SlideShare ist ein Scribd-Unternehmen logo

Getting Started with Business Continuity

Als PPTX, PDF herunterladen
Stephen Cobb
Stephen Cobb

An introduction to business continuity management with a focus on smaller businesses and resources to explore the subject in more depth.

BusinessTechnologie
1 von 34
Getting Started with Business Continuity Stephen Cobb, CISSP Security Researcher, ESET NA
What’s on the agenda? • How can your organization survive disruptive incidents? – Everything from natural disasters to hacking attacks • You need a business continuity plan
What’s the problem? • Power goes out • Internet connection goes down • Your office floods • Toxic gas cloud forces evacuation • Hackers get into your web server • Hopefully not all at once
Business Continuity Management • Your organization needs the ability: – “to continue to deliver its products and services at acceptable predefined levels after disruptive incidents have occurred” • This is BCM, as defined by ISO 22301
Not all organizations survive • Some go out of business IF they are hit with a disaster for which they have not adequately prepared • Often cited statistic: 1 in 4 fail • Fortunately, the path to proper disaster preparedness is well-documented (see Attachments)
Question #1 Does your organization have a business continuity plan?  Yes  No  I’m not sure  I don’t work for an organization
What sort of disruptive incidents? • Fire • Flood • Earthquake • Tsunami • Tornado • Hurricane • Blizzard • Volcanic eruption creating a giant ash cloud that grounds aircraft
Incidents and accidents • Technical – Unscheduled IT outage – Communications outage – Malware infection • Human – Scandal, fraud and terrorism – Transportation accidents – Social media storm
What’s the biggest threat? 53% 56% 57% 73% 73% 77% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% Security incident Utility supply interuption Adverse weather Data breach Cyber attack Unplanned ITC outages Business Continuity Institute’s Horizon Scan, 2014, based on interviews with 600+ BCM professionals around the world
What is BCM Step 1? • Identify and rank threats – List potentially disruptive incidents most likely to affect your business • Don’t use someone else’s list – Threats vary according to location
Practical strategy • Brainstorm with representatives from all departments • Generate company and location specific list of disaster scenarios – Ranked by probability of occurrence and potential for negative impact – Consider regional variations, some threats location-specific
BCM Step 2: Business Impact Analysis • Which business functions are most critical to its survival? • Requires knowledge, or discovery, of all parts of the organization • Multi-department team effort • There are templates for this
Practical technique: BIA • Detail the functions, processes, personnel, places and systems that are critical to the functioning of your organization • BCM project leader interviews employees in each department • Resulting table lists functions and key person(s) and alternate(s)
Practical technique: BIA • Determine number of Survival Days for each function • How long before lack of that function causes serious impact? • Rank the impact of that function not being available
The Miora technique • Use an Impact scale of 1 to 4 • Where 1 = critical operational impact or fiscal loss, and 4 = no short tern impacts • Multiply Impact x Survival Days • Reveals criticality of functions • Most critical? Functions where Impact = 1 and Survival Days = 1
Question #2 When was the last time your organization tested its disaster/recovery/continuity plan?  2014  2013  Before 2013  We don’t have a plan  I don’t work for an organization
BCM Step 3 • The Response and Recovery Plan • Catalog key data about the assets required to restore critical functions – IT systems, facilities, personnel, suppliers, partners, customers, law enforcement, emergency services • Plan must cover HR, IT, PR, asset management, accounting, facilities
Practical technique: The Plan • Record asset serial numbers, licensing agreements, leases, warranties, contact details • Determine “who to call” for each category of incident • Create a calling tree so the right calls get made, in the right order
Practical technique: IT • Document arrangements you have in place for transitioning to temp locations and IT facilities • Document backups and archives • Consider using cloud-based IT for some functions
Practical technique: PR controls • You need a “who can say what” list to control interaction with the media during an incident • Train all employees on this • Consider a “CEO-only” rule • Don’t overlook social media
Practical technique: People • Document an “all-hands” notification process • Design and document customer advisory criteria and procedures
Practical technique: Steps • Steps to recover key operations should be laid out in a sequence that accounts for functional inter-dependencies. • Get plan approved • Train managers and their reports on the plan details relevant to each location and department
BCM Step 4: Test and Refine • Experts recommend testing your plan at least once a year • Use exercises, walk-throughs, simulations • With testing you get the most out of your investment in creating the plan
Practical strategy • Testing enables you to find gaps and account for changes in the business and threats over time • Tests can also impress management
Yes, BCM is hard work • But what’s the alternative? • Ignore at your peril • Too daunting to undertake on a company-wide basis? • Begin with a few departments, or one office if you have several • Everything you learn in the process can then be applied more broadly
There is some help for SMBs • OFB-EZ: Disaster Protection and Recovery Planning Toolkit for the Small to Mid-Sized Business – disastersafety.org/open-for-business • Very helpful, and free
What threats are on the rise? • Emerging trends or uncertainties “on the radar” in terms of business continuity implications: – Malicious Internet attacks (73%) – Influence of social media (63%) – New regulations and increased regulatory scrutiny (55%) • 2014 BCI Horizon Scan
Also rising (45-50%) • High adoption of Internet-dependent services • Emergence of a global pandemic • Increasing supply chain complexity
Areas of rising concern
BCM Resources • We Live Security article • Resource list with links • eset.com/bcm • Attachments • Consider: – BCI membership • Subscribe: – Disaster Recovery Journal
Thank you! • stephen.cobb@eset.com • www.eset.com • WeLiveSecurity.com • eset.com/bcm
Polling Question: I would like access to the following:  Request access to the Passmark Competitive Analysis Report  Request a custom business trial  Subscribe to ESET’s global threat report  All of the above  None of the above
Q&A Discussion
Getting Started with Business Continuity

