SlideShare ist ein Scribd-Unternehmen logo

It’s not If but When 20160503

Als PPTX, PDF herunterladen
Barry Caplin
Barry Caplin

With new and renewed attacks against our organizations, Incident Response and Management needs to be a core part of your Information Security program. Doing only what’s worked in the past and focusing on “preventing” breaches in not a viable tactic. We need to focus broadly on proactive, detective and responsive measures. We need to provide leadership when things go wrong. Incident Response and Management could be one of the most important parts of a security program because "when" it happens, how we respond to minimize the impact can make a huge different both for the patients/customers and the organization.

Technologie
1 von 12
IT’S NOT IF… BUT WHEN CISO Assembly, Dallas, TX bcaplin1@fairview.org bc@bjb.org @bcaplin http://about.me/barrycaplin http://securityandcoffee.blogspot.com Barry Caplin Chief Information Security Official Fairview Health Services
@bcaplin http://about.me/barrycaplin securityandcoffee.blogspot.com
o Not-for-profit established in 1906 o Academic Health System since 1997 partnership with University of Minnesota o >22K employees o >3,300 aligned physicians o Employed, faculty, independent o 7 hospitals/medical centers (>2,500 staffed beds) o 40-plus primary care clinics o 55-plus specialty clinics o 47 senior housing locations o 30-plus retail pharmacies 2014 volumes o 6.39M outpatient encounters o 1.4M clinic visits o 71,049 inpatient admissions o 76,595 surgeries o 9,298 births o 282 blood and marrow transplants o 340 organ transplants o >$4 billion total revenue
got breach? got job?
2015 – Year of the Breach 2014 – Year of the Breach 2013 – Year of the Breach 2016 – Availability? Integrity?
BOARD REPORTING EXAMPLE • Ransomware first appeared in 1989; large growth since 2013 • 2016 Hollywood Presbyterian – first publicized healthcare org to pay • $17K ransom paid • Systems down for over 1 week – ER, OR, imaging, lab, pharmacy • MedStar, MD – 10 hospital network • $3+ days of outages – 4 ERs, all inpatient shut down • 4/7/16, all systems back up • Most attacks are through email attachment or link based • Systems must be taken down to stop spread
BOARD REPORTING EXAMPLE • Estimated >$325M paid in ransoms in 2015 • Some variants charge $100-$500 per workstation • Some are “flat fee” • Often the cost of downtime and recovery is more than the ransom • It’s not “if”, but “when” an attack will happen • There is no “prevention” – Each attack is new and unique • There are “proactive/prevent” responses, and “detect/remediate” approaches • We do pursue both
•Can we prevent? •It’s not If, but When •Is Incident Management the key part of our job? •How we respond makes a difference
•How to start: •Figure out where your “stuff” is •Figure out the risks to your “stuff” •Figure out how you will react if that risk manifests •Write it down – Playbooks •Practice •Know what’s normal - Monitor Incident Response
CISO’s Role •Leadership •Communication – Internal/External • Staff/Exec/Board • Law Enforcement • External Counsel • Media • Regulatory
CISO’s Role •Incident Response/Forensics • Outsource? • Pre-pay? • Retainer? •Cyber Insurance – What is covered? How does it pay? •Tabletop – Exec Breach exercise
Discussion Questions •Can you “defend” you architecture/tech choices? •Can you detect problems, attacks and IoC’s against your enterprise? •Do you have response plans? Have you exercised them? •Do you have communication plans? Have you exercised them? •Does your C-suite have your back? Why?

Empfohlen

Healing healthcare security
Healing healthcare securityHealing healthcare security
Healing healthcare securityBarry Caplin
 
#%! My CISO Says
#%! My CISO Says#%! My CISO Says
#%! My CISO SaysArgyle Executive Forum
 
It’s Not IF–It’s WHEN!
It’s Not IF–It’s WHEN!It’s Not IF–It’s WHEN!
It’s Not IF–It’s WHEN!Advanced Organizing Systems, Inc.
 
