SlideShare ist ein Scribd-Unternehmen logo

INCIDENT HANDLING IN ORGANISATIONS

•
•
S
Sylvain Martinez

In this presentation we look at how organisations conduct incident handling with a focus on how it applies to businesses in Mauritius

Technologie
1 von 10
Downloaden Sie, um offline zu lesen
Incident Handling in Organisations Dr. Kaleem Usmani Head of CERT-MU
Top Cybersecurity Facts 2018 Source:(CSO from IDG) • Cyber crime damage costs to hit $6 trillion annually by 2021 • Cybersecurity spending to exceed $1 trillion from by 2021 • Human attack surface to reach 6 billion people by 2022 • Cybersecurity Ventures expects ransomware damage costs will rise to $11.5 billion in 2019 and that a business will fall victim to a ransomware attack every 14 seconds by that time. 2
Incidents Types Nuclear Power Steal Plants Solar Power ATM Account Thefts Stock Exchanges Payment Card Accounts Theft of email addresses, passwords Attacks on government sites ( websites defacement) Financial companies Power Grids World most trusted news organizations Zero day threats Advanced Pertinent Threats Ransomwares 3
Incident Handling Framework Layer 1 Preparation • Incident Response Team • Risk Assessment • Compliance • Crisis Management Plan • Technology / Security Tools Layer 2 Identification • Verification • Triage • Decision Making Layer 3 Response • Analysis • Containment • Business Continuity • Eradication • Recovery Layer 4 Review • Assessment of Incident • Legal Aspects • Documentation • Improvement 4
Incident Handling Cycle PHASE 1: PLANNING AND ORGANISATION Decision Making Triage If Incident is valid?Incident is detected Documentation Improvement Create Incident Response Team Training Incident Management Strategy Risk Assessment Compliance Crisis Management Plan Security Tools Yes RecoveryEradication All data is stored Crisis Management Plan Containment strategy – time consuming or incident cannot be contained? Choose Containment Strategy Containment and Business Continuity Analysis of Incident LAYER 1: PREPARATION LAYER 2: IDENTIFICATION LAYER 4: REVIEW LAYER 3: RESPONSE Ends No Yes Yes No Legal Aspects Prosecution? Legal Procedures No Assessment 5
Incident Handling Procedures in Organisations General Procedure…… • Log the incident • Inform the appropriate people • Release of Information • Follow-up Analysis 6
Incident Handling Procedures in Organisations Incident Specific Procedure…… ( Virus family) • Isolate the system • Log all actions • Notify appropriate people • Identify the problem • Contain the virus ( family…..) • Inoculate the System • Return to a Normal Operating Mode • Follow-up Analysis 7
Incident Handling Procedures in Organisations Incident Specific Procedure…… ( Hacking) • Identify Problem • Notify appropriate people • Identify Hacker/Cracker • Log all actions • Notify CERT • Follow-up 8
Incident Handling Procedures in Organisations Reporting Channels ( How it works in the country) • CERT • Law Enforcement • DPPs Office • ISPs 9
Thank You

Empfohlen

Journey to cyber resilience
Journey to cyber resilienceJourney to cyber resilience
Journey to cyber resilience
Andrew Bycroft
 
Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?
PECB
 
Building Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital Economy
Agus Wicaksono
 
Flipping the Economics of Attacks
Flipping the Economics of AttacksFlipping the Economics of Attacks
Flipping the Economics of Attacks
PaloAltoNetworks
 
Symantec Intelligence Report - October 2014
Symantec Intelligence Report - October 2014Symantec Intelligence Report - October 2014
Symantec Intelligence Report - October 2014
Symantec
 
Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity Risks
Matthew Rosenquist
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber Security
Karyl Scott
 
Top 10 Cybersecurity Predictions for 2015
Top 10 Cybersecurity Predictions for 2015Top 10 Cybersecurity Predictions for 2015
Top 10 Cybersecurity Predictions for 2015
Matthew Rosenquist
 

Empfohlen

Journey to cyber resilience
Journey to cyber resilienceJourney to cyber resilience
Journey to cyber resilience
Andrew Bycroft
 
Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?
PECB
 
Building Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital Economy
Agus Wicaksono
 
Flipping the Economics of Attacks
Flipping the Economics of AttacksFlipping the Economics of Attacks
Flipping the Economics of Attacks
PaloAltoNetworks
 