Empfohlen

Incident Response: Don't Mess It Up, Here's How To Get It Right
Incident Response: Don't Mess It Up, Here's How To Get It RightIncident Response: Don't Mess It Up, Here's How To Get It Right
Incident Response: Don't Mess It Up, Here's How To Get It Right
Resilient Systems
 
Rapid Risk Assessment: A New Approach to Risk Management
Rapid Risk Assessment: A New Approach to Risk ManagementRapid Risk Assessment: A New Approach to Risk Management
Rapid Risk Assessment: A New Approach to Risk Management
EnergySec
 
Cybersecurity During the COVID Era
Cybersecurity During the COVID EraCybersecurity During the COVID Era
Cybersecurity During the COVID Era
Citrin Cooperman
 
6 Tools for Improving IT Operations in ICS Environments
6 Tools for Improving IT Operations in ICS Environments6 Tools for Improving IT Operations in ICS Environments
6 Tools for Improving IT Operations in ICS Environments
EnergySec
 
What to do when get hacked or suffer a cyber breach
What to do when get hacked or suffer a cyber breachWhat to do when get hacked or suffer a cyber breach
What to do when get hacked or suffer a cyber breach
East Midlands Cyber Security Forum
 
Is Your Vulnerability Management Program Irrelevant?
Is Your Vulnerability Management Program Irrelevant?Is Your Vulnerability Management Program Irrelevant?
Is Your Vulnerability Management Program Irrelevant?
Skybox Security
 
10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management Program10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management Program
BeyondTrust
 
Web Application Vulnerability Management
Web Application Vulnerability ManagementWeb Application Vulnerability Management
Web Application Vulnerability Management
jpubal
 

Empfohlen

Incident Response: Don't Mess It Up, Here's How To Get It Right
Incident Response: Don't Mess It Up, Here's How To Get It RightIncident Response: Don't Mess It Up, Here's How To Get It Right
Incident Response: Don't Mess It Up, Here's How To Get It Right
Resilient Systems
 
Rapid Risk Assessment: A New Approach to Risk Management
Rapid Risk Assessment: A New Approach to Risk ManagementRapid Risk Assessment: A New Approach to Risk Management
Rapid Risk Assessment: A New Approach to Risk Management
EnergySec
 
Cybersecurity During the COVID Era
Cybersecurity During the COVID EraCybersecurity During the COVID Era
Cybersecurity During the COVID Era
Citrin Cooperman
 
