SlideShare a Scribd company logo

Takeaways from a Simulated Cyber Attack

Boston Consulting Group
Boston Consulting Group

Explore the key lessons gleaned from the cyber attack simulation exercise at the CyberCanada Senior Leadership Summit

Business
1 of 10
MARCH 1, 2018 Summary Report Cyber attack simulation exercise
1 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. The CyberCanada attack simulation exercise was attended by 100+ Canadian leaders representing a wide-range of organizations from both the private and public sector. Some of the views shared by participants, and captured here, may appear to be conflicting. This is a reflection of different opinions voiced and/or differences between the various individuals and groups represented. A short recap of the learning objectives, feedback shared by attendees during the module readouts, and questions to consider asking your organizations have been included in this short report. To ensure privacy, opinions have not been attributed to any individuals. A brief summary of the discussions during the CyberCanada attack simulation exercise
2 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Recap: the Table Top eXercise (TTX) had specific learning objectives Experience what your management team goes through when under cyberattack • Basic cybersecurity concepts • Cybersecurity as a strategic business risk • The impacts of people, culture, process, procedures and technology on cyber resilience • How to advance cyber resilience beyond the technical part The Experience Understand by doing
3 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Module 1: The Compromise Strengths and weaknesses of CEO's communications • Strengths: out in front, confident, clear, available, took ownership • Weaknesses: other management was not informed, too much information was shared, not enough assurance, not genuine enough, lack of preparation, false statements made Responsibilities of the Management Board • Ensure business continuity • Determine regulatory reporting requirements • Decide on internal communications • Get handle on scope, control the message • Engage the Board What will you do next? • Impact assessment from BUs + Functions • Determine what insurance the company has • Consult legal counsel • Solicit Public Relations support • Determine recovery and comms plans • Determine plan of action • Decide what should be the cadence for updates Summary of responses shared during Module 1 3 2 1
4 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Module 2: The Briefing Views regarding ransom payment and who should make the decision • Much disagreement on whether or not to pay the ransom • Ransom payment considerations: assess the financial impact with cost/benefit analysis, will we get back the data, can operations resume without paying, who is the attacker, ask for extension on deadline, discuss with law enforcement • Who should make decision: some said Board should decide, others said C-Suite should decide with advice from Board Thoughts on engaging the community • Engage the entire ecosystem • Third parties: cybersecurity consultants, legal, PR, insurance, law enforcement, call centers, ransom negotiator • Stakeholders: employees, customers, partners, suppliers, shareholders, government, regulators What are next steps? • Assess the business impact and set long-term strategy • Get back to operations, assign responsible parties • Look at the culture that allowed this to happen • Fire the CEO 3 2 1 Summary of responses shared during Module 2
5 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Module 3: The Response Experts you would contact during a cyber attack and when • Engage law enforcement early; they have intel • Crisis response consultants and forensics teams can help • Different responses for different jurisdictions and industries • Prepare before the attack: meet with law enforcement and establish the relationship beforehand • Collaborate with industry partners Following this exercise, what will you do differently? • Ask the organization questions about cybersecurity • Raise cybersecurity to the Board level • “Culture is to punish the victim” has to stop • Establish relationships with law enforcement and national CERT • Don't wait for an attack to happen, plan incident response now • Set cybersecurity long-term vision/strategy; and be agile • Cybersecurity is not a cost center; it's a business enabler How has digitalization impacted cybersecurity and business strategy? • Increased the number of unknowns and interdependencies • Has caused information overload creating a need to educate the public • IoT has increased the risk by increasing the attack surface Summary of responses shared during Module 3 3 2 1
6 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Key questions you should be asking your organization Crown jewels How does your organization know which systems, data, and assets have the most value and do you conduct tests on breaching those systems? Technology How are the users of your cybersecurity tools properly trained on how to get the best results from them? Culture How is cybersecurity ingrained into the culture of your organization the same way as safety, quality, ethics and compliance? Third parties How do you secure suppliers, acquisitions, business partners, and customers with the same rigor as you secure your enterprise? Design for Cyber How are your products, networks, and systems designed with cybersecurity in mind—from the first design concept meeting through every stage? Business enabler How have you integrated cybersecurity into your business strategy so that your business can safely and securely innovate and grow faster? Consequences How do you optimize your budget between reducing vulnerabilities and reducing the consequences of a breach? Preparation What kind of plans do you have in place for incident response, business continuity & disaster recovery? Do you regularly practice executing these plans?
7 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Boards are in a unique strategic position to improve cyber resilience. And they are ultimately responsible for cyber risk in their companies BCG jointly with the Forum established 10 Board Principles for cyber resilience • Responsibility for Cyber Resilience • Command of the Subject • Accountable officer • Integration of Cyber Resilience • Risk assessment and reporting • Risk appetite • Resilience plans • Community • Review • Effectiveness See also the Forum's comprehensive report on "Advancing Cyber Resilience: Principles and Tools for Boards" (2017) Source: BCG and World Economic Forum See the publication at: http://www3.weforum.org/docs/IP/2017/Adv_Cyber_Resilience_Principles-Tools.pdf 1 2 3 4 6 5 8 7 9 10
8 The services and materials provided by The Boston Consulting Group (BCG) are subject to BCG's Standard Terms (a copy of which is available upon request) or such other agreement as may have been previously executed by BCG. BCG does not provide legal, accounting, or tax advice. The Client is responsible for obtaining independent advice concerning these matters. This advice may affect the guidance given by BCG. Further, BCG has made no undertaking to update these materials after the date hereof, notwithstanding that such information may become outdated or inaccurate. The materials contained in this presentation are designed for the sole use by the board of directors or senior management of the Client and solely for the limited purposes described in the presentation. The materials shall not be copied or given to any person or entity other than the Client (“Third Party”) without the prior written consent of BCG. These materials serve only as the focus for discussion; they are incomplete without the accompanying oral commentary and may not be relied on as a stand-alone document. Further, Third Parties may not, and it is unreasonable for any Third Party to, rely on these materials for any purpose whatsoever. To the fullest extent permitted by law (and except to the extent otherwise agreed in a signed writing by BCG), BCG shall have no liability whatsoever to any Third Party, and any Third Party hereby waives any rights and claims it may have at any time against BCG with regard to the services, this presentation, or other materials, including the accuracy or completeness thereof. Receipt and review of this document shall be deemed agreement with and consideration for the foregoing. BCG does not provide fairness opinions or valuations of market transactions, and these materials should not be relied on or construed as such. Further, the financial evaluations, projected market and financial information, and conclusions contained in these materials are based upon standard valuation methodologies, are not definitive forecasts, and are not guaranteed by BCG. BCG has used public and/or confidential data and assumptions provided to BCG by the Client. BCG has not independently verified the data and assumptions used in these analyses. Changes in the underlying data or operating assumptions will clearly impact the analyses and conclusions. Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved.
bcg.com