Symantec Intelligence Report - October 2014
Symantec Intelligence Report - October 2014Symantec Intelligence Report - October 2014
Symantec Intelligence Report - October 2014
Symantec
 
Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity Risks
Matthew Rosenquist
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber Security
Karyl Scott
 
Top 10 Cybersecurity Predictions for 2015
Top 10 Cybersecurity Predictions for 2015Top 10 Cybersecurity Predictions for 2015
Top 10 Cybersecurity Predictions for 2015
Matthew Rosenquist
 
Case Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information SecurityCase Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information Security
PECB
 
2017 K12 Educators Security Briefing - Matthew Rosenquist
2017 K12 Educators Security Briefing - Matthew Rosenquist2017 K12 Educators Security Briefing - Matthew Rosenquist
2017 K12 Educators Security Briefing - Matthew Rosenquist
Matthew Rosenquist
 
Improving Cyber Security Literacy in Boards & Executives
Improving Cyber Security Literacy in Boards & ExecutivesImproving Cyber Security Literacy in Boards & Executives
Improving Cyber Security Literacy in Boards & Executives
Tripwire
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
IBM Security
 
When thieves strike: Executive briefing on SWIFT attacks
When thieves strike: Executive briefing on SWIFT attacksWhen thieves strike: Executive briefing on SWIFT attacks
When thieves strike: Executive briefing on SWIFT attacks
Sangram Gayal
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and risk
EY
 
True Cost of Data Breaches
True Cost of Data BreachesTrue Cost of Data Breaches
True Cost of Data Breaches
Matthew Rosenquist
 
Ch&Cie - Cyber Security - CIB - Teaser
Ch&Cie - Cyber Security - CIB - TeaserCh&Cie - Cyber Security - CIB - Teaser
Ch&Cie - Cyber Security - CIB - Teaser
Stephanie Baruk
 
Board and Cyber Security
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber Security
Leon Fouche
 
Vendor Landscape: Email Security Gateway
Vendor Landscape: Email Security GatewayVendor Landscape: Email Security Gateway
Vendor Landscape: Email Security Gateway
Info-Tech Research Group
 
Cyber Liability - Insurance Risk Management and Preparation
Cyber Liability - Insurance Risk Management and PreparationCyber Liability - Insurance Risk Management and Preparation
Cyber Liability - Insurance Risk Management and Preparation
Eric Reehl
 
Improving cyber-security through acquisition
Improving cyber-security through acquisitionImproving cyber-security through acquisition
Improving cyber-security through acquisition
Christopher Dorobek
 
2017 InfraGard Atlanta Conference - Matthew Rosenquist
2017 InfraGard Atlanta Conference - Matthew Rosenquist2017 InfraGard Atlanta Conference - Matthew Rosenquist
2017 InfraGard Atlanta Conference - Matthew Rosenquist
Matthew Rosenquist
 
Cybersecurity 2020: Your Biggest Threats and How You Can Prevent Them
Cybersecurity 2020: Your Biggest Threats and How You Can Prevent Them Cybersecurity 2020: Your Biggest Threats and How You Can Prevent Them
Cybersecurity 2020: Your Biggest Threats and How You Can Prevent Them
SrikanthRaju7
 
Why Startups Need to Strengthen Application Security
Why Startups Need to Strengthen Application SecurityWhy Startups Need to Strengthen Application Security
Why Startups Need to Strengthen Application Security
IndusfacePvtLtd
 
Cybersecurity 2020 the biggest threats to watch out for
Cybersecurity 2020 the biggest threats to watch out forCybersecurity 2020 the biggest threats to watch out for
Cybersecurity 2020 the biggest threats to watch out for
Cigniti Technologies Ltd
 
Cybersecurity & the Board of Directors
Cybersecurity & the Board of DirectorsCybersecurity & the Board of Directors
Cybersecurity & the Board of Directors
Abdul-Hakeem Ajijola
 
Cyber Resilience: A New Perspective on Security
Cyber Resilience: A New Perspective on SecurityCyber Resilience: A New Perspective on Security
Cyber Resilience: A New Perspective on Security
Ina Luft
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
IBM Security
 
Countering Cyber Threats
Countering Cyber ThreatsCountering Cyber Threats
Countering Cyber Threats
Phil Huggins FBCS CITP
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
CMR WORLD TECH
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
PECB
 

Weitere ähnliche Inhalte

Was ist angesagt?

