SlideShare a Scribd company logo

Cyber Crisis Management - Kloudlearn

Download as PPTX, PDF
KloudLearn
KloudLearn

Cyber crisis management refers to the plan that includes steps to recover IT Services from an emergency disruption. It is crucial to have a cyber crisis management plan to minimize the impact of incidents while quickly restoring security, operations, and credibility.

Software
1 of 24
Online course offering Cyber Crisis Management “In a crisis, don’t hide behind anything or anybody. They’re going to find you anyway.” - Bear Bryant © KloudLearn www.kloudlearn.com
Learning Objectives © KloudLearn www.kloudlearn.com 2 What is Crisis Common features of Crisis How do you prepare for a cyber attack Crisis Management Lifecycle Preparing for a cyber security crisis Do’s and Don’t
What is Crisis? © KloudLearn www.kloudlearn.com 3 We should start by defining what a cyber security crisis is. Typically, it might be confused with an incident response plan and although they are definitely different, the way we manage the incident response process might end up in a serious crisis. In the case of a crisis, we are facing a situation that might seriously impact the organization, its reputation, financial stability and even its viability as a business. An incident response plan refers to a methodology to cope with day-to-day cyber security events, like virus infections, malwares, DDoS and phishing attacks etc…
● The situation materializes unexpectedly. ● Decisions are required urgently. ● Time is short. ● Urgent demands for information are received. ● There is sense of loss of control. ● Pressures build over time. ● Specific threats are identified Common Features of Crisis © KloudLearn www.kloudlearn.com 4
How do You Prepare for a Cyber Attack? © KloudLearn www.kloudlearn.com 5 ● Readiness: Readiness equates not only to vigilance, for example in the form of 24/7 Monitoring, but also to readiness of resources. ● Response: Management’s response can either contain or escalate an incident; indeed, a poor response can even create a crisis. ● Recovery: Steps to return to normal operations and limit damage to the organization and its stakeholders continue after the incident or crisis. ● Risk = Threat x Vulnerability x Consequence
Crisis Management Lifecycle © KloudLearn www.kloudlearn.com 6
● Involve Your Executive Leadership Team Preparing for a Cyber Security Crisis © KloudLearn www.kloudlearn.com 7 ■ This includes the C-suite, i.e CEO, COO, CFO, CIO, CCO ■ This includes business unit leaders, i.e EVPs, SVPs ■ This includes representatives or delegates from legal, HR, Corporate Communications and Marketing ■ These leaders and representatives must be familiar with their role and responsibilities during a crisis
● Create a cyber security crisis management plan ■ Structure of the crisis management team ■ Responsibility matrix with names of the specific individuals ■ Threat matrix with severity levels and associated response protocols ■ Communication templates for customers, business partners, media and external agencies Preparing for a Cyber Security Crisis © KloudLearn www.kloudlearn.com 8
● Conduct breach simulations ■ Breach simulation is a tabletop exercise in your boardroom ■ All the key executives need to participate ■ A hypothetical breach scenario is created and the participants are asked to respond ■ Guidance is provided by the moderators ■ The executive team becomes familiar with the process and the sources of information Preparing for a Cyber Security Crisis © KloudLearn www.kloudlearn.com 9
● Engage a third party ■ Breach can stay undetected for years but once they are detected there is extreme urgency to investigate ■ Finding the right forensics partner can be a challenge ■ Companies have no choice but to rush into a contract often overlooking critical provisions ■ Social engineering uses which aspects of human nature includes, Trust manipulation, Desire to be helpful, Lack of understanding ■ Legal and compliance teams need to be involved in the review of all contractual language. Preparing for a Cyber Security Crisis © KloudLearn www.kloudlearn.com 10
