Your SlideShare is downloading. ×
RSA Cybersecurity conference 2014
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

RSA Cybersecurity conference 2014

276
views

Published on

Surviving a Security Firestorm: tales from those who've lived through it

Surviving a Security Firestorm: tales from those who've lived through it

Published in: Business

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
276
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Surviving A Security Firestorm: Tales From Those Who've Lived Through It SESSION ID: CISO-W03 Moderator: Ronald Woerner Director, Cybersecurity Studies, Bellevue University @ronw123 Panelists: Bill Downes Kostas Georgakopoulos CISO & VP CTO Engineering The Hartford Financial Services Group US Regional Manager Security IT UBS Roland Cloutier Rocco Grillo Chief Security Officer Automatic Data Processing, Inc. Managing Director Global Leader, Incident Response and Forensics Investigations Protiviti, Inc.
  • 2. Surviving A Security Firestorm – Session Overview Hearing from those who have lived through it #RSAC 2
  • 3. Surviving A Security Firestorm  You think you’ve been breached.  How do you know for sure?   So you think that you’ve been hacked? Now what? What’s your process for handing a real or potential breach?  Documented or undocumented?  Formal or informal?  Reaction or response?  How Current is Your Incident Response Plan?  What's your plan ? How do you know? #RSAC 3
  • 4. Surviving A Security Firestorm  To pull the plug or not pull the plug, that is the question…  Know what you don’t know before you contain  Gathering threat intelligence to understand attack vectors  Once We Find It, Now What?  When is it over? When Can We Go Back to Normal?  Lessons Learned #RSAC 4
  • 5. Surviving A Security Firestorm  How do you manage the different groups involved?  External & Internal Communications  Who are the key stakeholders to involve  When to Discloses Publicly  How do you escalate?  Parallel activities  Stress One of the leading Social Media platform announced late February 2013 that it had been breached and that data for 250,000 users was vulnerable 5 #RSAC
  • 6. Surviving A Security Firestorm  Who do you contact?  Internal  External  Legal,  Outside Counsel  Executive Management,   PR & Crisis Management IR Handlers &Forensics Investigators  IT,  Private investigators,  Security  Law enforcement,  End User Awareness  Vendors,  Customers #RSAC 6
  • 7. Surviving A Security Firestorm  Tools & Technologies    Detection Response Logging & Auditing    Proactive – SOC monitoring Reactive Forensics #RSAC 7
  • 8. Surviving A Security Firestorm  Are breaches inevitable?  Not a matter of if, but when?  If we can’t stop them, what can we do?  What advice do you have for a new CISO / Security Manager? STOP Data Breaches #RSAC 8
  • 9. Surviving A Security Firestorm Session Take-Aways     “Be Prepared” Know how to fail “Who ya gonna call?” Learn from it #RSAC 9