Case Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information SecurityCase Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information Security
PECB
 
Improving Cyber Security Literacy in Boards & Executives
Improving Cyber Security Literacy in Boards & ExecutivesImproving Cyber Security Literacy in Boards & Executives
Improving Cyber Security Literacy in Boards & Executives
Tripwire
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
IBM Security
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and risk
EY
 
Vendor Landscape: Email Security Gateway
Vendor Landscape: Email Security GatewayVendor Landscape: Email Security Gateway
Vendor Landscape: Email Security Gateway
Info-Tech Research Group
 
Cyber Resilience: A New Perspective on Security
Cyber Resilience: A New Perspective on SecurityCyber Resilience: A New Perspective on Security
Cyber Resilience: A New Perspective on Security
Ina Luft
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
IBM Security
 

Was ist angesagt? (19)

Case Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information SecurityCase Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information Security
 
2017 K12 Educators Security Briefing - Matthew Rosenquist
2017 K12 Educators Security Briefing - Matthew Rosenquist2017 K12 Educators Security Briefing - Matthew Rosenquist
2017 K12 Educators Security Briefing - Matthew Rosenquist
 
Improving Cyber Security Literacy in Boards & Executives
Improving Cyber Security Literacy in Boards & ExecutivesImproving Cyber Security Literacy in Boards & Executives
Improving Cyber Security Literacy in Boards & Executives
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
 
When thieves strike: Executive briefing on SWIFT attacks
When thieves strike: Executive briefing on SWIFT attacksWhen thieves strike: Executive briefing on SWIFT attacks
When thieves strike: Executive briefing on SWIFT attacks
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and risk
 
True Cost of Data Breaches
True Cost of Data BreachesTrue Cost of Data Breaches
True Cost of Data Breaches
 
Ch&Cie - Cyber Security - CIB - Teaser
Ch&Cie - Cyber Security - CIB - TeaserCh&Cie - Cyber Security - CIB - Teaser
Ch&Cie - Cyber Security - CIB - Teaser
 
Board and Cyber Security
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber Security
 
Vendor Landscape: Email Security Gateway
Vendor Landscape: Email Security GatewayVendor Landscape: Email Security Gateway
Vendor Landscape: Email Security Gateway
 
Cyber Liability - Insurance Risk Management and Preparation
Cyber Liability - Insurance Risk Management and PreparationCyber Liability - Insurance Risk Management and Preparation
Cyber Liability - Insurance Risk Management and Preparation
 
Improving cyber-security through acquisition
Improving cyber-security through acquisitionImproving cyber-security through acquisition
Improving cyber-security through acquisition
 
2017 InfraGard Atlanta Conference - Matthew Rosenquist
2017 InfraGard Atlanta Conference - Matthew Rosenquist2017 InfraGard Atlanta Conference - Matthew Rosenquist
2017 InfraGard Atlanta Conference - Matthew Rosenquist
 
Cybersecurity 2020: Your Biggest Threats and How You Can Prevent Them
Cybersecurity 2020: Your Biggest Threats and How You Can Prevent Them Cybersecurity 2020: Your Biggest Threats and How You Can Prevent Them
Cybersecurity 2020: Your Biggest Threats and How You Can Prevent Them
 
Why Startups Need to Strengthen Application Security
Why Startups Need to Strengthen Application SecurityWhy Startups Need to Strengthen Application Security
Why Startups Need to Strengthen Application Security
 
Cybersecurity 2020 the biggest threats to watch out for
Cybersecurity 2020 the biggest threats to watch out forCybersecurity 2020 the biggest threats to watch out for
Cybersecurity 2020 the biggest threats to watch out for
 
Cybersecurity & the Board of Directors
Cybersecurity & the Board of DirectorsCybersecurity & the Board of Directors
Cybersecurity & the Board of Directors
 
Cyber Resilience: A New Perspective on Security
Cyber Resilience: A New Perspective on SecurityCyber Resilience: A New Perspective on Security
Cyber Resilience: A New Perspective on Security
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
 

Ă„hnlich wie INCIDENT HANDLING IN ORGANISATIONS

Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
PECB
 
Ask the Experts final
Ask the Experts finalAsk the Experts final
Ask the Experts final
Daren Dunkel
 
Effects of IT Governance Measures on Cyber-attack Incidents
Effects of IT Governance Measures on Cyber-attack IncidentsEffects of IT Governance Measures on Cyber-attack Incidents
Effects of IT Governance Measures on Cyber-attack Incidents
The International Journal of Business Management and Technology
 