Bullying and Cyberbullying
Bullying and CyberbullyingBullying and Cyberbullying
Bullying and CyberbullyingBarry Caplin
 
Online Self Defense - Passwords
Online Self Defense - PasswordsOnline Self Defense - Passwords
Online Self Defense - PasswordsBarry Caplin
 
Stuff my ciso says
Stuff my ciso saysStuff my ciso says
Stuff my ciso saysBarry Caplin
 
The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?Barry Caplin
 
Accidental Insider
Accidental InsiderAccidental Insider
Accidental InsiderBarry Caplin
 

Empfohlen

Healing healthcare security
Healing healthcare securityHealing healthcare security
Healing healthcare securityBarry Caplin
 
#%! My CISO Says
#%! My CISO Says#%! My CISO Says
#%! My CISO SaysArgyle Executive Forum
 
It’s Not IF–It’s WHEN!
It’s Not IF–It’s WHEN!It’s Not IF–It’s WHEN!
It’s Not IF–It’s WHEN!Advanced Organizing Systems, Inc.
 
Bullying and Cyberbullying
Bullying and CyberbullyingBullying and Cyberbullying
Bullying and CyberbullyingBarry Caplin
 
Online Self Defense - Passwords
Online Self Defense - PasswordsOnline Self Defense - Passwords
Online Self Defense - PasswordsBarry Caplin
 
Stuff my ciso says
Stuff my ciso saysStuff my ciso says
Stuff my ciso saysBarry Caplin
 
The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?Barry Caplin
 
Accidental Insider
Accidental InsiderAccidental Insider
Accidental InsiderBarry Caplin
 
Dreaded Embedded sec360 5-17-16
Dreaded Embedded sec360 5-17-16Dreaded Embedded sec360 5-17-16
Dreaded Embedded sec360 5-17-16Barry Caplin
 
CISOs are from Mars, CIOs are from Venus
CISOs are from Mars, CIOs are from VenusCISOs are from Mars, CIOs are from Venus
CISOs are from Mars, CIOs are from VenusBarry Caplin
 
Entrepreneurship Weeks 1&2 Ethan Chazin
Entrepreneurship Weeks 1&2 Ethan ChazinEntrepreneurship Weeks 1&2 Ethan Chazin
Entrepreneurship Weeks 1&2 Ethan ChazinEthan Chazin MBA
 
Understanding Risk Management by Bobby Talbott
Understanding Risk Management by Bobby TalbottUnderstanding Risk Management by Bobby Talbott
Understanding Risk Management by Bobby TalbottPlatform Houston
 
Managing in an uncertain world
Managing in an uncertain worldManaging in an uncertain world
Managing in an uncertain worldTristan Wiggill
 
Your BPD News_Volume 2 Issue 3
Your BPD News_Volume 2 Issue 3Your BPD News_Volume 2 Issue 3
Your BPD News_Volume 2 Issue 3Steve O'Dell
 
Integrative Healthcare
Integrative HealthcareIntegrative Healthcare
Integrative HealthcareIFAH
 
First wave pitch
First wave pitchFirst wave pitch
First wave pitchMonica Stynchula
 
Education Law Conference Manchester - Monday 10 June 2019
Education Law Conference Manchester - Monday 10 June 2019Education Law Conference Manchester - Monday 10 June 2019
Education Law Conference Manchester - Monday 10 June 2019Browne Jacobson LLP
 
May 30th 2015 workshop presentation (slide share sample)
May 30th 2015 workshop presentation (slide share sample)May 30th 2015 workshop presentation (slide share sample)
May 30th 2015 workshop presentation (slide share sample)Mary Norris-Ellis
 
Nicholas Tomsen, MD - DPC Changed the Rules: Reclaim Full-Scope Practice - DP...
Nicholas Tomsen, MD - DPC Changed the Rules: Reclaim Full-Scope Practice - DP...Nicholas Tomsen, MD - DPC Changed the Rules: Reclaim Full-Scope Practice - DP...
Nicholas Tomsen, MD - DPC Changed the Rules: Reclaim Full-Scope Practice - DP...Hint
 