Recommended

Bain & Co. GDRoadshow Presentation
Bain & Co. GDRoadshow PresentationBain & Co. GDRoadshow Presentation
Bain & Co. GDRoadshow PresentationGlassdoor
 
Bcg cfa perth presentation
Bcg cfa perth presentationBcg cfa perth presentation
Bcg cfa perth presentationFelipe Sotelo A.
 
Digital Europe: Pushing the frontier, capturing the benefits
Digital Europe: Pushing the frontier, capturing the benefitsDigital Europe: Pushing the frontier, capturing the benefits
Digital Europe: Pushing the frontier, capturing the benefitsMcKinsey & Company
 
18th Annual Global CEO Survey - Technology industry key findings
18th Annual Global CEO Survey - Technology industry key findings18th Annual Global CEO Survey - Technology industry key findings
18th Annual Global CEO Survey - Technology industry key findingsPwC
 
Sprinting to Value in Industry 4.0
Sprinting to Value in Industry 4.0Sprinting to Value in Industry 4.0
Sprinting to Value in Industry 4.0Boston Consulting Group
 
#BainWebinar Procurement Best Practices Through Covid19
#BainWebinar Procurement Best Practices Through Covid19 #BainWebinar Procurement Best Practices Through Covid19
#BainWebinar Procurement Best Practices Through Covid19 Bain & Company Brasil
 
BCG Telco Sustainability Index
BCG Telco Sustainability IndexBCG Telco Sustainability Index
BCG Telco Sustainability IndexBoston Consulting Group
 
Navigating a digital-first home furnishings market
Navigating a digital-first home furnishings market Navigating a digital-first home furnishings market
Navigating a digital-first home furnishings market L.E.K. Consulting
 

Recommended

Bain & Co. GDRoadshow Presentation
Bain & Co. GDRoadshow PresentationBain & Co. GDRoadshow Presentation
Bain & Co. GDRoadshow PresentationGlassdoor
 
Bcg cfa perth presentation
Bcg cfa perth presentationBcg cfa perth presentation
Bcg cfa perth presentationFelipe Sotelo A.
 
Digital Europe: Pushing the frontier, capturing the benefits
Digital Europe: Pushing the frontier, capturing the benefitsDigital Europe: Pushing the frontier, capturing the benefits
Digital Europe: Pushing the frontier, capturing the benefitsMcKinsey & Company
 
18th Annual Global CEO Survey - Technology industry key findings
18th Annual Global CEO Survey - Technology industry key findings18th Annual Global CEO Survey - Technology industry key findings
18th Annual Global CEO Survey - Technology industry key findingsPwC
 
Sprinting to Value in Industry 4.0
Sprinting to Value in Industry 4.0Sprinting to Value in Industry 4.0
Sprinting to Value in Industry 4.0Boston Consulting Group
 
#BainWebinar Procurement Best Practices Through Covid19
#BainWebinar Procurement Best Practices Through Covid19 #BainWebinar Procurement Best Practices Through Covid19
#BainWebinar Procurement Best Practices Through Covid19 Bain & Company Brasil
 
BCG Telco Sustainability Index
BCG Telco Sustainability IndexBCG Telco Sustainability Index
BCG Telco Sustainability IndexBoston Consulting Group
 
Navigating a digital-first home furnishings market
Navigating a digital-first home furnishings market Navigating a digital-first home furnishings market
Navigating a digital-first home furnishings market L.E.K. Consulting
 
2019 CPG Growth Leaders Report
2019 CPG Growth Leaders Report2019 CPG Growth Leaders Report
2019 CPG Growth Leaders ReportBoston Consulting Group
 
North America Mortgage Banking 2020: Convergent Disruption in the Credit Indu...
North America Mortgage Banking 2020: Convergent Disruption in the Credit Indu...North America Mortgage Banking 2020: Convergent Disruption in the Credit Indu...
North America Mortgage Banking 2020: Convergent Disruption in the Credit Indu...accenture
 
Bcg good
Bcg goodBcg good
Bcg goodtheojack
 
Strategy Study 2014 | A.T. Kearney
Strategy Study 2014 | A.T. KearneyStrategy Study 2014 | A.T. Kearney
Strategy Study 2014 | A.T. KearneyKearney
 
What’s Chipping Away at Automotive Production
What’s Chipping Away at Automotive ProductionWhat’s Chipping Away at Automotive Production
What’s Chipping Away at Automotive ProductionBoston Consulting Group
 
Boston Consulting Group – Critical Business Response
Boston Consulting Group – Critical Business ResponseBoston Consulting Group – Critical Business Response
Boston Consulting Group – Critical Business ResponseBradFord16
 
Overview of M&A, 2016
Overview of M&A, 2016Overview of M&A, 2016
Overview of M&A, 2016McKinsey & Company
 
Private Sector Opportunity to Improve Well-Being
Private Sector Opportunity to Improve Well-Being Private Sector Opportunity to Improve Well-Being
Private Sector Opportunity to Improve Well-Being Boston Consulting Group
 
Addressing Homelessness in King County
Addressing Homelessness in King CountyAddressing Homelessness in King County
Addressing Homelessness in King CountyMcKinsey & Company
 