What Are Cyber Attacks All About? | Cyberroot Risk Advisory
What Are Cyber Attacks All About? | Cyberroot Risk AdvisoryWhat Are Cyber Attacks All About? | Cyberroot Risk Advisory
What Are Cyber Attacks All About? | Cyberroot Risk Advisory
CR Group
 
Cybersecurity Landscape for Canadian Business
Cybersecurity Landscape for Canadian BusinessCybersecurity Landscape for Canadian Business
Cybersecurity Landscape for Canadian Business
Infinity Network Solutions
 

Ă„hnlich wie INCIDENT HANDLING IN ORGANISATIONS (20)

Countering Cyber Threats
Countering Cyber ThreatsCountering Cyber Threats
Countering Cyber Threats
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
 
Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.
 
Ask the Experts final
Ask the Experts finalAsk the Experts final
Ask the Experts final
 
Dell Technologies Cyber Security playbook
Dell Technologies Cyber Security playbookDell Technologies Cyber Security playbook
Dell Technologies Cyber Security playbook
 
Effects of IT Governance Measures on Cyber-attack Incidents
Effects of IT Governance Measures on Cyber-attack IncidentsEffects of IT Governance Measures on Cyber-attack Incidents
Effects of IT Governance Measures on Cyber-attack Incidents
 
A1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for CybersecurityA1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for Cybersecurity
 
2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for Insurance2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for Insurance
 
Cyber Risk for Construction Industry
Cyber Risk for Construction Industry Cyber Risk for Construction Industry
Cyber Risk for Construction Industry
 
Combating Cybersecurity Challenges with Advanced Analytics
Combating Cybersecurity Challenges with Advanced AnalyticsCombating Cybersecurity Challenges with Advanced Analytics
Combating Cybersecurity Challenges with Advanced Analytics
 
IBM Security Services
IBM Security ServicesIBM Security Services
IBM Security Services
 
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
 
Commercial Real Estate - Cyber Risk 2020
Commercial Real Estate - Cyber Risk 2020Commercial Real Estate - Cyber Risk 2020
Commercial Real Estate - Cyber Risk 2020
 
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
 
What Are Cyber Attacks All About? | Cyberroot Risk Advisory
What Are Cyber Attacks All About? | Cyberroot Risk AdvisoryWhat Are Cyber Attacks All About? | Cyberroot Risk Advisory
What Are Cyber Attacks All About? | Cyberroot Risk Advisory
 
Cyber security master class 2018
Cyber security master class 2018Cyber security master class 2018
Cyber security master class 2018
 
The State of Data Security
The State of Data SecurityThe State of Data Security
The State of Data Security
 
Cybersecurity Landscape for Canadian Business
Cybersecurity Landscape for Canadian BusinessCybersecurity Landscape for Canadian Business
Cybersecurity Landscape for Canadian Business
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago Cavanna
 

Mehr von Sylvain Martinez

Mehr von Sylvain Martinez (20)

PROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYPROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITY
 
INTRODUCTION TO CRYPTOGRAPHY
INTRODUCTION TO CRYPTOGRAPHYINTRODUCTION TO CRYPTOGRAPHY
INTRODUCTION TO CRYPTOGRAPHY
 
INCIDENT RESPONSE NIST IMPLEMENTATION
INCIDENT RESPONSE NIST IMPLEMENTATIONINCIDENT RESPONSE NIST IMPLEMENTATION
INCIDENT RESPONSE NIST IMPLEMENTATION
 
DATA LOSS PREVENTION OVERVIEW
DATA LOSS PREVENTION OVERVIEWDATA LOSS PREVENTION OVERVIEW
DATA LOSS PREVENTION OVERVIEW
 
2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW
 
INCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTSINCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTS
 
PHISHING PROTECTION
PHISHING PROTECTIONPHISHING PROTECTION
PHISHING PROTECTION
 
VIRTUAL CISO AND OTHER KEY CYBER ROLES
VIRTUAL CISO AND OTHER KEY CYBER ROLESVIRTUAL CISO AND OTHER KEY CYBER ROLES
VIRTUAL CISO AND OTHER KEY CYBER ROLES
 
INCIDENT RESPONSE OVERVIEW
INCIDENT RESPONSE OVERVIEWINCIDENT RESPONSE OVERVIEW
INCIDENT RESPONSE OVERVIEW
 
OFFENSIVE IDS
OFFENSIVE IDSOFFENSIVE IDS
OFFENSIVE IDS
 
IOT Security
IOT SecurityIOT Security
IOT Security
 
ARE YOU RED TEAM READY?
ARE YOU RED TEAM READY?ARE YOU RED TEAM READY?
ARE YOU RED TEAM READY?
 
