-2013-Cost-of-a-Data-Breach- Report_daiNA_cta72382.pdf. May 2013.

8 Where We Can Help Breach Plan and Management Preparation Simple, Cheap, and Effective Way to Improve Risk Profile 8 Security policies, tools and monitoring IT Forum Breach Response Toolkit Breach event occurs Management of response and communication Preparation Defense Systems and Workflow Mobilizing Response Breach Notification Resolution and Analysis Assessment Attack attempts occur, sources & methods tracked Staff and plan in place and ready to respond Post-event lessons feed updated monitoring plan

9 Preparing for an Inevitable Threat What Happens During a Breach? Resources to Get Your Team Started (see handout)

10 Preparing for Response Laying the Foundation Develop a Consistent Workflow Before Any Incident Occurs 10 Does the Breach Affect a Critical System? Hierarchy of Priorities: Human Life and Safety Sensitive and Regulated Information Critical Networks and Systems Business Continuity Internal Customer Service Who Owns Decisions During the Breach? Security Officer Detect and Report Incident Chief and Deputy Information Officer Approve Incident Category Manage Internal Communication Incident Response Leader Build Incident Response Team See Toolkit for Additional Resources

11 Preparing for Response Prepare and Empower First Responders Define Responsibilities of the Incident Response Leader 11 Manage Internal Communication Define incident priority level and notify CIO if necessary Update key staff (e.g., CIO, General Counsel) on breach during investigation Staff Response Team Recruit technical staff members with experience in compromised data As necessary, involve escalating group of key participants Ensure Data Collection With technical team members, collect forensic evidence and KPI s Compile report on data breach and response for future security preparation! Incident Response is a Drop Everything Priority Make sure that response leaders have the authority to clear all other team responsibilities during response.

12 Mobilizing Response Act Quickly to Minimize Response Cost Know the Necessary Immediate Steps 12 Mobilize Response Limit Damage: Limit and secure access to compromised systems If necessary, shut down affected machines and networks until forensic support arrives Alert Team: Activate response leaders, who will be responsible for pulling in support personnel Alert external response component groups (e.g., forensic data specialists) Collect Information Document Key Facts: Record date and time of breach incident, breach discovery, and when response efforts began Record who discovered the breach, reporting chain, and who on campus has been notified Begin Assessment and Analysis Estimate impact to institution and possible victims Prioritize response and notification components

13 Mobilizing Response Assemble Your Team Escalate Response Team With Threat Level 13 Incident Response Leader Lead Breach Response, Fix, and Verification Manage Resources and Communication Technical Expert Collect Evidence, Lead Quarantine and Fix Record and Report Key Metrics Compliance Officer Provide Guidance on Regulations and Rules Governing Compromised Data Department IT Expedite Communication with Internal Staff Provide Context on Local Data Practices General Counsel Evaluate Legal Risk to Institution and Victims Assist in External Communication Media Relations Coordinate All Internal and External Communication Protect Public Image of Technology Unit, Institution Minimum Necessary Medium-Level Threat or Risk High Risk to Resources or Reputation See Toolkit for Additional Resources

14 The Communication Framework Who Do You Need to Call? Maintain and Update Contact Lists for All Contingencies 14 Data Breach Services Forensic Investigators Private Investigators Outside Legal Counsel Mailing Services Call Centers Public Relations Firms Community Contacts Law Enforcement Local Media Outlets Vendors Connected with Compromised Data Professional Organizations Affected by Breach Keep All Response Leaders Updated with Key Contacts Review lists of breach service providers and community contacts at least quarterly, and make sure all response leaders have accurate information when launching into team recruitment and investigation.

15 The Communication Framework Striking the Right Tone Focus on the Details in Communication with Victims 15 Concern for constituent, contact information for remediation services. Sample Notification Letter Notification of Data Breach Steps the institution is taking to avoid future incidents. Details about breach and nature of lost data.! Sweat the Details Remember that a breach can damage relationships with students, staff, and vendors. Ensure that every detail of external communication expresses sincere apologies and conveys determination to do better down to the quality of paper used in outreach. See Toolkit for Additional Resources

16 Lessons from the Private Sector The New KPIs of Response Measure Your Efficiency to Identify Opportunity Standard Model Did we detect the breach and understand the problem? Did we assign an appropriate incident response team? Did we fix the problem? Did we notify the appropriate authorities and affected parties? Is service restored? Progressive Model* Measure Mean Time to: Identify: How long between breach and detection? Know: How long between detection and understanding of root causes? Fix: How long to resolve the situation and restore service? Verify: How long to confirm resolution with affected parties? 16 Any Breach Will Hit Your Pocketbook While the per-capita remediation fees associated with large-scale breaches can mount up, it s the fixed cost of responding to a breach itself that is inevitable. Boosting your ability to act efficiently is a high-leverage investment. Cyber Security Incident Response: Are we as prepared as we think? Ponemon Institute LLC, January Ponemon-Report-Cyber-Security-Incident-Response.pdf/.