Fintech New York: Partnerships, Platforms and Open Innovation
Fintech New York: Partnerships, Platforms and Open InnovationFintech New York: Partnerships, Platforms and Open Innovation
Fintech New York: Partnerships, Platforms and Open Innovationaccenture
 
Accelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesAccelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesMcKinsey & Company
 
Australia: Taking Bigger Steps | A.T. Kearney
Australia: Taking Bigger Steps | A.T. KearneyAustralia: Taking Bigger Steps | A.T. Kearney
Australia: Taking Bigger Steps | A.T. KearneyKearney
 
2018 Local Dynamos: Emerging-Market Companies Up Their Game
2018 Local Dynamos: Emerging-Market Companies Up Their Game2018 Local Dynamos: Emerging-Market Companies Up Their Game
2018 Local Dynamos: Emerging-Market Companies Up Their GameBoston Consulting Group
 
The Great Mobility Tech Race: Winning the battle for future profits
The Great Mobility Tech Race: Winning the battle for future profitsThe Great Mobility Tech Race: Winning the battle for future profits
The Great Mobility Tech Race: Winning the battle for future profitsBoston Consulting Group
 
Accelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesAccelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesMcKinsey & Company
 
Overview of bain & company
Overview of bain & companyOverview of bain & company
Overview of bain & companyCRISIL Limited
 
BCG Telco Sustainability Index
BCG Telco Sustainability IndexBCG Telco Sustainability Index
BCG Telco Sustainability IndexBoston Consulting Group
 
Cracking the Code on Consumer Fraud | Accenture
Cracking the Code on Consumer Fraud | AccentureCracking the Code on Consumer Fraud | Accenture
Cracking the Code on Consumer Fraud | Accentureaccenture
 
How Companies in Emerging Markets Are Winning at Home
How Companies in Emerging Markets Are Winning at HomeHow Companies in Emerging Markets Are Winning at Home
How Companies in Emerging Markets Are Winning at HomeBoston Consulting Group
 
EY Germany FinTech Landscape
EY Germany FinTech LandscapeEY Germany FinTech Landscape
EY Germany FinTech LandscapeEY
 
A Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveA Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveDawn Yankeelov
 
Workshop B: Jill Cuthbert, Citi
Workshop B: Jill Cuthbert, CitiWorkshop B: Jill Cuthbert, Citi
Workshop B: Jill Cuthbert, CitiStuart Reid
 

More Related Content

What's hot

North America Mortgage Banking 2020: Convergent Disruption in the Credit Indu...
North America Mortgage Banking 2020: Convergent Disruption in the Credit Indu...North America Mortgage Banking 2020: Convergent Disruption in the Credit Indu...
North America Mortgage Banking 2020: Convergent Disruption in the Credit Indu...accenture
 
Strategy Study 2014 | A.T. Kearney
Strategy Study 2014 | A.T. KearneyStrategy Study 2014 | A.T. Kearney
Strategy Study 2014 | A.T. KearneyKearney
 
What’s Chipping Away at Automotive Production
What’s Chipping Away at Automotive ProductionWhat’s Chipping Away at Automotive Production
What’s Chipping Away at Automotive ProductionBoston Consulting Group
 
Boston Consulting Group – Critical Business Response
Boston Consulting Group – Critical Business ResponseBoston Consulting Group – Critical Business Response
Boston Consulting Group – Critical Business ResponseBradFord16
 
Private Sector Opportunity to Improve Well-Being
Private Sector Opportunity to Improve Well-Being Private Sector Opportunity to Improve Well-Being
Private Sector Opportunity to Improve Well-Being Boston Consulting Group
 
Addressing Homelessness in King County
Addressing Homelessness in King CountyAddressing Homelessness in King County
Addressing Homelessness in King CountyMcKinsey & Company
 
Fintech New York: Partnerships, Platforms and Open Innovation
Fintech New York: Partnerships, Platforms and Open InnovationFintech New York: Partnerships, Platforms and Open Innovation
Fintech New York: Partnerships, Platforms and Open Innovationaccenture
 
Accelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesAccelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesMcKinsey & Company
 
Australia: Taking Bigger Steps | A.T. Kearney
Australia: Taking Bigger Steps | A.T. KearneyAustralia: Taking Bigger Steps | A.T. Kearney
Australia: Taking Bigger Steps | A.T. KearneyKearney
 
2018 Local Dynamos: Emerging-Market Companies Up Their Game
2018 Local Dynamos: Emerging-Market Companies Up Their Game2018 Local Dynamos: Emerging-Market Companies Up Their Game
2018 Local Dynamos: Emerging-Market Companies Up Their GameBoston Consulting Group
 
The Great Mobility Tech Race: Winning the battle for future profits
The Great Mobility Tech Race: Winning the battle for future profitsThe Great Mobility Tech Race: Winning the battle for future profits
The Great Mobility Tech Race: Winning the battle for future profitsBoston Consulting Group
 
Accelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesAccelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesMcKinsey & Company
 
Overview of bain & company
Overview of bain & companyOverview of bain & company
Overview of bain & companyCRISIL Limited
 
Cracking the Code on Consumer Fraud | Accenture
Cracking the Code on Consumer Fraud | AccentureCracking the Code on Consumer Fraud | Accenture
Cracking the Code on Consumer Fraud | Accentureaccenture
 
How Companies in Emerging Markets Are Winning at Home
How Companies in Emerging Markets Are Winning at HomeHow Companies in Emerging Markets Are Winning at Home
How Companies in Emerging Markets Are Winning at HomeBoston Consulting Group
 
EY Germany FinTech Landscape
EY Germany FinTech LandscapeEY Germany FinTech Landscape
EY Germany FinTech LandscapeEY
 

What's hot (20)

2019 CPG Growth Leaders Report
2019 CPG Growth Leaders Report2019 CPG Growth Leaders Report
2019 CPG Growth Leaders Report
 
North America Mortgage Banking 2020: Convergent Disruption in the Credit Indu...
North America Mortgage Banking 2020: Convergent Disruption in the Credit Indu...North America Mortgage Banking 2020: Convergent Disruption in the Credit Indu...
North America Mortgage Banking 2020: Convergent Disruption in the Credit Indu...
 