Do’s of Crisis Management ● Call the board and management teams together immediately to plan a response. ● Take advantage of the board’s diversity and hear all perspectives on the situation. ● Be aware that reputation is a driver of market value. ● Make a statement when experiencing more than one crisis at a time or in close succession. ● Monitor your company’s financial ratings after a crisis. Don’ts of Crisis Management ● Don’t ignore the situation. If the choice is to remain silent, continue to monitor it. ● Don’t overlook the speed of social media and how it can be a negative or a positive force. ● Don’t make excuses for poor choices in behavior. ● Don’t underestimate how interconnected systems are. Do’s and Don’ts © KloudLearn www.kloudlearn.com 11
● Data breaches are inevitable. therefore, an organization MUST be prepared to handle one. ● The information security team MUST take the lead in building and socializing a crisis management program. ● The information security team MUST build partnerships with legal, compliance, corporate communication and privacy terms of the company. ● A detailed crisis management plan MUST be created and maintained. ● Periodic simulations MUST be conducted. ● The executives of the company MUST be educated and must fully understand their roles and responsibilities. Key Takeaways © KloudLearn www.kloudlearn.com 12
Test your knowledge! Quiz Quiz
Proactive phase Strategic phase Recovery phase Reactive phase © KloudLearn www.kloudlearn.com In four phases of the Conflict Management Life Cycle. In which phase would an organization’s crisis management plan be implemented? 14
The impact of a given risk The likelihood of a risk © KloudLearn www.kloudlearn.com “Loss of data availability” helps determine which of the following: 15
© KloudLearn www.kloudlearn.com Business, cost, technology, and process should be the main focus while planning Software risk impact assessment. 16 True False
Everyone in the organization. the CIO or CISO executive. A specialized cyber security defense team. © KloudLearn www.kloudlearn.com Cyber security protection of an organization is the responsibility of: 17
© KloudLearn www.kloudlearn.com Risk = Likelihood x Weakness. True or False? 18 True False
Trust manipulation Desire to be helpful Lack of understanding All of the above © KloudLearn www.kloudlearn.com Social engineering uses which aspects of human nature? 19
© KloudLearn www.kloudlearn.com Identification of risk domains and risk exposure are done in the Analysis of Security Risk. 20 True False
Detective Corrective Preventative Deterrent © KloudLearn www.kloudlearn.com Redundant computer servers would be an example of which type of security measure? 21
Cross-site scripting Buffer overflow. SQL injection. System shutdown. © KloudLearn www.kloudlearn.com To avoid ________ , user input should not be put directly into a database. 22
The likelihood of a threat happening The vulnerability of the organization to the threat The cost to mitigate or recover from the threat The duration of the threat event © KloudLearn www.kloudlearn.com Which of the following is not considered a factor in determining cyber risk? 23
Thank You © KloudLearn www.kloudlearn.com 24 KloudLearn, Inc. is headquartered in Silicon Valley, California. Our mission is to help enterprises provide an engaging and impactful learning experience that improves business performance. We provide the industry’s most modern LMS (Learning Management System). For more information visit us at www.kloudlearn.com or reach out to us at info@kloudlearn.com