17 Looking to the Future Turn Vulnerabilities Into Strengths Build New Threat Indicators Into Future Planning 17 Outside Attacks and Threat Indicators What was the source of the attack? What are the key characteristics of the attacking individual or group? What was the vulnerability exploited (e.g., social engineering, poor security architecture)? How can future response processes and communications for similar incidents be improved? Inside Theft and Accidental Exposure What was the source of the theft or loss? What vulnerabilities were exploited or exposed by the incident? Has the responsible employee or department caused problems before? Can improved awareness and trainings for local staff prevent future similar incidents?

18 Making the Grade Are You (Basically) Prepared for a Breach? Vetting Policies and People minimum expectations 18 I have a written policy to respond to data breach. My breach plan is approved by the General Counsel and compliance staff. I have a pool of incident leaders ready to coordinate and lead response when necessary. I have drafted template release and notification documents approved by the General Counsel. I have a list of local breach services vendors and community contacts on hand and with all breach response leaders.

19 Wrapping Up Questions? 19 After this presentation Laura Whitaker Practice Manager, IT Forum (202) Review the Security Breach Toolkit handouts (IT Forum members may download e-copies at eab.com.) Go through our self-diagnostic with your security lead. Get in touch with our research team to learn more about our security work and business intelligence research.

Panel Title: Data Breaches: Industry and Law Enforcement Perspectives on Best Practices

Panel Title: Data Breaches: Industry and Law Enforcement Perspectives on Best Practices Panel Title: Data Breaches: Industry and Law Enforcement Perspectives on Best Practices Over the course of this one hour presentation, panelists will cover the following subject areas, providing answers

More information

Cyber Security Incident Handling Policy. Information Technology Services Center (ITSC) of The Hong Kong University of Science and Technology

Cyber Security Incident Handling Policy. Information Technology Services Center (ITSC) of The Hong Kong University of Science and Technology Cyber Security Incident Handling Policy Information Technology Services Center (ITSC) of The Hong Kong University of Science and Technology Date: Oct 9, 2015 i Document Control Document Owner Classification

More information

Privacy Rights Clearing House

Privacy Rights Clearing House 10/13/15 Cybersecurity in Education What you face as educational organizations How to Identify, Monitor and Protect Presented by Jamie Gershon Sr. Vice President Education Practice Group 1 Privacy Rights

More information

Data Breach and Senior Living Communities May 29, 2015

Data Breach and Senior Living Communities May 29, 2015 Data Breach and Senior Living Communities May 29, 2015 Todays Objectives: 1. Discuss Current Data Breach Trends & Issues 2. Understanding Why The Senior Living Industry May Be A Target 3. Data Breach Costs

More information

Data Breaches in the Government Sector. A Rapid7 Research Report

Data Breaches in the Government Sector. A Rapid7 Research Report Data Breaches in the Government Sector A Rapid7 Research Report Summary of Report Across all industries, data breaches and the protection of business-critical data remain a top concern. While the government

More information

Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution

Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: April 2013 Ponemon Institute Research Report

More information

Standard: Information Security Incident Management

Standard: Information Security Incident Management Standard: Information Security Incident Management Page 1 Executive Summary California State University Information Security Policy 8075.00 states security incidents involving loss, damage or misuse of

More information

Aftermath of a Data Breach Study

Aftermath of a Data Breach Study Aftermath of a Data Breach Study Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: January 2012 Ponemon Institute Research Report Aftermath

More information

Information Security Program CHARTER

Information Security Program CHARTER State of Louisiana Information Security Program CHARTER Date Published: 12, 09, 2015 Contents Executive Sponsors... 3 Program Owner... 3 Introduction... 4 Statewide Information Security Strategy... 4 Information

More information

Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution

Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: March 2013 Ponemon Institute Research Report

More information

Incident Response. Proactive Incident Management. Sean Curran Director

Incident Response. Proactive Incident Management. Sean Curran Director Incident Response Proactive Incident Management Sean Curran Director Agenda Incident Response Overview 3 Drivers for Incident Response 5 Incident Response Approach 11 Proactive Incident Response 17 2 2013

More information

Cyber Threat Intelligence and Incident Coordination Center (C 3 ) Protecting the Healthcare Industry from Cyber Attacks

Cyber Threat Intelligence and Incident Coordination Center (C 3 ) Protecting the Healthcare Industry from Cyber Attacks Cyber Threat Intelligence and Incident Coordination Center (C 3 ) Protecting the Healthcare Industry from Cyber Attacks July 2014 Cyber Threat Intelligence and Incident Coordination Center: Protecting

More information

SafeBiz. Identity Theft and Data Breach Program For Small & Medium Size Businesses (SMB)

SafeBiz. Identity Theft and Data Breach Program For Small & Medium Size Businesses (SMB) SafeBiz Identity Theft and Data Breach Program For Small & Medium Size Businesses (SMB) 1 About Us Since 2003 we have helped victims of identity theft recover fully from this devastating crime, and continue