Bcg good
Bcg goodBcg good
Bcg good
 
Strategy Study 2014 | A.T. Kearney
Strategy Study 2014 | A.T. KearneyStrategy Study 2014 | A.T. Kearney
Strategy Study 2014 | A.T. Kearney
 
What’s Chipping Away at Automotive Production
What’s Chipping Away at Automotive ProductionWhat’s Chipping Away at Automotive Production
What’s Chipping Away at Automotive Production
 
Boston Consulting Group – Critical Business Response
Boston Consulting Group – Critical Business ResponseBoston Consulting Group – Critical Business Response
Boston Consulting Group – Critical Business Response
 
Overview of M&A, 2016
Overview of M&A, 2016Overview of M&A, 2016
Overview of M&A, 2016
 
Private Sector Opportunity to Improve Well-Being
Private Sector Opportunity to Improve Well-Being Private Sector Opportunity to Improve Well-Being
Private Sector Opportunity to Improve Well-Being
 
Addressing Homelessness in King County
Addressing Homelessness in King CountyAddressing Homelessness in King County
Addressing Homelessness in King County
 
Fintech New York: Partnerships, Platforms and Open Innovation
Fintech New York: Partnerships, Platforms and Open InnovationFintech New York: Partnerships, Platforms and Open Innovation
Fintech New York: Partnerships, Platforms and Open Innovation
 
Accelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesAccelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securities
 
Australia: Taking Bigger Steps | A.T. Kearney
Australia: Taking Bigger Steps | A.T. KearneyAustralia: Taking Bigger Steps | A.T. Kearney
Australia: Taking Bigger Steps | A.T. Kearney
 
2018 Local Dynamos: Emerging-Market Companies Up Their Game
2018 Local Dynamos: Emerging-Market Companies Up Their Game2018 Local Dynamos: Emerging-Market Companies Up Their Game
2018 Local Dynamos: Emerging-Market Companies Up Their Game
 
The Great Mobility Tech Race: Winning the battle for future profits
The Great Mobility Tech Race: Winning the battle for future profitsThe Great Mobility Tech Race: Winning the battle for future profits
The Great Mobility Tech Race: Winning the battle for future profits
 
Accelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesAccelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securities
 
Overview of bain & company
Overview of bain & companyOverview of bain & company
Overview of bain & company
 
BCG Telco Sustainability Index
BCG Telco Sustainability IndexBCG Telco Sustainability Index
BCG Telco Sustainability Index
 
Cracking the Code on Consumer Fraud | Accenture
Cracking the Code on Consumer Fraud | AccentureCracking the Code on Consumer Fraud | Accenture
Cracking the Code on Consumer Fraud | Accenture
 
How Companies in Emerging Markets Are Winning at Home
How Companies in Emerging Markets Are Winning at HomeHow Companies in Emerging Markets Are Winning at Home
How Companies in Emerging Markets Are Winning at Home
 
EY Germany FinTech Landscape
EY Germany FinTech LandscapeEY Germany FinTech Landscape
EY Germany FinTech Landscape
 

Similar to Takeaways from a Simulated Cyber Attack

A Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveA Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveDawn Yankeelov
 
Workshop B: Jill Cuthbert, Citi
Workshop B: Jill Cuthbert, CitiWorkshop B: Jill Cuthbert, Citi
Workshop B: Jill Cuthbert, CitiStuart Reid
 
Cyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework PanelCyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework PanelPaul Di Gangi
 
Implementing and Auditing GDPR Series (8 of 10)
Implementing and Auditing GDPR Series (8 of 10) Implementing and Auditing GDPR Series (8 of 10)
Implementing and Auditing GDPR Series (8 of 10) Jim Kaplan CIA CFE
 
Information Assurance Guidelines For Commercial Buildings...
Information Assurance Guidelines For Commercial Buildings...Information Assurance Guidelines For Commercial Buildings...
Information Assurance Guidelines For Commercial Buildings...Laura Benitez
 
Internet security and privacy issues
Internet security and privacy issuesInternet security and privacy issues
Internet security and privacy issuesJagdeepSingh394
 
Kmicro Cybersecurity Offerings 2020
Kmicro Cybersecurity Offerings 2020Kmicro Cybersecurity Offerings 2020
Kmicro Cybersecurity Offerings 2020Manuel Guillen
 
New Ohio Cybersecurity Law Requirements
New Ohio Cybersecurity Law RequirementsNew Ohio Cybersecurity Law Requirements
New Ohio Cybersecurity Law RequirementsSkoda Minotti
 
Cyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitCyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitKevin Duffey
 
Best practices to mitigate data breach risk
Best practices to mitigate data breach riskBest practices to mitigate data breach risk
Best practices to mitigate data breach riskLivingstone Advisory
 
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec Stakeholders
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec StakeholdersIvanti Webinar - How to Win Budget and Influence Non-InfoSec Stakeholders
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec StakeholdersIvanti
 
CIS 2015- User-centric Privacy of Identity- Jenn Behrens
CIS 2015- User-centric Privacy of Identity- Jenn BehrensCIS 2015- User-centric Privacy of Identity- Jenn Behrens
CIS 2015- User-centric Privacy of Identity- Jenn BehrensCloudIDSummit
 
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...AIIM International
 
Vendor Management - An Overview (Project File)
Vendor Management - An Overview (Project File)Vendor Management - An Overview (Project File)
Vendor Management - An Overview (Project File)Jyoti Kumari
 
8242015 Combating cyber risk in the supply chain ­ Print Art.docx
8242015 Combating cyber risk in the supply chain ­ Print Art.docx8242015 Combating cyber risk in the supply chain ­ Print Art.docx
8242015 Combating cyber risk in the supply chain ­ Print Art.docxevonnehoggarth79783
 
Law Firm Hacked by Cyber Criminals
Law Firm Hacked by Cyber Criminals Law Firm Hacked by Cyber Criminals
Law Firm Hacked by Cyber Criminals Richard Brzakala
 