6 Tools for Improving IT Operations in ICS Environments
6 Tools for Improving IT Operations in ICS Environments6 Tools for Improving IT Operations in ICS Environments
6 Tools for Improving IT Operations in ICS Environments
EnergySec
 
What to do when get hacked or suffer a cyber breach
What to do when get hacked or suffer a cyber breachWhat to do when get hacked or suffer a cyber breach
What to do when get hacked or suffer a cyber breach
East Midlands Cyber Security Forum
 
Is Your Vulnerability Management Program Irrelevant?
Is Your Vulnerability Management Program Irrelevant?Is Your Vulnerability Management Program Irrelevant?
Is Your Vulnerability Management Program Irrelevant?
Skybox Security
 
10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management Program10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management Program
BeyondTrust
 
Web Application Vulnerability Management
Web Application Vulnerability ManagementWeb Application Vulnerability Management
Web Application Vulnerability Management
jpubal
 
Why Patch Management is Still the Best First Line of Defense
Why Patch Management is Still the Best First Line of DefenseWhy Patch Management is Still the Best First Line of Defense
Why Patch Management is Still the Best First Line of Defense
Lumension
 
Data Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Data Breach Crisis Control – How to Communicate When You’re in the Hot SeatData Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Data Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Resilient Systems
 
ComResource - NW Agent Cybersecurity
ComResource - NW Agent CybersecurityComResource - NW Agent Cybersecurity
ComResource - NW Agent Cybersecurity
Anthony Dials
 
We Bought Some Tools
We Bought Some ToolsWe Bought Some Tools
We Bought Some Tools
Jim Bowker, CISSP
 
Effective Vulnerability Management
Effective Vulnerability ManagementEffective Vulnerability Management
Effective Vulnerability Management
Vicky Ames
 
Patch and Vulnerability Management
Patch and Vulnerability ManagementPatch and Vulnerability Management
Patch and Vulnerability Management
Marcelo Martins
 
Web Application Security Vulnerability Management Framework
Web Application Security Vulnerability Management FrameworkWeb Application Security Vulnerability Management Framework
Web Application Security Vulnerability Management Framework
jpubal
 
Growing Pains for Human Resources
Growing Pains for Human ResourcesGrowing Pains for Human Resources
Growing Pains for Human Resources
Human Capital Media
 
CISO's first 100 days
CISO's first 100 daysCISO's first 100 days
CISO's first 100 days
MichaelSadeghiPhDABD
 
By Popular Demand: Co3's Latest and Greatest Features
By Popular Demand: Co3's Latest and Greatest Features By Popular Demand: Co3's Latest and Greatest Features
By Popular Demand: Co3's Latest and Greatest Features
Resilient Systems
 
Security metrics
Security metrics Security metrics
Security metrics
PRAYAGRAJ11
 
Co3's Annual Review & Predictions Webinar
Co3's Annual Review & Predictions WebinarCo3's Annual Review & Predictions Webinar
Co3's Annual Review & Predictions Webinar
Resilient Systems
 
Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)
Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)
Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)
Tripwire
 
Beyond the Scan: The Value Proposition of Vulnerability Assessment
Beyond the Scan: The Value Proposition of Vulnerability AssessmentBeyond the Scan: The Value Proposition of Vulnerability Assessment
Beyond the Scan: The Value Proposition of Vulnerability Assessment
Damon Small
 
Information Secuirty Vulnerability Management
Information Secuirty Vulnerability ManagementInformation Secuirty Vulnerability Management
Information Secuirty Vulnerability Management
tschraider
 
Software and Tear
Software and TearSoftware and Tear
Software and Tear
Josh Howell
 
You've Been Breached: How To Mitigate The Incident
You've Been Breached: How To Mitigate The IncidentYou've Been Breached: How To Mitigate The Incident
You've Been Breached: How To Mitigate The Incident
Resilient Systems
 
Enterprise incident response 2017
Enterprise incident response 2017Enterprise incident response 2017
Enterprise incident response 2017
zapp0
 
ComResource Agency Solutions
ComResource Agency SolutionsComResource Agency Solutions
ComResource Agency Solutions
Anthony Dials
 
Enterprise security incident management
Enterprise security incident managementEnterprise security incident management
Enterprise security incident management
zapp0
 
Global threat landscape
Global threat landscapeGlobal threat landscape
Global threat landscape
Jynette Reed
 
The Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 editionThe Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 edition
Stephen Cobb
 

Weitere ähnliche Inhalte

Was ist angesagt?