More information

DATA BREACH COVERAGE

DATA BREACH COVERAGE THIS ENDORSEMENT CHANGES THE POLICY. PLEASE READ THIS CAREFULLY. DATA BREACH COVERAGE SCHEDULE OF COVERAGE LIMITS Coverage Limits of Insurance Data Breach Coverage $50,000 Legal Expense Coverage $5,000

More information

Vulnerability Risk Management 2.0. Best Practices for Managing Risk in the New Digital War

Vulnerability Risk Management 2.0. Best Practices for Managing Risk in the New Digital War Vulnerability Risk Management 2.0 Best Practices for Managing Risk in the New Digital War In 2015, 17 new security vulnerabilities are identified every day. One nearly every 90 minutes. This consistent

More information

Brief. The BakerHostetler Data Security Incident Response Report 2015

Brief. The BakerHostetler Data Security Incident Response Report 2015 Brief The BakerHostetler Data Security Incident Response Report 2015 The rate of disclosures of security incidents in 2015 continues at a pace that caused many to call 2013 and then 2014 the year of the

More information

Information Security Incident Management Guidelines

Information Security Incident Management Guidelines Information Security Incident Management Guidelines INFORMATION TECHNOLOGY SECURITY SERVICES http://safecomputing.umich.edu Version #1.0, June 21, 2006 Copyright 2006 by The Regents of The University of

More information

IT Security Incident Management Policies and Practices

IT Security Incident Management Policies and Practices IT Security Incident Management Policies and Practices Information Technology Services Center (ITSC) of The Hong Kong University of Science and Technology Date: Feb 6, 2015 i Document Control Document

More information

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES Leonard Levy PricewaterhouseCoopers LLP Session ID: SEC-W03 Session Classification: Intermediate Agenda The opportunity Assuming

More information

Computer Security Incident Response Team

Computer Security Incident Response Team Computer Security Incident Response Team Operational Standards The University of Scranton Information Security Office August 2014 Table of Contents 1.0 Operational Standards Document Overview... 3 2.0

More information

Managing Cyber Security as a Business Risk: Cyber Insurance in the Digital Age

Managing Cyber Security as a Business Risk: Cyber Insurance in the Digital Age Managing Cyber Security as a Business Risk: Cyber Insurance in the Digital Age Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: August 2013

More information

Application Security in the Software Development Lifecycle

Application Security in the Software Development Lifecycle Application Security in the Software Development Lifecycle Issues, Challenges and Solutions www.quotium.com 1/15 Table of Contents EXECUTIVE SUMMARY... 3 INTRODUCTION... 4 IMPACT OF SECURITY BREACHES TO

More information

The Value of Vulnerability Management*

The Value of Vulnerability Management* The Value of Vulnerability Management* *ISACA/IIA Dallas Presented by: Robert Buchheit, Director Advisory Practice, Dallas Ricky Allen, Manager Advisory Practice, Houston *connectedthinking PwC Agenda

More information

Applying machine learning techniques to achieve resilient, accurate, high-speed malware detection

Applying machine learning techniques to achieve resilient, accurate, high-speed malware detection White Paper: Applying machine learning techniques to achieve resilient, accurate, high-speed malware detection Prepared by: Northrop Grumman Corporation Information Systems Sector Cyber Solutions Division

More information

Computer Security Incident Response Team

Computer Security Incident Response Team University of Scranton Computer Security Incident Response Team Operational Standards Information Security Office 1/27/2009 Table of Contents 1.0 Operational Standards Document Overview... 3 2.0 Establishment

More information

Cyber Risks in Italian market

Cyber Risks in Italian market Cyber Risks in Italian market Milano, 01.10.2014 Forum Ri&Assicurativo Gianmarco Capannini Agenda 1 Cyber Risk - USA 2 Cyber Risk Europe experience trends Market size and trends Market size and trends

More information

Cisco & Big Data Security

Cisco & Big Data Security Cisco & Big Data Security 巨 量 資 料 的 傳 輸 保 護 Joey Kuo Borderless Networks Manager hskuo@cisco.com The any-to-any world and the Internet of Everything is an evolution in connectivity and collaboration that

More information

KEY STEPS FOLLOWING A DATA BREACH

KEY STEPS FOLLOWING A DATA BREACH KEY STEPS FOLLOWING A DATA BREACH Introduction This document provides key recommended steps to be taken following the discovery of a data breach. The document does not constitute an exhaustive guideline,

More information

DUUS Information Technology (IT) Incident Management Standard

DUUS Information Technology (IT) Incident Management Standard DUUS Information Technology (IT) Incident Management Standard Issue Date: October 1, 2013 Effective Date: October 1,2013 Revised Date: Number: DHHS-2013-001-E 1.0 Purpose and Objectives Computer systems