6 Keys to Preventing and Responding to Workplace Violence
6 Keys to Preventing and Responding to Workplace Violence6 Keys to Preventing and Responding to Workplace Violence
6 Keys to Preventing and Responding to Workplace ViolenceCase IQ
 
Mental Health in Information Security: Its Time To Talk
Mental Health in Information Security: Its Time To TalkMental Health in Information Security: Its Time To Talk
Mental Health in Information Security: Its Time To TalkSimon Harvey
 
Occupational Fraud - What Dentists Need to Know
Occupational Fraud - What Dentists Need to KnowOccupational Fraud - What Dentists Need to Know
Occupational Fraud - What Dentists Need to Knowgppcpa
 
2012 777 The Seven Blind Spots in Business and How to Prevent Them
2012 777 The Seven Blind Spots in Business and How to Prevent Them2012 777 The Seven Blind Spots in Business and How to Prevent Them
2012 777 The Seven Blind Spots in Business and How to Prevent ThemSmith Family Business Initiative at Cornell
 
Transforming financeintoavaluableandappreciatedbusinesspartner
Transforming financeintoavaluableandappreciatedbusinesspartnerTransforming financeintoavaluableandappreciatedbusinesspartner
Transforming financeintoavaluableandappreciatedbusinesspartnerThe Pathway Group
 
Ucla hospital
Ucla hospitalUcla hospital
Ucla hospitalmbaMike
 
Safeguarding week 2
Safeguarding week 2Safeguarding week 2
Safeguarding week 2HCEfareham
 
MDYA 360: Improving At-Risk Youth’s Future
MDYA 360: Improving At-Risk Youth’s Future MDYA 360: Improving At-Risk Youth’s Future
MDYA 360: Improving At-Risk Youth’s Future Qualtrics
 
Leadership_Best_Practice
Leadership_Best_PracticeLeadership_Best_Practice
Leadership_Best_PracticeBobby Scott
 
It’s not if but when 20160503
It’s not if but when 20160503It’s not if but when 20160503
It’s not if but when 20160503Barry Caplin
 
Wearing Your Heart On Your Sleeve - Literally!
Wearing Your Heart On Your Sleeve - Literally!Wearing Your Heart On Your Sleeve - Literally!
Wearing Your Heart On Your Sleeve - Literally!Barry Caplin
 

Weitere ähnliche Inhalte

Ähnlich wie It’s not If but When 20160503

Dreaded Embedded sec360 5-17-16
Dreaded Embedded sec360 5-17-16Dreaded Embedded sec360 5-17-16
Dreaded Embedded sec360 5-17-16Barry Caplin
 
CISOs are from Mars, CIOs are from Venus
CISOs are from Mars, CIOs are from VenusCISOs are from Mars, CIOs are from Venus
CISOs are from Mars, CIOs are from VenusBarry Caplin
 
Entrepreneurship Weeks 1&2 Ethan Chazin
Entrepreneurship Weeks 1&2 Ethan ChazinEntrepreneurship Weeks 1&2 Ethan Chazin
Entrepreneurship Weeks 1&2 Ethan ChazinEthan Chazin MBA
 
Understanding Risk Management by Bobby Talbott
Understanding Risk Management by Bobby TalbottUnderstanding Risk Management by Bobby Talbott
Understanding Risk Management by Bobby TalbottPlatform Houston
 
Managing in an uncertain world
Managing in an uncertain worldManaging in an uncertain world
Managing in an uncertain worldTristan Wiggill
 
Your BPD News_Volume 2 Issue 3
Your BPD News_Volume 2 Issue 3Your BPD News_Volume 2 Issue 3
Your BPD News_Volume 2 Issue 3Steve O'Dell
 
Integrative Healthcare
Integrative HealthcareIntegrative Healthcare
Integrative HealthcareIFAH
 
Education Law Conference Manchester - Monday 10 June 2019
Education Law Conference Manchester - Monday 10 June 2019Education Law Conference Manchester - Monday 10 June 2019
Education Law Conference Manchester - Monday 10 June 2019Browne Jacobson LLP
 