Executive Perspective Building an OT Security Program from the Top Down
Executive Perspective Building an OT Security Program from the Top DownExecutive Perspective Building an OT Security Program from the Top Down
Executive Perspective Building an OT Security Program from the Top Downaccenture
 

Similar to Takeaways from a Simulated Cyber Attack (20)

A Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveA Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate Perspective
 
Workshop B: Jill Cuthbert, Citi
Workshop B: Jill Cuthbert, CitiWorkshop B: Jill Cuthbert, Citi
Workshop B: Jill Cuthbert, Citi
 
Cyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework PanelCyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework Panel
 
Implementing and Auditing GDPR Series (8 of 10)
Implementing and Auditing GDPR Series (8 of 10) Implementing and Auditing GDPR Series (8 of 10)
Implementing and Auditing GDPR Series (8 of 10)
 
Information Assurance Guidelines For Commercial Buildings...
Information Assurance Guidelines For Commercial Buildings...Information Assurance Guidelines For Commercial Buildings...
Information Assurance Guidelines For Commercial Buildings...
 
Internet security and privacy issues
Internet security and privacy issuesInternet security and privacy issues
Internet security and privacy issues
 
Kmicro Cybersecurity Offerings 2020
Kmicro Cybersecurity Offerings 2020Kmicro Cybersecurity Offerings 2020
Kmicro Cybersecurity Offerings 2020
 
New Ohio Cybersecurity Law Requirements
New Ohio Cybersecurity Law RequirementsNew Ohio Cybersecurity Law Requirements
New Ohio Cybersecurity Law Requirements
 
CIOReview
CIOReviewCIOReview
CIOReview
 
Cyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitCyber Recovery - Legal Toolkit
Cyber Recovery - Legal Toolkit
 
Introducing Ethical Hacking to the Ministry of Defence.pdf
Introducing Ethical Hacking to the Ministry of Defence.pdfIntroducing Ethical Hacking to the Ministry of Defence.pdf
Introducing Ethical Hacking to the Ministry of Defence.pdf
 
Best practices to mitigate data breach risk
Best practices to mitigate data breach riskBest practices to mitigate data breach risk
Best practices to mitigate data breach risk
 
Standards in Third Party Risk - DVV Solutions ISACA North May 19
Standards in Third Party Risk - DVV Solutions ISACA North May 19 Standards in Third Party Risk - DVV Solutions ISACA North May 19
Standards in Third Party Risk - DVV Solutions ISACA North May 19
 
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec Stakeholders
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec StakeholdersIvanti Webinar - How to Win Budget and Influence Non-InfoSec Stakeholders
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec Stakeholders
 
CIS 2015- User-centric Privacy of Identity- Jenn Behrens
CIS 2015- User-centric Privacy of Identity- Jenn BehrensCIS 2015- User-centric Privacy of Identity- Jenn Behrens
CIS 2015- User-centric Privacy of Identity- Jenn Behrens
 
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
 
Vendor Management - An Overview (Project File)
Vendor Management - An Overview (Project File)Vendor Management - An Overview (Project File)
Vendor Management - An Overview (Project File)
 
8242015 Combating cyber risk in the supply chain ­ Print Art.docx
8242015 Combating cyber risk in the supply chain ­ Print Art.docx8242015 Combating cyber risk in the supply chain ­ Print Art.docx
8242015 Combating cyber risk in the supply chain ­ Print Art.docx
 
Law Firm Hacked by Cyber Criminals
Law Firm Hacked by Cyber Criminals Law Firm Hacked by Cyber Criminals
Law Firm Hacked by Cyber Criminals
 
Executive Perspective Building an OT Security Program from the Top Down
Executive Perspective Building an OT Security Program from the Top DownExecutive Perspective Building an OT Security Program from the Top Down
Executive Perspective Building an OT Security Program from the Top Down
 

More from Boston Consulting Group

Sources of advantage in Regulatory Filing Management
Sources of advantage in Regulatory Filing Management Sources of advantage in Regulatory Filing Management
Sources of advantage in Regulatory Filing Management Boston Consulting Group
 
Urban Mobility Is Evolving in Unexpected Ways Due to COVID-19
Urban Mobility Is Evolving in Unexpected Ways Due to COVID-19Urban Mobility Is Evolving in Unexpected Ways Due to COVID-19
Urban Mobility Is Evolving in Unexpected Ways Due to COVID-19Boston Consulting Group
 
Win The Fight: Crush and Contain for Safer Reopening
Win The Fight: Crush and Contain for Safer Reopening Win The Fight: Crush and Contain for Safer Reopening
Win The Fight: Crush and Contain for Safer Reopening Boston Consulting Group
 
Seismic shifts: Retail banking in the wake of COVID-19
Seismic shifts: Retail banking in the wake of COVID-19Seismic shifts: Retail banking in the wake of COVID-19
Seismic shifts: Retail banking in the wake of COVID-19Boston Consulting Group
 
What Does the Recovery of Demand for Urban Mobility Look Like Post-COVID-19?
What Does the Recovery of Demand for Urban Mobility Look Like Post-COVID-19?What Does the Recovery of Demand for Urban Mobility Look Like Post-COVID-19?
What Does the Recovery of Demand for Urban Mobility Look Like Post-COVID-19?Boston Consulting Group
 
Retail Banking in the New Reality – Summary Survey Findings
Retail Banking in the New Reality – Summary Survey FindingsRetail Banking in the New Reality – Summary Survey Findings
Retail Banking in the New Reality – Summary Survey FindingsBoston Consulting Group
 
Unlocking the Hidden Value in Securities Services
Unlocking the Hidden Value in Securities ServicesUnlocking the Hidden Value in Securities Services
Unlocking the Hidden Value in Securities ServicesBoston Consulting Group
 
Navigating the COVID-19 Crisis V2 - April 20
Navigating the COVID-19 Crisis V2 - April 20 Navigating the COVID-19 Crisis V2 - April 20
Navigating the COVID-19 Crisis V2 - April 20 Boston Consulting Group
 
COVID-19 Rapid Response Crisis Checklist
COVID-19 Rapid Response Crisis ChecklistCOVID-19 Rapid Response Crisis Checklist
COVID-19 Rapid Response Crisis ChecklistBoston Consulting Group
 