More information

October 24, 2014. Mitigating Legal and Business Risks of Cyber Breaches

October 24, 2014. Mitigating Legal and Business Risks of Cyber Breaches October 24, 2014 Mitigating Legal and Business Risks of Cyber Breaches AGENDA Introductions Cyber Threat Landscape Cyber Risk Mitigation Strategies 1 Introductions 2 Introductions To Be Confirmed Title

More information

2008 NASCIO Award Submission. Utilizing PCI Compliance to Improve Enterprise Risk Management

2008 NASCIO Award Submission. Utilizing PCI Compliance to Improve Enterprise Risk Management Section A Cover Page 2008 NASCIO Award Submission Utilizing PCI Compliance to Improve Enterprise Risk Management Information Security and Privacy Michigan Section B - Executive Summary Michigan has implemented

More information

Report on CAP Cybersecurity November 5, 2015

Report on CAP Cybersecurity November 5, 2015 Agenda Number 7. Report on CAP Cybersecurity November 5, 2015 Phil Cook CISSP, CISM Manager, Information Technologies Risk #1 External Attacks PR 81 Protect and secure CAP's Information Technology assets

More information

BOARD OF GOVERNORS MEETING JUNE 25, 2014

BOARD OF GOVERNORS MEETING JUNE 25, 2014 CYBER RISK UPDATE BOARD OF GOVERNORS MEETING JUNE 25, 2014 EXECUTIVE SUMMARY Cyber risk has become a major threat to organizations around the world, as highlighted in several well-publicized data breaches

More information

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder Ten Questions Your Board Should be asking about Cyber Security Eric M. Wright, Shareholder Eric Wright, CPA, CITP Started my career with Schneider Downs in 1983. Responsible for all IT audit and system

More information

DATA BREACH POLICY IMPLENTATION GUIDE

DATA BREACH POLICY IMPLENTATION GUIDE DATA BREACH POLICY IMPLENTATION GUIDE OCTOBER 15, 2007 1 Data Breach Policy Implementation Guide Purpose The response to any breach of personally identifiable information (PII) can have a critical impact

More information

Best Practices for Building a Security Operations Center

Best Practices for Building a Security Operations Center OPERATIONS SECURITY Best Practices for Building a Security Operations Center Diana Kelley and Ron Moritz If one cannot effectively manage the growing volume of security events flooding the enterprise,

More information

CYBER SECURITY, A GROWING CIO PRIORITY

CYBER SECURITY, A GROWING CIO PRIORITY www.wipro.com CYBER SECURITY, A GROWING CIO PRIORITY Bivin John Verghese, Practitioner - Managed Security Services, Wipro Ltd. Contents 03 ------------------------------------- Abstract 03 -------------------------------------

More information

CITY UNIVERSITY OF HONG KONG Information Security Incident Management Standard

CITY UNIVERSITY OF HONG KONG Information Security Incident Management Standard CITY UNIVERSITY OF HONG KONG Information Security Incident Management Standard (Approved by the Information Strategy and Governance Committee in December 2013; revision 1.1 approved by Chief Information

More information

IBM Security Intelligence Strategy

IBM Security Intelligence Strategy IBM Security Intelligence Strategy Delivering Insight with Agility October 17, 2014 Victor Margina Security Solutions Accent Electronic 12013 IBM Corporation We are in an era of continuous breaches Operational

More information

SMB Data Breach Risk Management Best Practices. By Mark Pribish February 19, 2015

SMB Data Breach Risk Management Best Practices. By Mark Pribish February 19, 2015 SMB Data Breach Risk Management Best Practices By Mark Pribish February 19, 2015 Presentation Agenda About Mark Pribish Information Governance The Threat Landscape Data Breach Trends Legislative and Regulatory

More information

DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, D.C. 20301-6000

DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, D.C. 20301-6000 DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, D.C. 20301-6000 CHIEF INFORMATION OFFICER December 9, 2015 MEMORANDUM FOR SECRETARIES OF THE MILITARY DEPARTMENTS CHAIRMAN OF THE JOINT CHIEFS OF

More information

GEARS Cyber-Security Services

GEARS Cyber-Security Services Florida Department of Management Services Division of State Purchasing Table of Contents Introduction... 1 About GEARS... 2 1. Pre-Incident Services... 3 1.1 Incident Response Agreements... 3 1.2 Assessments

More information

Utica College. Information Security Plan

Utica College. Information Security Plan Utica College Information Security Plan Author: James Farr (Information Security Officer) Version: 1.0 November 1 2012 Contents Introduction... 3 Scope... 3 Information Security Organization... 4 Roles

More information

The Future of Data Breach Risk Management Response and Recovery. The Cybersecurity Forum April 14, 2016

The Future of Data Breach Risk Management Response and Recovery. The Cybersecurity Forum April 14, 2016 The Future of Data Breach Risk Management Response and Recovery Increasing electronic product life and reliability The Cybersecurity Forum April 14, 2016 Today s Topics About Merchants Information Solutions,