Why Patch Management is Still the Best First Line of Defense
Why Patch Management is Still the Best First Line of DefenseWhy Patch Management is Still the Best First Line of Defense
Why Patch Management is Still the Best First Line of Defense
Lumension
 
Data Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Data Breach Crisis Control – How to Communicate When You’re in the Hot SeatData Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Data Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Resilient Systems
 
Effective Vulnerability Management
Effective Vulnerability ManagementEffective Vulnerability Management
Effective Vulnerability Management
Vicky Ames
 
By Popular Demand: Co3's Latest and Greatest Features
By Popular Demand: Co3's Latest and Greatest Features By Popular Demand: Co3's Latest and Greatest Features
By Popular Demand: Co3's Latest and Greatest Features
Resilient Systems
 
Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)
Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)
Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)
Tripwire
 
Information Secuirty Vulnerability Management
Information Secuirty Vulnerability ManagementInformation Secuirty Vulnerability Management
Information Secuirty Vulnerability Management
tschraider
 
You've Been Breached: How To Mitigate The Incident
You've Been Breached: How To Mitigate The IncidentYou've Been Breached: How To Mitigate The Incident
You've Been Breached: How To Mitigate The Incident
Resilient Systems
 

Was ist angesagt? (20)

Why Patch Management is Still the Best First Line of Defense
Why Patch Management is Still the Best First Line of DefenseWhy Patch Management is Still the Best First Line of Defense
Why Patch Management is Still the Best First Line of Defense
 
Data Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Data Breach Crisis Control – How to Communicate When You’re in the Hot SeatData Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Data Breach Crisis Control – How to Communicate When You’re in the Hot Seat
 
ComResource - NW Agent Cybersecurity
ComResource - NW Agent CybersecurityComResource - NW Agent Cybersecurity
ComResource - NW Agent Cybersecurity
 
We Bought Some Tools
We Bought Some ToolsWe Bought Some Tools
We Bought Some Tools
 
Effective Vulnerability Management
Effective Vulnerability ManagementEffective Vulnerability Management
Effective Vulnerability Management
 
Patch and Vulnerability Management
Patch and Vulnerability ManagementPatch and Vulnerability Management
Patch and Vulnerability Management
 
Web Application Security Vulnerability Management Framework
Web Application Security Vulnerability Management FrameworkWeb Application Security Vulnerability Management Framework
Web Application Security Vulnerability Management Framework
 
Growing Pains for Human Resources
Growing Pains for Human ResourcesGrowing Pains for Human Resources
Growing Pains for Human Resources
 
CISO's first 100 days
CISO's first 100 daysCISO's first 100 days
CISO's first 100 days
 
By Popular Demand: Co3's Latest and Greatest Features
By Popular Demand: Co3's Latest and Greatest Features By Popular Demand: Co3's Latest and Greatest Features
By Popular Demand: Co3's Latest and Greatest Features
 
Security metrics
Security metrics Security metrics
Security metrics
 
Co3's Annual Review & Predictions Webinar
Co3's Annual Review & Predictions WebinarCo3's Annual Review & Predictions Webinar
Co3's Annual Review & Predictions Webinar
 
Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)
Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)
Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)
 
Beyond the Scan: The Value Proposition of Vulnerability Assessment
Beyond the Scan: The Value Proposition of Vulnerability AssessmentBeyond the Scan: The Value Proposition of Vulnerability Assessment
Beyond the Scan: The Value Proposition of Vulnerability Assessment
 
Information Secuirty Vulnerability Management
Information Secuirty Vulnerability ManagementInformation Secuirty Vulnerability Management
Information Secuirty Vulnerability Management
 
Software and Tear
Software and TearSoftware and Tear
Software and Tear
 
You've Been Breached: How To Mitigate The Incident
You've Been Breached: How To Mitigate The IncidentYou've Been Breached: How To Mitigate The Incident
You've Been Breached: How To Mitigate The Incident
 