Recommended

Cybersecurity crisis management a prep guide
Cybersecurity crisis management a prep guideCybersecurity crisis management a prep guide
Cybersecurity crisis management a prep guideJoAnna Cheshire
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesCybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesSlideTeam
 
NIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterNIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterTuan Phan
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation centerMuhammad Sahputra
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationMcKonly & Asbury, LLP
 
Crisis Management Techniques for Cyber Attacks
Crisis Management Techniques for Cyber AttacksCrisis Management Techniques for Cyber Attacks
Crisis Management Techniques for Cyber AttacksPECB
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023PECB
 

Recommended

Cybersecurity crisis management a prep guide
Cybersecurity crisis management a prep guideCybersecurity crisis management a prep guide
Cybersecurity crisis management a prep guideJoAnna Cheshire
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesCybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesSlideTeam
 
NIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterNIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterTuan Phan
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation centerMuhammad Sahputra
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationMcKonly & Asbury, LLP
 
Crisis Management Techniques for Cyber Attacks
Crisis Management Techniques for Cyber AttacksCrisis Management Techniques for Cyber Attacks
Crisis Management Techniques for Cyber AttacksPECB
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023PECB
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingWilliam Mann
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)Ahmed Ayman
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfJustinBrown267905
 
NIST Cyber Security Framework V1.1 - Infogram Poster
NIST Cyber Security Framework V1.1 - Infogram PosterNIST Cyber Security Framework V1.1 - Infogram Poster
NIST Cyber Security Framework V1.1 - Infogram PosterMark Stafford
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesKrist Davood - Principal - CIO
 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingPriyanka Aash
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness TrainingJen Ruhman
 
Cyber Security Incident Response Planning
Cyber Security Incident Response PlanningCyber Security Incident Response Planning
Cyber Security Incident Response PlanningPECB
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
 
Cyber Security Maturity Assessment
Cyber Security Maturity Assessment Cyber Security Maturity Assessment
Cyber Security Maturity AssessmentDoreen Loeber
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness ProgramBill Gardner
 
Employee Security Awareness Program
Employee Security Awareness ProgramEmployee Security Awareness Program
Employee Security Awareness Programdavidcurriecia
 
Application Security
Application SecurityApplication Security
Application SecurityReggie Niccolo Santos
 
Cybersecurity & Project Management
Cybersecurity & Project ManagementCybersecurity & Project Management
Cybersecurity & Project ManagementFernando Montenegro
 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingCrowdStrike
 
How To Present Cyber Security To Senior Management Complete Deck
How To Present Cyber Security To Senior Management Complete DeckHow To Present Cyber Security To Senior Management Complete Deck
How To Present Cyber Security To Senior Management Complete DeckSlideTeam
 
Threat Hunting
Threat HuntingThreat Hunting
Threat HuntingSplunk
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingDmitriy Scherbina
 
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera... SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...AlienVault
 
NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 Erick Kish, U.S. Commercial Service
 
Incident Response with LDM Global_ A Comprehensive Approach to Handling Crisi...
Incident Response with LDM Global_ A Comprehensive Approach to Handling Crisi...Incident Response with LDM Global_ A Comprehensive Approach to Handling Crisi...
Incident Response with LDM Global_ A Comprehensive Approach to Handling Crisi...LDM Global
 
Contingency Plan WAK BANKS ATM
Contingency Plan WAK BANKS ATMContingency Plan WAK BANKS ATM
Contingency Plan WAK BANKS ATMWajahat Ali Khan
 

More Related Content

What's hot

Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingWilliam Mann
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)Ahmed Ayman
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfJustinBrown267905
 
NIST Cyber Security Framework V1.1 - Infogram Poster
NIST Cyber Security Framework V1.1 - Infogram PosterNIST Cyber Security Framework V1.1 - Infogram Poster
NIST Cyber Security Framework V1.1 - Infogram PosterMark Stafford
 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingPriyanka Aash
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness TrainingJen Ruhman
 
Cyber Security Incident Response Planning
Cyber Security Incident Response PlanningCyber Security Incident Response Planning
Cyber Security Incident Response PlanningPECB
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
 
Cyber Security Maturity Assessment
Cyber Security Maturity Assessment Cyber Security Maturity Assessment
Cyber Security Maturity AssessmentDoreen Loeber
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness ProgramBill Gardner
 
Employee Security Awareness Program
Employee Security Awareness ProgramEmployee Security Awareness Program
Employee Security Awareness Programdavidcurriecia
 
Cybersecurity & Project Management
Cybersecurity & Project ManagementCybersecurity & Project Management
Cybersecurity & Project ManagementFernando Montenegro
 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingCrowdStrike
 
How To Present Cyber Security To Senior Management Complete Deck
How To Present Cyber Security To Senior Management Complete DeckHow To Present Cyber Security To Senior Management Complete Deck
How To Present Cyber Security To Senior Management Complete DeckSlideTeam
 
Threat Hunting
Threat HuntingThreat Hunting
Threat HuntingSplunk
 
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera... SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...AlienVault
 

What's hot (20)

Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
 
NIST Cyber Security Framework V1.1 - Infogram Poster
NIST Cyber Security Framework V1.1 - Infogram PosterNIST Cyber Security Framework V1.1 - Infogram Poster
NIST Cyber Security Framework V1.1 - Infogram Poster
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat Modelling
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
 
Cyber Security Incident Response Planning
Cyber Security Incident Response PlanningCyber Security Incident Response Planning
Cyber Security Incident Response Planning
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security Framework
 
