Information Risk Management

Transcription

1 Information Risk Management Prepare, Partner, Evolve EMC Conference 10 February 2016 Dennis van Ham The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation <COMPANY> Advisory N.V., registered with the trade register in The Netherlands under number , is a member firm of the <COMPANY> network of independent member firms affiliated with <COMPANY> International Cooperative ( <COMPANY> International ), a Swiss entity. All rights reserved. Printed in The Netherlands. The <COMPANY> name, logo and cutting through complexity are registered trademarks of <COMPANY>

2 KEY SECURITY TRENDS Rapid technology change Governments intervene Beyond protection Digital transformation dramatically expands threat landscape Technology increasingly becomes an integral part of even the most mundane everyday activities, resulting in an expanded and more complex threat landscape. Governments become increasingly interventionist Governments adopt a more intrusive approach to organisations, which is often justified as combating organised crime or deterring anti-competitive practices. Ability to protect is progressively compromised Established methods of information risk management are eroded or compromised by internal or external non-malicious actors. Source: ISF Threat Horizon 2018 January

3 INFORMATION RISK MANAGEMENT CONSIDERATIONS Protection & Defense Human factor is weakest link, unless Shift from prevent to detect & respond Cooperation is required ISAC, Sector, Government, (IT-) partners Protect your crown jewels How to react if you are hacked (and you will) Response 3

4 INFORMATION RISK MANAGEMENT BEYOND PROTECTION Protect & Defend Technical Controls Behavioural Controls Beyond protection Respond Immediate Incident Response Investigations 4

5 DIGITAL FORENSIC READINESS (DFR) PREPARE DFR the state in which you are properly prepared to handle upcoming digital incidents KPMG Advisory N.V., registered with the trade register in the Netherlands under number , is a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. Printed in the Netherlands. 5

6 IMPACT MITIGATION & FUTURE PREVENTION INCREASED SITUATIONAL AWARENESS WITHIN A COMPANY LESSONS LEARNED FROM THE PAST INCIDENT EXPERIENCES VOLUNTARILY SHARING INCIDENT INFORMATION ACROSS INDUSTRIES REGULATORY COMPLIANCE EU: GENERAL DATA PROTECTION REGULATION THE USA SEC: MATERIAL DATA BREACHES DISCLOSURE WHY DFR? 6 6

7 COST EFFICIENCY TIMELY VS. SPEEDY INCIDENT RESPONSE SKILLED TEAMS FOR ANALYSIS, RESPONSE & RECOVERY REPUTATION RESTORE THE CONFIDENCE & TRUST OF KEY STAKEHOLDERS SUSTAINABILITY INDUSTRIAL CONTROL SYSTEMS & SCADA INCIDENTS SUSTAINABLE SECURITY PRACTICES WHY DFR? 7 7

8 STEP 1 PREPARE Roles Skills Locations Comms Analysis Logs Approach Strategic Sources Tactical Playbooks Operational 8

9 PLAYBOOK RECIPE FOR A SUCCESSFUL RESPONSE 9

10 STEP 2 PARTNER Digital Forensic Readiness combines: - Business Continuity Management - Incident Response - Forensics - Public Relations - Legal YOU CANNOT DO ALL BY YOURSELF! 10

11 STEP 2 KPN AS BUSINESS CONTINUITY PARTNER BCM as-a-service Nr. 1 in Nederland with 35 years of experience Direct and scalable capacity Multi platform support Dutch laws and regulations Extension with KPN security portfolio Storage in Dutch datacenters Bundeling with co location, hosting, CloudNL... 11

12 STEP 2 FIND THE RIGHT PARTNERS FOR YOUR ECOSYSTEM Cyber security advisory Training Runbooks BC/DR templates supportive tooling Managed Back Up & DR Services Synergy Hardware Tooling Technology 12

13 STEP 3 EVOLVE Keep track of all past incidents Discuss & rehearse internally Discuss & rehearse with peers and partners Evaluate feedback Adjust forensic readiness based on the lessons learned 13

14 AND IF IT HAPPENS... Whatever comes your way, there will be no nasty surprises. Costs and damage from the incident are kept to a minimum. You will remain in control. 14

15 Dennis van Ham Tel: vanham.dennis@kpmg.nl Thijs Timmerman Tel: timmerman.thijs@kpmg.nl QUESTIONS Jeroen de Wit dewit.jeroen@kpmg.nl Looking forward to meeting you at our booth 15