Enterprise incident response 2017
Enterprise incident response 2017Enterprise incident response 2017
Enterprise incident response 2017
 
ComResource Agency Solutions
ComResource Agency SolutionsComResource Agency Solutions
ComResource Agency Solutions
 
Enterprise security incident management
Enterprise security incident managementEnterprise security incident management
Enterprise security incident management
 

Andere mochten auch

Cybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient DataCybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient Data
Stephen Cobb
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.Rosenquist
Matthew Rosenquist
 

Andere mochten auch (20)

Global threat landscape
Global threat landscapeGlobal threat landscape
Global threat landscape
 
The Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 editionThe Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 edition
 
Cybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient DataCybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient Data
 
Cyber security
Cyber securityCyber security
Cyber security
 
A Career in Cybersecurity
A Career in CybersecurityA Career in Cybersecurity
A Career in Cybersecurity
 
Malware is Called Malicious for a Reason: The Risks of Weaponizing Code
Malware is Called Malicious for a Reason: The Risks of Weaponizing CodeMalware is Called Malicious for a Reason: The Risks of Weaponizing Code
Malware is Called Malicious for a Reason: The Risks of Weaponizing Code
 
Using Technology and Techno-People to Improve your Threat Resistance and Cybe...
Using Technology and Techno-People to Improve your Threat Resistance and Cybe...Using Technology and Techno-People to Improve your Threat Resistance and Cybe...
Using Technology and Techno-People to Improve your Threat Resistance and Cybe...
 
Malware and the risks of weaponizing code
Malware and the risks of weaponizing codeMalware and the risks of weaponizing code
Malware and the risks of weaponizing code
 
HIPAA, Privacy, Security, and Good Business
HIPAA, Privacy, Security, and Good BusinessHIPAA, Privacy, Security, and Good Business
HIPAA, Privacy, Security, and Good Business
 
The mobile health IT security challenge: way bigger than HIPAA?
The mobile health IT security challenge: way bigger than HIPAA?The mobile health IT security challenge: way bigger than HIPAA?
The mobile health IT security challenge: way bigger than HIPAA?
 
Using Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityUsing Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber Security
 
Enjoy Safer Technology and Defeat Cyber Criminals
Enjoy Safer Technology and Defeat Cyber CriminalsEnjoy Safer Technology and Defeat Cyber Criminals
Enjoy Safer Technology and Defeat Cyber Criminals
 
Cybersecurity for the non-technical
Cybersecurity for the non-technicalCybersecurity for the non-technical
Cybersecurity for the non-technical
 
2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security
 
NCSAM = Cyber Security Awareness Month: Trends and Resources
NCSAM = Cyber Security Awareness Month: Trends and ResourcesNCSAM = Cyber Security Awareness Month: Trends and Resources
NCSAM = Cyber Security Awareness Month: Trends and Resources
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.Rosenquist
 
Skills For Career In Security
Skills For Career In SecuritySkills For Career In Security
Skills For Career In Security
 
Navigating Your Career in Cyber Security - Steve Santini & Drew Fearson
Navigating Your Career in Cyber Security - Steve Santini & Drew FearsonNavigating Your Career in Cyber Security - Steve Santini & Drew Fearson
Navigating Your Career in Cyber Security - Steve Santini & Drew Fearson
 
Cyber Security Career Advice
Cyber Security Career AdviceCyber Security Career Advice
Cyber Security Career Advice
 
Operation Buhtrap - AVAR 2015
Operation Buhtrap - AVAR 2015Operation Buhtrap - AVAR 2015
Operation Buhtrap - AVAR 2015
 

Ähnlich wie Getting Started with Business Continuity

Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
Intergen
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
Empired
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
PECB
 
NARCA Presentation - IT Best Practice
NARCA Presentation - IT Best PracticeNARCA Presentation - IT Best Practice
NARCA Presentation - IT Best Practice
Brenda Majewski
 