Covid-19 Is a Call for Retail Banks to Accelerate Digital Transformation
Covid-19 Is a Call for Retail Banks to Accelerate Digital TransformationCovid-19 Is a Call for Retail Banks to Accelerate Digital Transformation
Covid-19 Is a Call for Retail Banks to Accelerate Digital TransformationBoston Consulting Group
 
COVID-19 Rapid Response Checklist for Nonprofits
COVID-19 Rapid Response Checklist for NonprofitsCOVID-19 Rapid Response Checklist for Nonprofits
COVID-19 Rapid Response Checklist for NonprofitsBoston Consulting Group
 
COVID-19: Sustaining Liquidity/Funding Management and Treasury Operations in ...
COVID-19: Sustaining Liquidity/Funding Management and Treasury Operations in ...COVID-19: Sustaining Liquidity/Funding Management and Treasury Operations in ...
COVID-19: Sustaining Liquidity/Funding Management and Treasury Operations in ...Boston Consulting Group
 
Adapting Compliance Projects and Operating Models for COVID-19
Adapting Compliance Projects and Operating Models for COVID-19Adapting Compliance Projects and Operating Models for COVID-19
Adapting Compliance Projects and Operating Models for COVID-19Boston Consulting Group
 
COVID-19: Sustaining Business in All Scenarios: A New Lens on Bank Credit Ris...
COVID-19: Sustaining Business in All Scenarios: A New Lens on Bank Credit Ris...COVID-19: Sustaining Business in All Scenarios: A New Lens on Bank Credit Ris...
COVID-19: Sustaining Business in All Scenarios: A New Lens on Bank Credit Ris...Boston Consulting Group
 
How Should Financial Institutions Navigate the COVID-19 Crisis?
How Should Financial Institutions Navigate the COVID-19 Crisis?How Should Financial Institutions Navigate the COVID-19 Crisis?
How Should Financial Institutions Navigate the COVID-19 Crisis?Boston Consulting Group
 
What's Keeping Women out of Data Science? (press deck)
What's Keeping Women out of Data Science? (press deck)What's Keeping Women out of Data Science? (press deck)
What's Keeping Women out of Data Science? (press deck)Boston Consulting Group
 

More from Boston Consulting Group (20)

Sources of advantage in Regulatory Filing Management
Sources of advantage in Regulatory Filing Management Sources of advantage in Regulatory Filing Management
Sources of advantage in Regulatory Filing Management
 
Green Venture Opportunities
Green Venture Opportunities Green Venture Opportunities
Green Venture Opportunities
 
Reinvent M
Reinvent MReinvent M
Reinvent M
 
Urban Mobility Is Evolving in Unexpected Ways Due to COVID-19
Urban Mobility Is Evolving in Unexpected Ways Due to COVID-19Urban Mobility Is Evolving in Unexpected Ways Due to COVID-19
Urban Mobility Is Evolving in Unexpected Ways Due to COVID-19
 
Win The Fight: Crush and Contain for Safer Reopening
Win The Fight: Crush and Contain for Safer Reopening Win The Fight: Crush and Contain for Safer Reopening
Win The Fight: Crush and Contain for Safer Reopening
 
Seismic shifts: Retail banking in the wake of COVID-19
Seismic shifts: Retail banking in the wake of COVID-19Seismic shifts: Retail banking in the wake of COVID-19
Seismic shifts: Retail banking in the wake of COVID-19
 
Driving Change in Racial Equity
Driving Change in Racial Equity Driving Change in Racial Equity
Driving Change in Racial Equity
 
What Does the Recovery of Demand for Urban Mobility Look Like Post-COVID-19?
What Does the Recovery of Demand for Urban Mobility Look Like Post-COVID-19?What Does the Recovery of Demand for Urban Mobility Look Like Post-COVID-19?
What Does the Recovery of Demand for Urban Mobility Look Like Post-COVID-19?
 
Retail Banking in the New Reality – Summary Survey Findings
Retail Banking in the New Reality – Summary Survey FindingsRetail Banking in the New Reality – Summary Survey Findings
Retail Banking in the New Reality – Summary Survey Findings
 
Unlocking the Hidden Value in Securities Services
Unlocking the Hidden Value in Securities ServicesUnlocking the Hidden Value in Securities Services
Unlocking the Hidden Value in Securities Services
 
Navigating the COVID-19 Crisis V2 - April 20
Navigating the COVID-19 Crisis V2 - April 20 Navigating the COVID-19 Crisis V2 - April 20
Navigating the COVID-19 Crisis V2 - April 20
 
Navigating the COVID-19 Crisis V1
Navigating the COVID-19 Crisis V1Navigating the COVID-19 Crisis V1
Navigating the COVID-19 Crisis V1
 
COVID-19 Rapid Response Crisis Checklist
COVID-19 Rapid Response Crisis ChecklistCOVID-19 Rapid Response Crisis Checklist
COVID-19 Rapid Response Crisis Checklist
 
Covid-19 Is a Call for Retail Banks to Accelerate Digital Transformation
Covid-19 Is a Call for Retail Banks to Accelerate Digital TransformationCovid-19 Is a Call for Retail Banks to Accelerate Digital Transformation
Covid-19 Is a Call for Retail Banks to Accelerate Digital Transformation
 
COVID-19 Rapid Response Checklist for Nonprofits
COVID-19 Rapid Response Checklist for NonprofitsCOVID-19 Rapid Response Checklist for Nonprofits
COVID-19 Rapid Response Checklist for Nonprofits
 
COVID-19: Sustaining Liquidity/Funding Management and Treasury Operations in ...
COVID-19: Sustaining Liquidity/Funding Management and Treasury Operations in ...COVID-19: Sustaining Liquidity/Funding Management and Treasury Operations in ...
COVID-19: Sustaining Liquidity/Funding Management and Treasury Operations in ...
 