May 30th 2015 workshop presentation (slide share sample)
May 30th 2015 workshop presentation (slide share sample)May 30th 2015 workshop presentation (slide share sample)
May 30th 2015 workshop presentation (slide share sample)Mary Norris-Ellis
 
Nicholas Tomsen, MD - DPC Changed the Rules: Reclaim Full-Scope Practice - DP...
Nicholas Tomsen, MD - DPC Changed the Rules: Reclaim Full-Scope Practice - DP...Nicholas Tomsen, MD - DPC Changed the Rules: Reclaim Full-Scope Practice - DP...
Nicholas Tomsen, MD - DPC Changed the Rules: Reclaim Full-Scope Practice - DP...Hint
 
6 Keys to Preventing and Responding to Workplace Violence
6 Keys to Preventing and Responding to Workplace Violence6 Keys to Preventing and Responding to Workplace Violence
6 Keys to Preventing and Responding to Workplace ViolenceCase IQ
 
Mental Health in Information Security: Its Time To Talk
Mental Health in Information Security: Its Time To TalkMental Health in Information Security: Its Time To Talk
Mental Health in Information Security: Its Time To TalkSimon Harvey
 
Occupational Fraud - What Dentists Need to Know
Occupational Fraud - What Dentists Need to KnowOccupational Fraud - What Dentists Need to Know
Occupational Fraud - What Dentists Need to Knowgppcpa
 
Transforming financeintoavaluableandappreciatedbusinesspartner
Transforming financeintoavaluableandappreciatedbusinesspartnerTransforming financeintoavaluableandappreciatedbusinesspartner
Transforming financeintoavaluableandappreciatedbusinesspartnerThe Pathway Group
 
Ucla hospital
Ucla hospitalUcla hospital
Ucla hospitalmbaMike
 
Safeguarding week 2
Safeguarding week 2Safeguarding week 2
Safeguarding week 2HCEfareham
 
MDYA 360: Improving At-Risk Youth’s Future
MDYA 360: Improving At-Risk Youth’s Future MDYA 360: Improving At-Risk Youth’s Future
MDYA 360: Improving At-Risk Youth’s Future Qualtrics
 
Leadership_Best_Practice
Leadership_Best_PracticeLeadership_Best_Practice
Leadership_Best_PracticeBobby Scott
 

Ähnlich wie It’s not If but When 20160503 (20)

Dreaded Embedded sec360 5-17-16
Dreaded Embedded sec360 5-17-16Dreaded Embedded sec360 5-17-16
Dreaded Embedded sec360 5-17-16
 
CISOs are from Mars, CIOs are from Venus
CISOs are from Mars, CIOs are from VenusCISOs are from Mars, CIOs are from Venus
CISOs are from Mars, CIOs are from Venus
 
Entrepreneurship Weeks 1&2 Ethan Chazin
Entrepreneurship Weeks 1&2 Ethan ChazinEntrepreneurship Weeks 1&2 Ethan Chazin
Entrepreneurship Weeks 1&2 Ethan Chazin
 
Understanding Risk Management by Bobby Talbott
Understanding Risk Management by Bobby TalbottUnderstanding Risk Management by Bobby Talbott
Understanding Risk Management by Bobby Talbott
 
Managing in an uncertain world
Managing in an uncertain worldManaging in an uncertain world
Managing in an uncertain world
 
Your BPD News_Volume 2 Issue 3
Your BPD News_Volume 2 Issue 3Your BPD News_Volume 2 Issue 3
Your BPD News_Volume 2 Issue 3
 
Integrative Healthcare
Integrative HealthcareIntegrative Healthcare
Integrative Healthcare
 
First wave pitch
First wave pitchFirst wave pitch
First wave pitch
 
Education Law Conference Manchester - Monday 10 June 2019
Education Law Conference Manchester - Monday 10 June 2019Education Law Conference Manchester - Monday 10 June 2019
Education Law Conference Manchester - Monday 10 June 2019
 