Breached! App Attacks, Application Protection and Incident Response
Breached! App Attacks, Application Protection and Incident ResponseBreached! App Attacks, Application Protection and Incident Response
Breached! App Attacks, Application Protection and Incident Response
Resilient Systems
 
Business Continuity, Disaster Recovery Planning & Leadership, 16 - 19 Februar...
Business Continuity, Disaster Recovery Planning & Leadership, 16 - 19 Februar...Business Continuity, Disaster Recovery Planning & Leadership, 16 - 19 Februar...
Business Continuity, Disaster Recovery Planning & Leadership, 16 - 19 Februar...
360 BSI
 
5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response Plan5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response Plan
Resilient Systems
 

Ähnlich wie Getting Started with Business Continuity (20)

Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
Jack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security MetricsJack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security Metrics
 
Information Security Metrics - Practical Security Metrics
Information Security Metrics - Practical Security MetricsInformation Security Metrics - Practical Security Metrics
Information Security Metrics - Practical Security Metrics
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
3 focus areas for any organisation's IT & Security department
3 focus areas for any organisation's IT & Security department 3 focus areas for any organisation's IT & Security department
3 focus areas for any organisation's IT & Security department
 
Cyber Security and Business Continuity an Integrated Discipline
Cyber Security and Business Continuity an Integrated DisciplineCyber Security and Business Continuity an Integrated Discipline
Cyber Security and Business Continuity an Integrated Discipline
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
 
Incident response
Incident responseIncident response
Incident response
 
Operation: Next Summit Takeaways
Operation: Next Summit TakeawaysOperation: Next Summit Takeaways
Operation: Next Summit Takeaways
 
Executive Perspective Building an OT Security Program from the Top Down
Executive Perspective Building an OT Security Program from the Top DownExecutive Perspective Building an OT Security Program from the Top Down
Executive Perspective Building an OT Security Program from the Top Down
 
Backups and Disaster Recovery for Nonprofits
Backups and Disaster Recovery for NonprofitsBackups and Disaster Recovery for Nonprofits
Backups and Disaster Recovery for Nonprofits
 
Agile Development And Medtech
Agile Development And MedtechAgile Development And Medtech
Agile Development And Medtech
 
NARCA Presentation - IT Best Practice
NARCA Presentation - IT Best PracticeNARCA Presentation - IT Best Practice
NARCA Presentation - IT Best Practice
 
Breached! App Attacks, Application Protection and Incident Response
Breached! App Attacks, Application Protection and Incident ResponseBreached! App Attacks, Application Protection and Incident Response
Breached! App Attacks, Application Protection and Incident Response
 
Business Continuity, Disaster Recovery Planning & Leadership, 16 - 19 Februar...
Business Continuity, Disaster Recovery Planning & Leadership, 16 - 19 Februar...Business Continuity, Disaster Recovery Planning & Leadership, 16 - 19 Februar...
Business Continuity, Disaster Recovery Planning & Leadership, 16 - 19 Februar...
 
5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response Plan5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response Plan
 
Information Security Awareness
Information Security Awareness Information Security Awareness
Information Security Awareness
 
Endpoint Security & Why It Matters!
Endpoint Security & Why It Matters!Endpoint Security & Why It Matters!
Endpoint Security & Why It Matters!
 
Webinar - 8 ways to align IT to your business
Webinar - 8 ways to align IT to your businessWebinar - 8 ways to align IT to your business
Webinar - 8 ways to align IT to your business
 
IT Risk assessment and Audit Planning
IT Risk assessment and Audit PlanningIT Risk assessment and Audit Planning
IT Risk assessment and Audit Planning
 

Mehr von Stephen Cobb

Mehr von Stephen Cobb (12)

Cybercrime-as-health-crisis-shared.pptx
Cybercrime-as-health-crisis-shared.pptxCybercrime-as-health-crisis-shared.pptx
Cybercrime-as-health-crisis-shared.pptx
 
Cybersecurity Risk Perception and Communication
Cybersecurity Risk Perception and CommunicationCybersecurity Risk Perception and Communication
Cybersecurity Risk Perception and Communication
 
What Makes a Good CISO
What Makes a Good CISOWhat Makes a Good CISO
What Makes a Good CISO
 