Cyber Security Maturity Assessment
Cyber Security Maturity Assessment Cyber Security Maturity Assessment
Cyber Security Maturity Assessment
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness Program
 
Employee Security Awareness Program
Employee Security Awareness ProgramEmployee Security Awareness Program
Employee Security Awareness Program
 
Application Security
Application SecurityApplication Security
Application Security
 
Cybersecurity & Project Management
Cybersecurity & Project ManagementCybersecurity & Project Management
Cybersecurity & Project Management
 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
 
How To Present Cyber Security To Senior Management Complete Deck
How To Present Cyber Security To Senior Management Complete DeckHow To Present Cyber Security To Senior Management Complete Deck
How To Present Cyber Security To Senior Management Complete Deck
 
Threat Hunting
Threat HuntingThreat Hunting
Threat Hunting
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera... SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...
 
NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101
 

Similar to Cyber Crisis Management - Kloudlearn

Incident Response with LDM Global_ A Comprehensive Approach to Handling Crisi...
Incident Response with LDM Global_ A Comprehensive Approach to Handling Crisi...Incident Response with LDM Global_ A Comprehensive Approach to Handling Crisi...
Incident Response with LDM Global_ A Comprehensive Approach to Handling Crisi...LDM Global
 
Contingency Plan WAK BANKS ATM
Contingency Plan WAK BANKS ATMContingency Plan WAK BANKS ATM
Contingency Plan WAK BANKS ATMWajahat Ali Khan
 
How To Integrate Business Risk & IT Risk
How To Integrate Business Risk & IT Risk How To Integrate Business Risk & IT Risk
How To Integrate Business Risk & IT Risk SureCloud
 
1. After a cyber attack, the organizational decision making and re.docx
1. After a cyber attack, the organizational decision making and re.docx1. After a cyber attack, the organizational decision making and re.docx
1. After a cyber attack, the organizational decision making and re.docxjackiewalcutt
 
Cyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - ErykCyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - ErykEryk Budi Pratama
 
Risk monitoring and response
Risk monitoring and responseRisk monitoring and response
Risk monitoring and responseZyrellLalaguna
 
Misconceptions of Business Continuity Planning
Misconceptions of Business Continuity PlanningMisconceptions of Business Continuity Planning
Misconceptions of Business Continuity PlanningSymptai Consulting Limited
 
Impact of Changing World Politics in Managing Risk
Impact of Changing World Politics in Managing RiskImpact of Changing World Politics in Managing Risk
Impact of Changing World Politics in Managing RiskPECB
 
Enhancing Data Security_ The Crucial Role of Incident Response in the Modern ...
Enhancing Data Security_ The Crucial Role of Incident Response in the Modern ...Enhancing Data Security_ The Crucial Role of Incident Response in the Modern ...
Enhancing Data Security_ The Crucial Role of Incident Response in the Modern ...LDM Global
 
Crisis And Risk
Crisis And RiskCrisis And Risk
Crisis And Riskkktv
 
Employee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - KloudlearnEmployee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - KloudlearnKloudLearn
 
_Navigating Incident Response_ A Closer Look at LDM Global's Approach in the ...
_Navigating Incident Response_ A Closer Look at LDM Global's Approach in the ..._Navigating Incident Response_ A Closer Look at LDM Global's Approach in the ...
_Navigating Incident Response_ A Closer Look at LDM Global's Approach in the ...LDM Global
 
Cyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsCyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsWynyard Group
 

Similar to Cyber Crisis Management - Kloudlearn (20)

Incident Response with LDM Global_ A Comprehensive Approach to Handling Crisi...
Incident Response with LDM Global_ A Comprehensive Approach to Handling Crisi...Incident Response with LDM Global_ A Comprehensive Approach to Handling Crisi...
Incident Response with LDM Global_ A Comprehensive Approach to Handling Crisi...
 