May 30th 2015 workshop presentation (slide share sample)
May 30th 2015 workshop presentation (slide share sample)May 30th 2015 workshop presentation (slide share sample)
May 30th 2015 workshop presentation (slide share sample)
 
Nicholas Tomsen, MD - DPC Changed the Rules: Reclaim Full-Scope Practice - DP...
Nicholas Tomsen, MD - DPC Changed the Rules: Reclaim Full-Scope Practice - DP...Nicholas Tomsen, MD - DPC Changed the Rules: Reclaim Full-Scope Practice - DP...
Nicholas Tomsen, MD - DPC Changed the Rules: Reclaim Full-Scope Practice - DP...
 
6 Keys to Preventing and Responding to Workplace Violence
6 Keys to Preventing and Responding to Workplace Violence6 Keys to Preventing and Responding to Workplace Violence
6 Keys to Preventing and Responding to Workplace Violence
 
Mental Health in Information Security: Its Time To Talk
Mental Health in Information Security: Its Time To TalkMental Health in Information Security: Its Time To Talk
Mental Health in Information Security: Its Time To Talk
 
Occupational Fraud - What Dentists Need to Know
Occupational Fraud - What Dentists Need to KnowOccupational Fraud - What Dentists Need to Know
Occupational Fraud - What Dentists Need to Know
 
2012 777 The Seven Blind Spots in Business and How to Prevent Them
2012 777 The Seven Blind Spots in Business and How to Prevent Them2012 777 The Seven Blind Spots in Business and How to Prevent Them
2012 777 The Seven Blind Spots in Business and How to Prevent Them
 
Transforming financeintoavaluableandappreciatedbusinesspartner
Transforming financeintoavaluableandappreciatedbusinesspartnerTransforming financeintoavaluableandappreciatedbusinesspartner
Transforming financeintoavaluableandappreciatedbusinesspartner
 
Ucla hospital
Ucla hospitalUcla hospital
Ucla hospital
 
Safeguarding week 2
Safeguarding week 2Safeguarding week 2
Safeguarding week 2
 
MDYA 360: Improving At-Risk Youth’s Future
MDYA 360: Improving At-Risk Youth’s Future MDYA 360: Improving At-Risk Youth’s Future
MDYA 360: Improving At-Risk Youth’s Future
 
Leadership_Best_Practice
Leadership_Best_PracticeLeadership_Best_Practice
Leadership_Best_Practice
 

Mehr von Barry Caplin

It’s not if but when 20160503
It’s not if but when 20160503It’s not if but when 20160503
It’s not if but when 20160503Barry Caplin
 
Wearing Your Heart On Your Sleeve - Literally!
Wearing Your Heart On Your Sleeve - Literally!Wearing Your Heart On Your Sleeve - Literally!
Wearing Your Heart On Your Sleeve - Literally!Barry Caplin
 
3 factors of fail sec360 5-15-13
3 factors of fail sec360 5-15-133 factors of fail sec360 5-15-13
3 factors of fail sec360 5-15-13Barry Caplin
 
Tech smart preschool parent 2 13
Tech smart preschool parent 2 13Tech smart preschool parent 2 13
Tech smart preschool parent 2 13Barry Caplin
 
Embracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG SecurityEmbracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG SecurityBarry Caplin
 
Online Self Defense
Online Self DefenseOnline Self Defense
Online Self DefenseBarry Caplin
 
Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveBarry Caplin
 
Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveBarry Caplin
 
IT Consumerization – iPad’ing the Enterprise or BYO Malware?
IT Consumerization – iPad’ing the Enterprise or BYO Malware?IT Consumerization – iPad’ing the Enterprise or BYO Malware?
IT Consumerization – iPad’ing the Enterprise or BYO Malware?Barry Caplin
 
Toys in the office 11
Toys in the office 11Toys in the office 11
Toys in the office 11Barry Caplin
 
Teens 2.0 - Teens and Social Networks
Teens 2.0 - Teens and Social NetworksTeens 2.0 - Teens and Social Networks
Teens 2.0 - Teens and Social NetworksBarry Caplin
 