Adapting Compliance Projects and Operating Models for COVID-19
Adapting Compliance Projects and Operating Models for COVID-19Adapting Compliance Projects and Operating Models for COVID-19
Adapting Compliance Projects and Operating Models for COVID-19
 
COVID-19: Sustaining Business in All Scenarios: A New Lens on Bank Credit Ris...
COVID-19: Sustaining Business in All Scenarios: A New Lens on Bank Credit Ris...COVID-19: Sustaining Business in All Scenarios: A New Lens on Bank Credit Ris...
COVID-19: Sustaining Business in All Scenarios: A New Lens on Bank Credit Ris...
 
How Should Financial Institutions Navigate the COVID-19 Crisis?
How Should Financial Institutions Navigate the COVID-19 Crisis?How Should Financial Institutions Navigate the COVID-19 Crisis?
How Should Financial Institutions Navigate the COVID-19 Crisis?
 
What's Keeping Women out of Data Science? (press deck)
What's Keeping Women out of Data Science? (press deck)What's Keeping Women out of Data Science? (press deck)
What's Keeping Women out of Data Science? (press deck)
 

Recently uploaded

Buy Verified TransferWise Accounts From Seosmmearth
Buy Verified TransferWise Accounts From SeosmmearthBuy Verified TransferWise Accounts From Seosmmearth
Buy Verified TransferWise Accounts From SeosmmearthBuy Verified Binance Account
 
Pre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptxPre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptxRoofing Contractor
 
Cannabis Legalization World Map: 2024 Updated
Cannabis Legalization World Map: 2024 UpdatedCannabis Legalization World Map: 2024 Updated
Cannabis Legalization World Map: 2024 UpdatedCannaBusinessPlans
 
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...Falcon Invoice Discounting
 
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGParadip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGpr788182
 
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAIGetting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAITim Wilson
 
BeMetals Investor Presentation_May 3, 2024.pdf
BeMetals Investor Presentation_May 3, 2024.pdfBeMetals Investor Presentation_May 3, 2024.pdf
BeMetals Investor Presentation_May 3, 2024.pdfDerekIwanaka1
 
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan CytotecJual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan CytotecZurliaSoop
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentationuneakwhite
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...daisycvs
 
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai KuwaitThe Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwaitdaisycvs
 
Falcon Invoice Discounting: Aviate Your Cash Flow Challenges
Falcon Invoice Discounting: Aviate Your Cash Flow ChallengesFalcon Invoice Discounting: Aviate Your Cash Flow Challenges
Falcon Invoice Discounting: Aviate Your Cash Flow Challengeshemanthkumar470700
 
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...meghakumariji156
 
Over the Top (OTT) Market Size & Growth Outlook 2024-2030
Over the Top (OTT) Market Size & Growth Outlook 2024-2030Over the Top (OTT) Market Size & Growth Outlook 2024-2030
Over the Top (OTT) Market Size & Growth Outlook 2024-2030tarushabhavsar
 
Lundin Gold - Q1 2024 Conference Call Presentation (Revised)
Lundin Gold - Q1 2024 Conference Call Presentation (Revised)Lundin Gold - Q1 2024 Conference Call Presentation (Revised)
Lundin Gold - Q1 2024 Conference Call Presentation (Revised)Adnet Communications
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptxnandhinijagan9867
 
Power point presentation on enterprise performance management
Power point presentation on enterprise performance managementPower point presentation on enterprise performance management
Power point presentation on enterprise performance managementVaishnaviGunji
 

Recently uploaded (20)

Buy Verified TransferWise Accounts From Seosmmearth
Buy Verified TransferWise Accounts From SeosmmearthBuy Verified TransferWise Accounts From Seosmmearth
Buy Verified TransferWise Accounts From Seosmmearth
 
Pre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptxPre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptx
 
Cannabis Legalization World Map: 2024 Updated
Cannabis Legalization World Map: 2024 UpdatedCannabis Legalization World Map: 2024 Updated
Cannabis Legalization World Map: 2024 Updated
 
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
 
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGParadip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
 
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAIGetting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
 
BeMetals Investor Presentation_May 3, 2024.pdf
BeMetals Investor Presentation_May 3, 2024.pdfBeMetals Investor Presentation_May 3, 2024.pdf
BeMetals Investor Presentation_May 3, 2024.pdf
 
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan CytotecJual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
 
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pillsMifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
 
!~+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUD...
!~+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUD...!~+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUD...
!~+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUD...
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
 
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai KuwaitThe Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
 
Falcon Invoice Discounting: Aviate Your Cash Flow Challenges
Falcon Invoice Discounting: Aviate Your Cash Flow ChallengesFalcon Invoice Discounting: Aviate Your Cash Flow Challenges
Falcon Invoice Discounting: Aviate Your Cash Flow Challenges
 
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
 
Over the Top (OTT) Market Size & Growth Outlook 2024-2030
Over the Top (OTT) Market Size & Growth Outlook 2024-2030Over the Top (OTT) Market Size & Growth Outlook 2024-2030
Over the Top (OTT) Market Size & Growth Outlook 2024-2030
 
Lundin Gold - Q1 2024 Conference Call Presentation (Revised)
Lundin Gold - Q1 2024 Conference Call Presentation (Revised)Lundin Gold - Q1 2024 Conference Call Presentation (Revised)
Lundin Gold - Q1 2024 Conference Call Presentation (Revised)
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptx
 
Power point presentation on enterprise performance management
Power point presentation on enterprise performance managementPower point presentation on enterprise performance management
Power point presentation on enterprise performance management
 