More information

Advanced SOC Design. Next Generation Security Operations. Shane Harsch Senior Solutions Principal, MBA GCED CISSP RSA

Advanced SOC Design. Next Generation Security Operations. Shane Harsch Senior Solutions Principal, MBA GCED CISSP RSA Advanced SOC Design Next Generation Security Operations Shane Harsch Senior Solutions Principal, MBA GCED CISSP RSA 1 ! Why/How security investments need to shift! Key functions of a Security Operations

More information

Real World Healthcare Security Exposures. Brian Selfridge, Partner, Meditology Services

Real World Healthcare Security Exposures. Brian Selfridge, Partner, Meditology Services Real World Healthcare Security Exposures Brian Selfridge, Partner, Meditology Services 2 Agenda Introduction Background and Industry Context Anatomy of a Pen Test Top 10 Healthcare Security Exposures Lessons

More information

CHAPTER 1 COMPUTER SECURITY INCIDENT RESPONSE TEAM (CSIRT)

CHAPTER 1 COMPUTER SECURITY INCIDENT RESPONSE TEAM (CSIRT) CHAPTER 1 COMPUTER SECURITY INCIDENT RESPONSE TEAM (CSIRT) PURPOSE: The purpose of this procedure is to establish the roles, responsibilities, and communication procedures for the Computer Security Incident

More information

Cyber Liability. What School Districts Need to Know

Cyber Liability. What School Districts Need to Know Cyber Liability What School Districts Need to Know Data Breaches Growing In Number Between January 1, 2008 and April 4, 2012 314,216,842 reported records containing sensitive personal information have

More information

Navigating the Waters of Incident Response and Recovery

Navigating the Waters of Incident Response and Recovery Navigating the Waters of Incident Response and Recovery Lee Kim, Esq. Tucker Arensberg, P.C. CERT Symposium: Cyber Security Incident Management for Health Information Exchanges June 26, 2013 2013 Lee Kim

More information

Managed Security Services. Leverage our experienced security operations team to improve your cyber security posture

Managed Security Services. Leverage our experienced security operations team to improve your cyber security posture Managed Security Services Leverage our experienced security operations team to improve your cyber security posture Our approach to Managed Security Services Enterprises spend millions on technology to

More information

WHITE PAPER KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST PROTECTING THE PROTECTOR

WHITE PAPER KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST PROTECTING THE PROTECTOR KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST Protecting Identities. Enhancing Reputations. IDT911 1 DATA BREACHES AND SUBSEQUENT IDENTITY THEFT AND FRAUD THREATEN YOUR ORGANIZATION

More information

Healthcare Cybersecurity Perspectives from the Michigan Healthcare Cybersecurity Council

Healthcare Cybersecurity Perspectives from the Michigan Healthcare Cybersecurity Council Healthcare Cybersecurity Perspectives from the Michigan Healthcare Cybersecurity Council Presented by Doug Copley, Chairman Michigan Healthcare Cybersecurity Council Mr. Chairman and Committee Members,

More information

Protecting against cyber threats and security breaches

Protecting against cyber threats and security breaches Protecting against cyber threats and security breaches IBM APT Survival Kit Alberto Benavente Martínez abenaventem@es.ibm.com IBM Security Services Jun 11, 2015 (Madrid, Spain) 12015 IBM Corporation So

More information

Data Loss Prevention and HIPAA. Kit Robinson Director kit.robinson@vontu.com

Data Loss Prevention and HIPAA. Kit Robinson Director kit.robinson@vontu.com Data Loss Prevention and HIPAA Kit Robinson Director kit.robinson@vontu.com ID Theft Tops FTC's List of Complaints For the 5 th straight year, identity theft ranked 1 st of all fraud complaints. 10 million

More information

Enterprise Projects Fiscal Year 2009/2010 First Quarter Report

Enterprise Projects Fiscal Year 2009/2010 First Quarter Report Enterprise Projects Fiscal Year 2009/2010 First Quarter Report Enterprise Projects Fiscal Year 2009/2010 - First Quarter Report The Enterprise Program Investment Council (EPIC) is responsible for governance

More information

Cyber attack on Twitter, 250,000 accounts hacked

Cyber attack on Twitter, 250,000 accounts hacked HEADLINES Impact and Cost At least 19 states have introduced or are considering security breach legislation in 2014. Most of the bills would amend existing security breach laws. According to the Ponemon

More information

Cybersecurity: Protecting Your Business. March 11, 2015

Cybersecurity: Protecting Your Business. March 11, 2015 Cybersecurity: Protecting Your Business March 11, 2015 Grant Thornton. All LLP. rights All reserved. rights reserved. Agenda Introductions Presenters Cybersecurity Cybersecurity Trends Cybersecurity Attacks

More information

FREQUENTLY ASKED QUESTIONS

FREQUENTLY ASKED QUESTIONS Updated 2/6/2015 Anthem and its affiliated brands was the target of a very sophisticated external cyber-attack. These cyber attackers gained unauthorized access to Anthem s information technology (IT)

More information

Chairman Johnson, Ranking Member Carper, and Members of the committee:

Chairman Johnson, Ranking Member Carper, and Members of the committee: UNITED STATES OFFICE OF PERSONNEL MANAGEMENT STATEMENT OF THE HONORABLE KATHERINE ARCHULETA DIRECTOR U.S. OFFICE OF PERSONNEL MANAGEMENT before the COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS

More information

Nerds and Geeks Re-United: Towards a Practical Approach to Health Privacy Breaches. Gerard M. Stegmaier gstegmaier@wsgr.