Laws of the Game For Valley United Soccer Club travel soccer refs
Laws of the Game For Valley United Soccer Club travel soccer refsLaws of the Game For Valley United Soccer Club travel soccer refs
Laws of the Game For Valley United Soccer Club travel soccer refsBarry Caplin
 
Laws of the Game for Valley Athletic Assn (VAA) Community Soccer refs
Laws of the Game for Valley Athletic Assn (VAA) Community Soccer refsLaws of the Game for Valley Athletic Assn (VAA) Community Soccer refs
Laws of the Game for Valley Athletic Assn (VAA) Community Soccer refsBarry Caplin
 
How to be a Tech-Smart Parent
How to be a Tech-Smart ParentHow to be a Tech-Smart Parent
How to be a Tech-Smart ParentBarry Caplin
 
Internet Safety for Families and Children
Internet Safety for Families and ChildrenInternet Safety for Families and Children
Internet Safety for Families and ChildrenBarry Caplin
 
Security Lifecycle Management
Security Lifecycle ManagementSecurity Lifecycle Management
Security Lifecycle ManagementBarry Caplin
 
Elements of an Information Security Awareness Program
Elements of an Information Security Awareness ProgramElements of an Information Security Awareness Program
Elements of an Information Security Awareness ProgramBarry Caplin
 
Risk Management 101
Risk Management 101Risk Management 101
Risk Management 101Barry Caplin
 
Identity Fraud and How to Protect Yourself
Identity Fraud and How to Protect YourselfIdentity Fraud and How to Protect Yourself
Identity Fraud and How to Protect YourselfBarry Caplin
 
How to safely configure your home wireless network
How to safely configure your home wireless networkHow to safely configure your home wireless network
How to safely configure your home wireless networkBarry Caplin
 

Mehr von Barry Caplin (20)

It’s not if but when 20160503
It’s not if but when 20160503It’s not if but when 20160503
It’s not if but when 20160503
 
Wearing Your Heart On Your Sleeve - Literally!
Wearing Your Heart On Your Sleeve - Literally!Wearing Your Heart On Your Sleeve - Literally!
Wearing Your Heart On Your Sleeve - Literally!
 
3 factors of fail sec360 5-15-13
3 factors of fail sec360 5-15-133 factors of fail sec360 5-15-13
3 factors of fail sec360 5-15-13
 
Tech smart preschool parent 2 13
Tech smart preschool parent 2 13Tech smart preschool parent 2 13
Tech smart preschool parent 2 13
 
Embracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG SecurityEmbracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG Security
 
Online Self Defense
Online Self DefenseOnline Self Defense
Online Self Defense
 
Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization Imperitive
 
Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization Imperitive
 
IT Consumerization – iPad’ing the Enterprise or BYO Malware?
IT Consumerization – iPad’ing the Enterprise or BYO Malware?IT Consumerization – iPad’ing the Enterprise or BYO Malware?
IT Consumerization – iPad’ing the Enterprise or BYO Malware?
 
Toys in the office 11
Toys in the office 11Toys in the office 11
Toys in the office 11
 
Teens 2.0 - Teens and Social Networks
Teens 2.0 - Teens and Social NetworksTeens 2.0 - Teens and Social Networks
Teens 2.0 - Teens and Social Networks
 
Laws of the Game For Valley United Soccer Club travel soccer refs
Laws of the Game For Valley United Soccer Club travel soccer refsLaws of the Game For Valley United Soccer Club travel soccer refs
Laws of the Game For Valley United Soccer Club travel soccer refs
 
Laws of the Game for Valley Athletic Assn (VAA) Community Soccer refs
Laws of the Game for Valley Athletic Assn (VAA) Community Soccer refsLaws of the Game for Valley Athletic Assn (VAA) Community Soccer refs
Laws of the Game for Valley Athletic Assn (VAA) Community Soccer refs
 
How to be a Tech-Smart Parent
How to be a Tech-Smart ParentHow to be a Tech-Smart Parent
How to be a Tech-Smart Parent
 