Sizing the Cyber Skills Gap
Sizing the Cyber Skills GapSizing the Cyber Skills Gap
Sizing the Cyber Skills Gap
 
Security and Wearables: Success starts with security
Security and Wearables: Success starts with securitySecurity and Wearables: Success starts with security
Security and Wearables: Success starts with security
 
The Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityThe Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise Security
 
How to assess and manage cyber risk
How to assess and manage cyber riskHow to assess and manage cyber risk
How to assess and manage cyber risk
 
The Evolution of Cybercrime
The Evolution of CybercrimeThe Evolution of Cybercrime
The Evolution of Cybercrime
 
Safer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseSafer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and Response
 
Endpoint and Server: The belt and braces anti-malware strategy
Endpoint and Server: The belt and braces anti-malware strategyEndpoint and Server: The belt and braces anti-malware strategy
Endpoint and Server: The belt and braces anti-malware strategy
 
Cyberskills shortage: Where is the cyber workforce of tomorrow
Cyberskills shortage: Where is the cyber workforce of tomorrowCyberskills shortage: Where is the cyber workforce of tomorrow
Cyberskills shortage: Where is the cyber workforce of tomorrow
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
 

Kürzlich hochgeladen

Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
uneakwhite
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
amitlee9823
 
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service NoidaCall Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
dlhescort
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
lizamodels9
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
daisycvs
 
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai KuwaitThe Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
daisycvs
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Dipal Arora
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
dollysharma2066
 
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLJAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
kapoorjyoti4444
 
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
lizamodels9
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
rajveerescorts2022
 
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Sheetaleventcompany
 

Kürzlich hochgeladen (20)

Cheap Rate Call Girls In Noida Sector 62 Metro 959961乂3876
Cheap Rate Call Girls In Noida Sector 62 Metro 959961乂3876Cheap Rate Call Girls In Noida Sector 62 Metro 959961乂3876
Cheap Rate Call Girls In Noida Sector 62 Metro 959961乂3876
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
 
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsSEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Century
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
 
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service NoidaCall Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
 
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
 
Organizational Transformation Lead with Culture
Organizational Transformation Lead with CultureOrganizational Transformation Lead with Culture
Organizational Transformation Lead with Culture
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
 
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai KuwaitThe Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
 
Falcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investors
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
 
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLJAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
 
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
 
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
 
Falcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in indiaFalcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in india
 