Nerds and Geeks Re-United: Towards a Practical Approach to Health Privacy Breaches. Gerard M. Stegmaier gstegmaier@wsgr. Nerds and Geeks Re-United: Towards a Practical Approach to Health Privacy Breaches Gerard M. Stegmaier gstegmaier@wsgr.com @1sand0slawyer Data Breach Trends 2011 Average Loss to Organization = $5.5 million

More information

Accenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges

Accenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges Accenture Intelligent Security for the Digital Enterprise Archer s important role in solving today's pressing security challenges The opportunity to improve cyber security has never been greater 229 2,287

More information

NYS LOCAL GOVERNMENT VULNERABILITY SCANNING PROJECT September 22, 2011

NYS LOCAL GOVERNMENT VULNERABILITY SCANNING PROJECT September 22, 2011 NYS LOCAL GOVERNMENT VULNERABILITY SCANNING PROJECT September 22, 2011 Executive Summary BACKGROUND The NYS Local Government Vulnerability Scanning Project was funded by a U.S. Department of Homeland Security

More information

Cyber Security Metrics Dashboards & Analytics

Cyber Security Metrics Dashboards & Analytics Cyber Security Metrics Dashboards & Analytics Feb, 2014 Robert J. Michalsky Principal, Cyber Security NJVC, LLC Proprietary Data UNCLASSIFIED Agenda Healthcare Sector Threats Recent History Security Metrics

More information

Nine Steps to Smart Security for Small Businesses

Nine Steps to Smart Security for Small Businesses Nine Steps to Smart Security for Small Businesses by David Lacey Co-Founder, Jericho Forum Courtesy of TABLE OF CONTENTS INTRODUCTION... 1 WHY SHOULD I BOTHER?... 1 AREN T FIREWALLS AND ANTI-VIRUS ENOUGH?...

More information

NASCIO 2015 State IT Recognition Awards

NASCIO 2015 State IT Recognition Awards NASCIO 2015 State IT Recognition Awards Title: State of Georgia Private Security Cloud Implementation Category: Cybersecurity Contact: Mr. Calvin Rhodes CIO, State of Georgia Executive Director, GTA calvin.rhodes@gta.ga.gov

More information

Protecting What Matters Most. Terry Ray Chief Product Strategist Trending Technologies Session 11

Protecting What Matters Most. Terry Ray Chief Product Strategist Trending Technologies Session 11 Protecting What Matters Most Terry Ray Chief Product Strategist Trending Technologies Session 11 Cyber attacks are bad and getting Significant economic Stock price fell by 14% Impacted profits by 46% Total

More information

GALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability

GALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability GALLAGHER CYBER LIABILITY PRACTICE Tailored Solutions for Cyber Liability and Professional Liability Are you exposed to cyber risk? Like nearly every other business, you have probably capitalized on the

More information

Cybersecurity. Shamoil T. Shipchandler Partner, Bracewell & Giuliani LLP 214.758.1048

Cybersecurity. Shamoil T. Shipchandler Partner, Bracewell & Giuliani LLP 214.758.1048 Cybersecurity Shamoil T. Shipchandler Partner, Bracewell & Giuliani LLP 214.758.1048 Setting expectations Are you susceptible to a data breach? October 7, 2014 Setting expectations Victim Perpetrator

More information

Managing IT Security with Penetration Testing

Managing IT Security with Penetration Testing Managing IT Security with Penetration Testing Introduction Adequately protecting an organization s information assets is a business imperative one that requires a comprehensive, structured approach to

More information

Detect, Prevent and Remediate the Cyber attack Nelson Yuen

Detect, Prevent and Remediate the Cyber attack Nelson Yuen Detect, Prevent and Remediate the Cyber attack Nelson Yuen Senior Systems Engineer Overview of the Local Security Landscape IP camera footages broadcasted live online In September, 2014, more than 1,000

More information

2009 HIMSS Analytics Report: Evaluating HITECH s Impact on Healthcare Privacy and Security

2009 HIMSS Analytics Report: Evaluating HITECH s Impact on Healthcare Privacy and Security 2009 HIMSS Analytics Report: Evaluating HITECH s Impact on Healthcare Privacy and Security Commissioned by ID Experts November 2009 INTRODUCTION Healthcare breaches are on the rise; according to the 2009