Contingency Plan WAK BANKS ATM
Contingency Plan WAK BANKS ATMContingency Plan WAK BANKS ATM
Contingency Plan WAK BANKS ATM
 
Risk Check Survey
Risk Check SurveyRisk Check Survey
Risk Check Survey
 
Crisis management
Crisis managementCrisis management
Crisis management
 
disaster-recovery-online
disaster-recovery-onlinedisaster-recovery-online
disaster-recovery-online
 
How To Integrate Business Risk & IT Risk
How To Integrate Business Risk & IT Risk How To Integrate Business Risk & IT Risk
How To Integrate Business Risk & IT Risk
 
1. After a cyber attack, the organizational decision making and re.docx
1. After a cyber attack, the organizational decision making and re.docx1. After a cyber attack, the organizational decision making and re.docx
1. After a cyber attack, the organizational decision making and re.docx
 
Crisis Management.pptx
Crisis Management.pptxCrisis Management.pptx
Crisis Management.pptx
 
Cyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - ErykCyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - Eryk
 
Risk monitoring and response
Risk monitoring and responseRisk monitoring and response
Risk monitoring and response
 
Managing Reputation
Managing ReputationManaging Reputation
Managing Reputation
 
Risk management
Risk managementRisk management
Risk management
 
Misconceptions of Business Continuity Planning
Misconceptions of Business Continuity PlanningMisconceptions of Business Continuity Planning
Misconceptions of Business Continuity Planning
 
Impact of Changing World Politics in Managing Risk
Impact of Changing World Politics in Managing RiskImpact of Changing World Politics in Managing Risk
Impact of Changing World Politics in Managing Risk
 
Enhancing Data Security_ The Crucial Role of Incident Response in the Modern ...
Enhancing Data Security_ The Crucial Role of Incident Response in the Modern ...Enhancing Data Security_ The Crucial Role of Incident Response in the Modern ...
Enhancing Data Security_ The Crucial Role of Incident Response in the Modern ...
 
Wisegate_GeekSpeak_LG
Wisegate_GeekSpeak_LGWisegate_GeekSpeak_LG
Wisegate_GeekSpeak_LG
 
Crisis And Risk
Crisis And RiskCrisis And Risk
Crisis And Risk
 
Employee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - KloudlearnEmployee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - Kloudlearn
 
_Navigating Incident Response_ A Closer Look at LDM Global's Approach in the ...
_Navigating Incident Response_ A Closer Look at LDM Global's Approach in the ..._Navigating Incident Response_ A Closer Look at LDM Global's Approach in the ...
_Navigating Incident Response_ A Closer Look at LDM Global's Approach in the ...
 
Cyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsCyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teams
 

More from KloudLearn

Service Organizational Control (SOC 2) Compliance - Kloudlearn
Service Organizational Control (SOC 2) Compliance - KloudlearnService Organizational Control (SOC 2) Compliance - Kloudlearn
Service Organizational Control (SOC 2) Compliance - KloudlearnKloudLearn
 
What is Phishing - Kloudlearn
What is Phishing - KloudlearnWhat is Phishing - Kloudlearn
What is Phishing - KloudlearnKloudLearn
 
What is a Malware - Kloudlearn
What is a Malware - KloudlearnWhat is a Malware - Kloudlearn
What is a Malware - KloudlearnKloudLearn
 
Health Insurance Portability and Accountability Act (HIPPA) - Kloudlearn
Health Insurance Portability and Accountability Act (HIPPA) - KloudlearnHealth Insurance Portability and Accountability Act (HIPPA) - Kloudlearn
Health Insurance Portability and Accountability Act (HIPPA) - KloudlearnKloudLearn
 
Cloud Security - Kloudlearn
Cloud Security - KloudlearnCloud Security - Kloudlearn
Cloud Security - KloudlearnKloudLearn
 
California Consumer Privacy Act (CCPA) - Kloudlearn
California Consumer Privacy Act (CCPA) - KloudlearnCalifornia Consumer Privacy Act (CCPA) - Kloudlearn
California Consumer Privacy Act (CCPA) - KloudlearnKloudLearn
 
KloudLearn LMS | E-learning Platform
KloudLearn LMS | E-learning Platform KloudLearn LMS | E-learning Platform
KloudLearn LMS | E-learning Platform KloudLearn
 

More from KloudLearn (7)