Getting Started with Business Continuity

  • 1. Getting Started with Business Continuity Stephen Cobb, CISSP Security Researcher, ESET NA
  • 2. What’s on the agenda? • How can your organization survive disruptive incidents? – Everything from natural disasters to hacking attacks • You need a business continuity plan
  • 3. What’s the problem? • Power goes out • Internet connection goes down • Your office floods • Toxic gas cloud forces evacuation • Hackers get into your web server • Hopefully not all at once
  • 4. Business Continuity Management • Your organization needs the ability: – “to continue to deliver its products and services at acceptable predefined levels after disruptive incidents have occurred” • This is BCM, as defined by ISO 22301
  • 5. Not all organizations survive • Some go out of business IF they are hit with a disaster for which they have not adequately prepared • Often cited statistic: 1 in 4 fail • Fortunately, the path to proper disaster preparedness is well-documented (see Attachments)
  • 6. Question #1 Does your organization have a business continuity plan?  Yes  No  I’m not sure  I don’t work for an organization
  • 7. What sort of disruptive incidents? • Fire • Flood • Earthquake • Tsunami • Tornado • Hurricane • Blizzard • Volcanic eruption creating a giant ash cloud that grounds aircraft
  • 8. Incidents and accidents • Technical – Unscheduled IT outage – Communications outage – Malware infection • Human – Scandal, fraud and terrorism – Transportation accidents – Social media storm
  • 9. What’s the biggest threat? 53% 56% 57% 73% 73% 77% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% Security incident Utility supply interuption Adverse weather Data breach Cyber attack Unplanned ITC outages Business Continuity Institute’s Horizon Scan, 2014, based on interviews with 600+ BCM professionals around the world
  • 10. What is BCM Step 1? • Identify and rank threats – List potentially disruptive incidents most likely to affect your business • Don’t use someone else’s list – Threats vary according to location
  • 11. Practical strategy • Brainstorm with representatives from all departments • Generate company and location specific list of disaster scenarios – Ranked by probability of occurrence and potential for negative impact – Consider regional variations, some threats location-specific
  • 12. BCM Step 2: Business Impact Analysis • Which business functions are most critical to its survival? • Requires knowledge, or discovery, of all parts of the organization • Multi-department team effort • There are templates for this
  • 13. Practical technique: BIA • Detail the functions, processes, personnel, places and systems that are critical to the functioning of your organization • BCM project leader interviews employees in each department • Resulting table lists functions and key person(s) and alternate(s)
  • 14. Practical technique: BIA • Determine number of Survival Days for each function • How long before lack of that function causes serious impact? • Rank the impact of that function not being available
  • 15. The Miora technique • Use an Impact scale of 1 to 4 • Where 1 = critical operational impact or fiscal loss, and 4 = no short tern impacts • Multiply Impact x Survival Days • Reveals criticality of functions • Most critical? Functions where Impact = 1 and Survival Days = 1
  • 16. Question #2 When was the last time your organization tested its disaster/recovery/continuity plan?  2014  2013  Before 2013  We don’t have a plan  I don’t work for an organization
  • 17. BCM Step 3 • The Response and Recovery Plan • Catalog key data about the assets required to restore critical functions – IT systems, facilities, personnel, suppliers, partners, customers, law enforcement, emergency services • Plan must cover HR, IT, PR, asset management, accounting, facilities
  • 18. Practical technique: The Plan • Record asset serial numbers, licensing agreements, leases, warranties, contact details • Determine “who to call” for each category of incident • Create a calling tree so the right calls get made, in the right order
  • 19. Practical technique: IT • Document arrangements you have in place for transitioning to temp locations and IT facilities • Document backups and archives • Consider using cloud-based IT for some functions
  • 20. Practical technique: PR controls • You need a “who can say what” list to control interaction with the media during an incident • Train all employees on this • Consider a “CEO-only” rule • Don’t overlook social media
  • 21. Practical technique: People • Document an “all-hands” notification process • Design and document customer advisory criteria and procedures
  • 22. Practical technique: Steps • Steps to recover key operations should be laid out in a sequence that accounts for functional inter-dependencies. • Get plan approved • Train managers and their reports on the plan details relevant to each location and department
  • 23. BCM Step 4: Test and Refine • Experts recommend testing your plan at least once a year • Use exercises, walk-throughs, simulations • With testing you get the most out of your investment in creating the plan
  • 24. Practical strategy • Testing enables you to find gaps and account for changes in the business and threats over time • Tests can also impress management
  • 25. Yes, BCM is hard work • But what’s the alternative? • Ignore at your peril • Too daunting to undertake on a company-wide basis? • Begin with a few departments, or one office if you have several • Everything you learn in the process can then be applied more broadly
  • 26. There is some help for SMBs • OFB-EZ: Disaster Protection and Recovery Planning Toolkit for the Small to Mid-Sized Business – disastersafety.org/open-for-business • Very helpful, and free
  • 27. What threats are on the rise? • Emerging trends or uncertainties “on the radar” in terms of business continuity implications: – Malicious Internet attacks (73%) – Influence of social media (63%) – New regulations and increased regulatory scrutiny (55%) • 2014 BCI Horizon Scan
  • 28. Also rising (45-50%) • High adoption of Internet-dependent services • Emergence of a global pandemic • Increasing supply chain complexity
  • 29. Areas of rising concern
  • 30. BCM Resources • We Live Security article • Resource list with links • eset.com/bcm • Attachments • Consider: – BCI membership • Subscribe: – Disaster Recovery Journal
  • 31. Thank you! • stephen.cobb@eset.com • www.eset.com • WeLiveSecurity.com • eset.com/bcm
  • 32. Polling Question: I would like access to the following:  Request access to the Passmark Competitive Analysis Report  Request a custom business trial  Subscribe to ESET’s global threat report  All of the above  None of the above