More information

Educa&onal Event Spring 2015. Cyber Security - Implications for Records Managers Art Ehuan

Educa&onal Event Spring 2015. Cyber Security - Implications for Records Managers Art Ehuan Educa&onal Event Spring 2015 Cyber Security - Implications for Records Managers Art Ehuan Risk to Corporate Information The protection of mission dependent intellectual property, or proprietary data critical

More information

Computer Security Incident Response Plan. Date of Approval: 23- FEB- 2015

Computer Security Incident Response Plan. Date of Approval: 23- FEB- 2015 Name of Approver: Mary Ann Blair Date of Approval: 23- FEB- 2015 Date of Review: 22- FEB- 2015 Effective Date: 23- FEB- 2015 Name of Reviewer: John Lerchey Table of Contents Table of Contents... 2 Introduction...

More information

ISOO Notice 2015-04: Update on Recent Cyber Incidents at OPM

ISOO Notice 2015-04: Update on Recent Cyber Incidents at OPM ISOO Notice 2015-04: Update on Recent Cyber Incidents at OPM July 10, 2015 The following notice provides an update on the recent cyber incidents at the U.S. Office of Personnel Management (OPM). The information

More information

Under the Hood of the IBM Threat Protection System

Under the Hood of the IBM Threat Protection System Under the Hood of the System The Nuts and Bolts of the Dynamic Attack Chain 1 Balazs Csendes IBM Security Intelligence Leader, CEE balazs.csendes@cz.ibm.com 1 You are an... IT Security Manager at a retailer

More information

Update on Anthem Cyber Attack General Information for Clients and Brokers

Update on Anthem Cyber Attack General Information for Clients and Brokers Update on Anthem Cyber Attack General Information for Clients and Brokers February 20, 2015 What happened? Anthem, Inc. was the victim of a cyber attack. Anthem discovered that one of its database warehouses

More information

Things To Do After You ve Been Hacked

Things To Do After You ve Been Hacked Problem: You ve been hacked! Now what? Solution: Proactive, automated incident response from inside the network Things To Do After You ve Been Hacked Tube web share It only takes one click to compromise

More information

Data Security Breaches: Learn more about two new regulations and how to help reduce your risks

Data Security Breaches: Learn more about two new regulations and how to help reduce your risks Data Security Breaches: Learn more about two new regulations and how to help reduce your risks By Susan Salpeter, Vice President, Zurich Healthcare Risk Management News stories about data security breaches

More information

Integrating MSS, SEP and NGFW to catch targeted APTs

Integrating MSS, SEP and NGFW to catch targeted APTs #SymVisionEmea #SymVisionEmea Integrating MSS, SEP and NGFW to catch targeted APTs Tom Davison Information Security Practice Manager, UK&I Antonio Forzieri EMEA Solution Lead, Cyber Security 2 Information

More information

SECURITY CONSIDERATIONS FOR LAW FIRMS

SECURITY CONSIDERATIONS FOR LAW FIRMS SECURITY CONSIDERATIONS FOR LAW FIRMS Enterprise Risk Management Professional consulting firm that specializes in cyber security Founded in 1998 in Miami, Florida Serves more than 150 clients, locally,

More information

Cyber Threats: Exposures and Breach Costs

Cyber Threats: Exposures and Breach Costs Issue No. 2 THREAT LANDSCAPE Technological developments do not only enhance capabilities for legitimate business they are also tools that may be utilized by those with malicious intent. Cyber-criminals

More information

Enterprise Projects Fiscal Year 2009/2010 Third Quarter Report

Enterprise Projects Fiscal Year 2009/2010 Third Quarter Report Enterprise Projects Fiscal Year 2009/2010 Third Quarter Report Enterprise Projects Fiscal Year 2009/2010 - Third Quarter Report The Enterprise Program Investment Council (EPIC) is responsible for governance

More information

, Dear :

<DATE> <FIRST NAME> <LAST NAME> <ADDRESS LINE 1> <ADDRESS LINE 2> <CITY>, <STATE> <ZIP> Dear <FIRTST NAME> <LAST NAME>: , Dear : You are receiving this letter because computer thieves or hackers have gained access

More information

Anatomy of a Breach: A case study in how to protect your organization. Presented By Greg Sparrow

Anatomy of a Breach: A case study in how to protect your organization. Presented By Greg Sparrow Anatomy of a Breach: A case study in how to protect your organization Presented By Greg Sparrow Agenda Background & Threat landscape Breach: A Case Study Incident Response Best Practices Lessons Learned

More information

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE Solution Brief SUMMARY New security threats demand a new approach to security management. Security teams need a security analytics architecture that can handle

More information

Anatomy of a Hotel Breach

Anatomy of a Hotel Breach Page 1 of 6 Anatomy of a Hotel Breach Written by Sandy B. Garfinkel Monday, 09 June 2014 15:22 Like 0 Tweet 0 0 Data breach incidents have dominated the news in 2014, and they are only becoming more frequent

More information

Cybersecurity. Setting expectations. Are you susceptible to a data breach? Shamoil T. Shipchandler Partner, Bracewell & Giuliani LLP 214.758.