Service Organizational Control (SOC 2) Compliance - Kloudlearn
Service Organizational Control (SOC 2) Compliance - KloudlearnService Organizational Control (SOC 2) Compliance - Kloudlearn
Service Organizational Control (SOC 2) Compliance - Kloudlearn
 
What is Phishing - Kloudlearn
What is Phishing - KloudlearnWhat is Phishing - Kloudlearn
What is Phishing - Kloudlearn
 
What is a Malware - Kloudlearn
What is a Malware - KloudlearnWhat is a Malware - Kloudlearn
What is a Malware - Kloudlearn
 
Health Insurance Portability and Accountability Act (HIPPA) - Kloudlearn
Health Insurance Portability and Accountability Act (HIPPA) - KloudlearnHealth Insurance Portability and Accountability Act (HIPPA) - Kloudlearn
Health Insurance Portability and Accountability Act (HIPPA) - Kloudlearn
 
Cloud Security - Kloudlearn
Cloud Security - KloudlearnCloud Security - Kloudlearn
Cloud Security - Kloudlearn
 
California Consumer Privacy Act (CCPA) - Kloudlearn
California Consumer Privacy Act (CCPA) - KloudlearnCalifornia Consumer Privacy Act (CCPA) - Kloudlearn
California Consumer Privacy Act (CCPA) - Kloudlearn
 
KloudLearn LMS | E-learning Platform
KloudLearn LMS | E-learning Platform KloudLearn LMS | E-learning Platform
KloudLearn LMS | E-learning Platform
 

Recently uploaded

Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationkaushalgiri8080
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsJheuzeDellosa
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 

Recently uploaded (20)

Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 

Cyber Crisis Management - Kloudlearn

  • 1. Online course offering Cyber Crisis Management “In a crisis, don’t hide behind anything or anybody. They’re going to find you anyway.” - Bear Bryant © KloudLearn www.kloudlearn.com
  • 2. Learning Objectives © KloudLearn www.kloudlearn.com 2 What is Crisis Common features of Crisis How do you prepare for a cyber attack Crisis Management Lifecycle Preparing for a cyber security crisis Do’s and Don’t
  • 3. What is Crisis? © KloudLearn www.kloudlearn.com 3 We should start by defining what a cyber security crisis is. Typically, it might be confused with an incident response plan and although they are definitely different, the way we manage the incident response process might end up in a serious crisis. In the case of a crisis, we are facing a situation that might seriously impact the organization, its reputation, financial stability and even its viability as a business. An incident response plan refers to a methodology to cope with day-to-day cyber security events, like virus infections, malwares, DDoS and phishing attacks etc…
  • 4. ● The situation materializes unexpectedly. ● Decisions are required urgently. ● Time is short. ● Urgent demands for information are received. ● There is sense of loss of control. ● Pressures build over time. ● Specific threats are identified Common Features of Crisis © KloudLearn www.kloudlearn.com 4
  • 5. How do You Prepare for a Cyber Attack? © KloudLearn www.kloudlearn.com 5 ● Readiness: Readiness equates not only to vigilance, for example in the form of 24/7 Monitoring, but also to readiness of resources. ● Response: Management’s response can either contain or escalate an incident; indeed, a poor response can even create a crisis. ● Recovery: Steps to return to normal operations and limit damage to the organization and its stakeholders continue after the incident or crisis. ● Risk = Threat x Vulnerability x Consequence
  • 6. Crisis Management Lifecycle © KloudLearn www.kloudlearn.com 6
  • 7. ● Involve Your Executive Leadership Team Preparing for a Cyber Security Crisis © KloudLearn www.kloudlearn.com 7 ■ This includes the C-suite, i.e CEO, COO, CFO, CIO, CCO ■ This includes business unit leaders, i.e EVPs, SVPs ■ This includes representatives or delegates from legal, HR, Corporate Communications and Marketing ■ These leaders and representatives must be familiar with their role and responsibilities during a crisis
  • 8. ● Create a cyber security crisis management plan ■ Structure of the crisis management team ■ Responsibility matrix with names of the specific individuals ■ Threat matrix with severity levels and associated response protocols ■ Communication templates for customers, business partners, media and external agencies Preparing for a Cyber Security Crisis © KloudLearn www.kloudlearn.com 8
  • 9. ● Conduct breach simulations ■ Breach simulation is a tabletop exercise in your boardroom ■ All the key executives need to participate ■ A hypothetical breach scenario is created and the participants are asked to respond ■ Guidance is provided by the moderators ■ The executive team becomes familiar with the process and the sources of information Preparing for a Cyber Security Crisis © KloudLearn www.kloudlearn.com 9
  • 10. ● Engage a third party ■ Breach can stay undetected for years but once they are detected there is extreme urgency to investigate ■ Finding the right forensics partner can be a challenge ■ Companies have no choice but to rush into a contract often overlooking critical provisions ■ Social engineering uses which aspects of human nature includes, Trust manipulation, Desire to be helpful, Lack of understanding ■ Legal and compliance teams need to be involved in the review of all contractual language. Preparing for a Cyber Security Crisis © KloudLearn www.kloudlearn.com 10
  • 11. Do’s of Crisis Management ● Call the board and management teams together immediately to plan a response. ● Take advantage of the board’s diversity and hear all perspectives on the situation. ● Be aware that reputation is a driver of market value. ● Make a statement when experiencing more than one crisis at a time or in close succession. ● Monitor your company’s financial ratings after a crisis. Don’ts of Crisis Management ● Don’t ignore the situation. If the choice is to remain silent, continue to monitor it. ● Don’t overlook the speed of social media and how it can be a negative or a positive force. ● Don’t make excuses for poor choices in behavior. ● Don’t underestimate how interconnected systems are. Do’s and Don’ts © KloudLearn www.kloudlearn.com 11
  • 12. ● Data breaches are inevitable. therefore, an organization MUST be prepared to handle one. ● The information security team MUST take the lead in building and socializing a crisis management program. ● The information security team MUST build partnerships with legal, compliance, corporate communication and privacy terms of the company. ● A detailed crisis management plan MUST be created and maintained. ● Periodic simulations MUST be conducted. ● The executives of the company MUST be educated and must fully understand their roles and responsibilities. Key Takeaways © KloudLearn www.kloudlearn.com 12
  • 14. Proactive phase Strategic phase Recovery phase Reactive phase © KloudLearn www.kloudlearn.com In four phases of the Conflict Management Life Cycle. In which phase would an organization’s crisis management plan be implemented? 14
  • 15. The impact of a given risk The likelihood of a risk © KloudLearn www.kloudlearn.com “Loss of data availability” helps determine which of the following: 15
  • 16. © KloudLearn www.kloudlearn.com Business, cost, technology, and process should be the main focus while planning Software risk impact assessment. 16 True False
  • 17. Everyone in the organization. the CIO or CISO executive. A specialized cyber security defense team. © KloudLearn www.kloudlearn.com Cyber security protection of an organization is the responsibility of: 17
  • 18. © KloudLearn www.kloudlearn.com Risk = Likelihood x Weakness. True or False? 18 True False
  • 19. Trust manipulation Desire to be helpful Lack of understanding All of the above © KloudLearn www.kloudlearn.com Social engineering uses which aspects of human nature? 19
  • 20. © KloudLearn www.kloudlearn.com Identification of risk domains and risk exposure are done in the Analysis of Security Risk. 20 True False
  • 21. Detective Corrective Preventative Deterrent © KloudLearn www.kloudlearn.com Redundant computer servers would be an example of which type of security measure? 21
  • 22. Cross-site scripting Buffer overflow. SQL injection. System shutdown. © KloudLearn www.kloudlearn.com To avoid ________ , user input should not be put directly into a database. 22
  • 23. The likelihood of a threat happening The vulnerability of the organization to the threat The cost to mitigate or recover from the threat The duration of the threat event © KloudLearn www.kloudlearn.com Which of the following is not considered a factor in determining cyber risk? 23
  • 24. Thank You © KloudLearn www.kloudlearn.com 24 KloudLearn, Inc. is headquartered in Silicon Valley, California. Our mission is to help enterprises provide an engaging and impactful learning experience that improves business performance. We provide the industry’s most modern LMS (Learning Management System). For more information visit us at www.kloudlearn.com or reach out to us at info@kloudlearn.com