GDPR SECURITY ISSUES
GDPR SECURITY ISSUESGDPR SECURITY ISSUES
GDPR SECURITY ISSUES
 
Mobile Security Assessment
Mobile Security AssessmentMobile Security Assessment
Mobile Security Assessment
 
The Art of CTF
The Art of CTFThe Art of CTF
The Art of CTF
 
OFFICE 365 SECURITY
OFFICE 365 SECURITYOFFICE 365 SECURITY
OFFICE 365 SECURITY
 
Risk on Crypto Currencies
Risk on Crypto CurrenciesRisk on Crypto Currencies
Risk on Crypto Currencies
 
INTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSINTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICS
 
Talk1 esc7 muscl-gdpr_debate_v1_2
Talk1 esc7 muscl-gdpr_debate_v1_2Talk1 esc7 muscl-gdpr_debate_v1_2
Talk1 esc7 muscl-gdpr_debate_v1_2
 
Talk1 esc7 muscl-dataprotection_v1_2
Talk1 esc7 muscl-dataprotection_v1_2Talk1 esc7 muscl-dataprotection_v1_2
Talk1 esc7 muscl-dataprotection_v1_2
 

KĂĽrzlich hochgeladen

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

KĂĽrzlich hochgeladen (20)

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 

INCIDENT HANDLING IN ORGANISATIONS

  • 1. Incident Handling in Organisations Dr. Kaleem Usmani Head of CERT-MU
  • 2. Top Cybersecurity Facts 2018 Source:(CSO from IDG) • Cyber crime damage costs to hit $6 trillion annually by 2021 • Cybersecurity spending to exceed $1 trillion from by 2021 • Human attack surface to reach 6 billion people by 2022 • Cybersecurity Ventures expects ransomware damage costs will rise to $11.5 billion in 2019 and that a business will fall victim to a ransomware attack every 14 seconds by that time. 2
  • 3. Incidents Types Nuclear Power Steal Plants Solar Power ATM Account Thefts Stock Exchanges Payment Card Accounts Theft of email addresses, passwords Attacks on government sites ( websites defacement) Financial companies Power Grids World most trusted news organizations Zero day threats Advanced Pertinent Threats Ransomwares 3
  • 4. Incident Handling Framework Layer 1 Preparation • Incident Response Team • Risk Assessment • Compliance • Crisis Management Plan • Technology / Security Tools Layer 2 Identification • Verification • Triage • Decision Making Layer 3 Response • Analysis • Containment • Business Continuity • Eradication • Recovery Layer 4 Review • Assessment of Incident • Legal Aspects • Documentation • Improvement 4
  • 5. Incident Handling Cycle PHASE 1: PLANNING AND ORGANISATION Decision Making Triage If Incident is valid?Incident is detected Documentation Improvement Create Incident Response Team Training Incident Management Strategy Risk Assessment Compliance Crisis Management Plan Security Tools Yes RecoveryEradication All data is stored Crisis Management Plan Containment strategy – time consuming or incident cannot be contained? Choose Containment Strategy Containment and Business Continuity Analysis of Incident LAYER 1: PREPARATION LAYER 2: IDENTIFICATION LAYER 4: REVIEW LAYER 3: RESPONSE Ends No Yes Yes No Legal Aspects Prosecution? Legal Procedures No Assessment 5
  • 6. Incident Handling Procedures in Organisations General Procedure…… • Log the incident • Inform the appropriate people • Release of Information • Follow-up Analysis 6
  • 7. Incident Handling Procedures in Organisations Incident Specific Procedure…… ( Virus family) • Isolate the system • Log all actions • Notify appropriate people • Identify the problem • Contain the virus ( family…..) • Inoculate the System • Return to a Normal Operating Mode • Follow-up Analysis 7
  • 8. Incident Handling Procedures in Organisations Incident Specific Procedure…… ( Hacking) • Identify Problem • Notify appropriate people • Identify Hacker/Cracker • Log all actions • Notify CERT • Follow-up 8
  • 9. Incident Handling Procedures in Organisations Reporting Channels ( How it works in the country) • CERT • Law Enforcement • DPPs Office • ISPs 9