Cybersecurity. Setting expectations. Are you susceptible to a data breach? Shamoil T. Shipchandler Partner, Bracewell & Giuliani LLP 214.758. Cybersecurity Shamoil T. Shipchandler Partner, Bracewell & Giuliani LLP 214.758.1048 Setting expectations Are you susceptible to a data breach? 1 October 7, 2014 Setting expectations Victim Perpetrator

More information

Cybersecurity and Hospitals. What Hospital Trustees Need to Know About Managing Cybersecurity Risk and Response

Cybersecurity and Hospitals. What Hospital Trustees Need to Know About Managing Cybersecurity Risk and Response Cybersecurity and Hospitals What Hospital Trustees Need to Know About Managing Cybersecurity Risk and Response This resources was prepared exclusively for American Hospital Association members by Mary

More information

Cybercrime Security Risks and Challenges Facing Business

Cybercrime Security Risks and Challenges Facing Business Cybercrime Security Risks and Challenges Facing Business Sven Hansen Technical Manager South Africa East Africa Security Conference August 2013 1 Agenda 1 What is Cyber Crime? 2 Cyber Crime Trends 3 Impact

More information

Defensible Strategy To. Cyber Incident Response

Defensible Strategy To. Cyber Incident Response Cyber Incident Response Defensible Strategy To Cyber Incident Response Cyber Incident Response Plans Every company should develop a written plan (cyber incident response plan) that identifies cyber attack

More information

This notice contains important information about the data breaches announced by Home Depot, Kmart and Dairy Queen.

This notice contains important information about the data breaches announced by Home Depot, Kmart and Dairy Queen. RECENT DATA BREACHES This notice contains important information about the data breaches announced by Home Depot, Kmart and Dairy Queen. Data security is a number one priority at Northwest. We take every

More information

OCIE CYBERSECURITY INITIATIVE

OCIE CYBERSECURITY INITIATIVE Topic: Cybersecurity Examinations Key Takeaways: OCIE will be conducting examinations of more than 50 registered brokerdealers and registered investment advisers, focusing on areas related to cybersecurity.

More information

YOUR HIPAA RISK ANALYSIS IN FIVE STEPS

YOUR HIPAA RISK ANALYSIS IN FIVE STEPS Ebook YOUR HIPAA RISK ANALYSIS IN FIVE STEPS A HOW-TO GUIDE FOR YOUR HIPAA RISK ANALYSIS AND MANAGEMENT PLAN 2015 SecurityMetrics YOUR HIPAA RISK ANALYSIS IN FIVE STEPS 1 YOUR HIPAA RISK ANALYSIS IN FIVE

More information

Security Intelligence

Security Intelligence IBM Security Security Intelligence Security for a New Era of Computing Erno Doorenspleet Consulting Security Executive 1 PARADIGM SHIFT in crime Sophistication is INCREASING Attacks are More Targeted Attackers

More information

DATA BREACH: hy you should care!

DATA BREACH: hy you should care! DATA BREACH: hy you should care! Bob Gregg CEO Bob.gregg@idexpertscorp.com 1 Overview Defining the cyber security and Data breach problem The threat source- surprising Potential business impact No one

More information

VA Data Breach Follow-Up. Adair Martinez, Deputy Assistant Secretary for Information Protection and Risk Management Department of Veterans Affairs

VA Data Breach Follow-Up. Adair Martinez, Deputy Assistant Secretary for Information Protection and Risk Management Department of Veterans Affairs VA Data Breach Follow-Up Adair Martinez, Deputy Assistant Secretary for Information Protection and Risk Management Department of Veterans Affairs Incidents In The News - VA Is Not Alone Data HMO Report:

More information

Dealing with Big Data in Cyber Intelligence

Dealing with Big Data in Cyber Intelligence Dealing with Big Data in Cyber Intelligence Greg Day Security CTO, EMEA, Symantec Session ID: HT-303 Session Classification: General Interest What will I take away from this session? What is driving big

More information

DATA BREACH RESPONSE READINESS Is Your Organization Prepared?

DATA BREACH RESPONSE READINESS Is Your Organization Prepared? March 30, 2015 DATA BREACH RESPONSE READINESS Is Your Organization Prepared? Peter Sloan Pete Enko Jeff Jensen Deborah Juhnke The data security imperatives of Prevention, Detection, and Response do not

More information

GAO. INFORMATION SECURITY Persistent Weaknesses Highlight Need for Further Improvement

GAO. INFORMATION SECURITY Persistent Weaknesses Highlight Need for Further Improvement GAO For Release on Delivery Expected at time 1:00 p.m. EDT Thursday, April 19, 2007 United States Government Accountability Office Testimony Before the Subcommittee on Emerging Threats, Cybersecurity,

More information