Internet Safety for Families and Children
Internet Safety for Families and ChildrenInternet Safety for Families and Children
Internet Safety for Families and Children
 
Security Lifecycle Management
Security Lifecycle ManagementSecurity Lifecycle Management
Security Lifecycle Management
 
Elements of an Information Security Awareness Program
Elements of an Information Security Awareness ProgramElements of an Information Security Awareness Program
Elements of an Information Security Awareness Program
 
Risk Management 101
Risk Management 101Risk Management 101
Risk Management 101
 
Identity Fraud and How to Protect Yourself
Identity Fraud and How to Protect YourselfIdentity Fraud and How to Protect Yourself
Identity Fraud and How to Protect Yourself
 
How to safely configure your home wireless network
How to safely configure your home wireless networkHow to safely configure your home wireless network
How to safely configure your home wireless network
 

Kürzlich hochgeladen

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 

Kürzlich hochgeladen (20)

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 

It’s not If but When 20160503

  • 1. IT’S NOT IF… BUT WHEN CISO Assembly, Dallas, TX bcaplin1@fairview.org bc@bjb.org @bcaplin http://about.me/barrycaplin http://securityandcoffee.blogspot.com Barry Caplin Chief Information Security Official Fairview Health Services
  • 3. o Not-for-profit established in 1906 o Academic Health System since 1997 partnership with University of Minnesota o >22K employees o >3,300 aligned physicians o Employed, faculty, independent o 7 hospitals/medical centers (>2,500 staffed beds) o 40-plus primary care clinics o 55-plus specialty clinics o 47 senior housing locations o 30-plus retail pharmacies 2014 volumes o 6.39M outpatient encounters o 1.4M clinic visits o 71,049 inpatient admissions o 76,595 surgeries o 9,298 births o 282 blood and marrow transplants o 340 organ transplants o >$4 billion total revenue
  • 5. 2015 – Year of the Breach 2014 – Year of the Breach 2013 – Year of the Breach 2016 – Availability? Integrity?
  • 6. BOARD REPORTING EXAMPLE • Ransomware first appeared in 1989; large growth since 2013 • 2016 Hollywood Presbyterian – first publicized healthcare org to pay • $17K ransom paid • Systems down for over 1 week – ER, OR, imaging, lab, pharmacy • MedStar, MD – 10 hospital network • $3+ days of outages – 4 ERs, all inpatient shut down • 4/7/16, all systems back up • Most attacks are through email attachment or link based • Systems must be taken down to stop spread
  • 7. BOARD REPORTING EXAMPLE • Estimated >$325M paid in ransoms in 2015 • Some variants charge $100-$500 per workstation • Some are “flat fee” • Often the cost of downtime and recovery is more than the ransom • It’s not “if”, but “when” an attack will happen • There is no “prevention” – Each attack is new and unique • There are “proactive/prevent” responses, and “detect/remediate” approaches • We do pursue both
  • 8. •Can we prevent? •It’s not If, but When •Is Incident Management the key part of our job? •How we respond makes a difference
  • 9. •How to start: •Figure out where your “stuff” is •Figure out the risks to your “stuff” •Figure out how you will react if that risk manifests •Write it down – Playbooks •Practice •Know what’s normal - Monitor Incident Response
  • 10. CISO’s Role •Leadership •Communication – Internal/External • Staff/Exec/Board • Law Enforcement • External Counsel • Media • Regulatory
  • 11. CISO’s Role •Incident Response/Forensics • Outsource? • Pre-pay? • Retainer? •Cyber Insurance – What is covered? How does it pay? •Tabletop – Exec Breach exercise
  • 12. Discussion Questions •Can you “defend” you architecture/tech choices? •Can you detect problems, attacks and IoC’s against your enterprise? •Do you have response plans? Have you exercised them? •Do you have communication plans? Have you exercised them? •Does your C-suite have your back? Why?

Hinweis der Redaktion

  1. Check out my about.me, with links to twitter feed and Security and Coffee blog.