Takeaways from a Simulated Cyber Attack

  • 1. MARCH 1, 2018 Summary Report Cyber attack simulation exercise
  • 2. 1 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. The CyberCanada attack simulation exercise was attended by 100+ Canadian leaders representing a wide-range of organizations from both the private and public sector. Some of the views shared by participants, and captured here, may appear to be conflicting. This is a reflection of different opinions voiced and/or differences between the various individuals and groups represented. A short recap of the learning objectives, feedback shared by attendees during the module readouts, and questions to consider asking your organizations have been included in this short report. To ensure privacy, opinions have not been attributed to any individuals. A brief summary of the discussions during the CyberCanada attack simulation exercise
  • 3. 2 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Recap: the Table Top eXercise (TTX) had specific learning objectives Experience what your management team goes through when under cyberattack • Basic cybersecurity concepts • Cybersecurity as a strategic business risk • The impacts of people, culture, process, procedures and technology on cyber resilience • How to advance cyber resilience beyond the technical part The Experience Understand by doing
  • 4. 3 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Module 1: The Compromise Strengths and weaknesses of CEO's communications • Strengths: out in front, confident, clear, available, took ownership • Weaknesses: other management was not informed, too much information was shared, not enough assurance, not genuine enough, lack of preparation, false statements made Responsibilities of the Management Board • Ensure business continuity • Determine regulatory reporting requirements • Decide on internal communications • Get handle on scope, control the message • Engage the Board What will you do next? • Impact assessment from BUs + Functions • Determine what insurance the company has • Consult legal counsel • Solicit Public Relations support • Determine recovery and comms plans • Determine plan of action • Decide what should be the cadence for updates Summary of responses shared during Module 1 3 2 1
  • 5. 4 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Module 2: The Briefing Views regarding ransom payment and who should make the decision • Much disagreement on whether or not to pay the ransom • Ransom payment considerations: assess the financial impact with cost/benefit analysis, will we get back the data, can operations resume without paying, who is the attacker, ask for extension on deadline, discuss with law enforcement • Who should make decision: some said Board should decide, others said C-Suite should decide with advice from Board Thoughts on engaging the community • Engage the entire ecosystem • Third parties: cybersecurity consultants, legal, PR, insurance, law enforcement, call centers, ransom negotiator • Stakeholders: employees, customers, partners, suppliers, shareholders, government, regulators What are next steps? • Assess the business impact and set long-term strategy • Get back to operations, assign responsible parties • Look at the culture that allowed this to happen • Fire the CEO 3 2 1 Summary of responses shared during Module 2
  • 6. 5 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Module 3: The Response Experts you would contact during a cyber attack and when • Engage law enforcement early; they have intel • Crisis response consultants and forensics teams can help • Different responses for different jurisdictions and industries • Prepare before the attack: meet with law enforcement and establish the relationship beforehand • Collaborate with industry partners Following this exercise, what will you do differently? • Ask the organization questions about cybersecurity • Raise cybersecurity to the Board level • “Culture is to punish the victim” has to stop • Establish relationships with law enforcement and national CERT • Don't wait for an attack to happen, plan incident response now • Set cybersecurity long-term vision/strategy; and be agile • Cybersecurity is not a cost center; it's a business enabler How has digitalization impacted cybersecurity and business strategy? • Increased the number of unknowns and interdependencies • Has caused information overload creating a need to educate the public • IoT has increased the risk by increasing the attack surface Summary of responses shared during Module 3 3 2 1
  • 7. 6 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Key questions you should be asking your organization Crown jewels How does your organization know which systems, data, and assets have the most value and do you conduct tests on breaching those systems? Technology How are the users of your cybersecurity tools properly trained on how to get the best results from them? Culture How is cybersecurity ingrained into the culture of your organization the same way as safety, quality, ethics and compliance? Third parties How do you secure suppliers, acquisitions, business partners, and customers with the same rigor as you secure your enterprise? Design for Cyber How are your products, networks, and systems designed with cybersecurity in mind—from the first design concept meeting through every stage? Business enabler How have you integrated cybersecurity into your business strategy so that your business can safely and securely innovate and grow faster? Consequences How do you optimize your budget between reducing vulnerabilities and reducing the consequences of a breach? Preparation What kind of plans do you have in place for incident response, business continuity & disaster recovery? Do you regularly practice executing these plans?
  • 8. 7 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Boards are in a unique strategic position to improve cyber resilience. And they are ultimately responsible for cyber risk in their companies BCG jointly with the Forum established 10 Board Principles for cyber resilience • Responsibility for Cyber Resilience • Command of the Subject • Accountable officer • Integration of Cyber Resilience • Risk assessment and reporting • Risk appetite • Resilience plans • Community • Review • Effectiveness See also the Forum's comprehensive report on "Advancing Cyber Resilience: Principles and Tools for Boards" (2017) Source: BCG and World Economic Forum See the publication at: http://www3.weforum.org/docs/IP/2017/Adv_Cyber_Resilience_Principles-Tools.pdf 1 2 3 4 6 5 8 7 9 10
  • 9. 8 The services and materials provided by The Boston Consulting Group (BCG) are subject to BCG's Standard Terms (a copy of which is available upon request) or such other agreement as may have been previously executed by BCG. BCG does not provide legal, accounting, or tax advice. The Client is responsible for obtaining independent advice concerning these matters. This advice may affect the guidance given by BCG. Further, BCG has made no undertaking to update these materials after the date hereof, notwithstanding that such information may become outdated or inaccurate. The materials contained in this presentation are designed for the sole use by the board of directors or senior management of the Client and solely for the limited purposes described in the presentation. The materials shall not be copied or given to any person or entity other than the Client (“Third Party”) without the prior written consent of BCG. These materials serve only as the focus for discussion; they are incomplete without the accompanying oral commentary and may not be relied on as a stand-alone document. Further, Third Parties may not, and it is unreasonable for any Third Party to, rely on these materials for any purpose whatsoever. To the fullest extent permitted by law (and except to the extent otherwise agreed in a signed writing by BCG), BCG shall have no liability whatsoever to any Third Party, and any Third Party hereby waives any rights and claims it may have at any time against BCG with regard to the services, this presentation, or other materials, including the accuracy or completeness thereof. Receipt and review of this document shall be deemed agreement with and consideration for the foregoing. BCG does not provide fairness opinions or valuations of market transactions, and these materials should not be relied on or construed as such. Further, the financial evaluations, projected market and financial information, and conclusions contained in these materials are based upon standard valuation methodologies, are not definitive forecasts, and are not guaranteed by BCG. BCG has used public and/or confidential data and assumptions provided to BCG by the Client. BCG has not independently verified the data and assumptions used in these analyses. Changes in the underlying data or operating assumptions will clearly impact the analyses and conclusions. Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved.