SlideShare a Scribd company logo

EXTERNAL - Whitepaper - 5 Steps to Weather the Zero Hour

Y
Yasser Mohammed

1) The document outlines five steps to take when an organization experiences a "Zero Hour", which is when sensitive data is at risk due to a security breach or hack. The five steps are: understand your data and where it is stored; evaluate and update data security policies; plan your data breach response; check cyber liability insurance coverage; and assess information security representations to clients. 2) It stresses the importance of understanding what sensitive data an organization has, where it is located, and having updated security policies. It also recommends planning an internal response team and external partners to contact in the event of a breach. 3) Organizations should also check what cybersecurity incidents their insurance policies cover and ensure security claims to clients

1 of 4
Download to read offline
5 STEPS TO WEATHER THE “ZERO HOUR” SUMMARIZED FROM “THE ZERO HOUR PHONE CALL: EXPEDITE YOUR DATA BREACH RESPONSE TO MINIMIZE RISK” BY SHERYL FALK, PARTNER AT WINSTON & STRAWN
Five Steps to Weather the “Zero Hour” 2 Guidancesoftware.com 1 2 3 Perhaps your InfoSec team found a malicious code wreaking mischief upon your network. Or maybe the FBI called to report that your organization’s data has been hacked. Either way, you have entered the “Zero Hour.” There is a security breach of your network and you must respond—now—because sensitive data is at risk. If the Zero Hour strikes your organization, here are five steps to help you make faster decisions and return your endpoints back to a trusted state: UNDERSTAND YOUR DATA It is critical to have a firm grasp on your data—especially your most sensitive information—and where it’s stored. This basic precaution will be invaluable in the event of a breach. Remember, not all of your data needs to be shared outside of your environment. Some organizations have their own internal networks, and do not rely on data connected to the Internet. This greatly reduces the risk of compromised information. If some data has more value to you, consider caching it in a highly secure, less accessible place. Here are a few guidelines to keep in mind: • Understand where your data is and how it is protected • Depending on the location, different laws may apply • Classify your sensitive/proprietary data • Use a data map to track the whereabouts of your most valuable information EVALUATE AND UPDATE YOUR DATA SECURITY POLICIES You may already have data security policies, but is it time for an update? Policies need to change and evolve over time to maintain industry standards. And merely having guidelines isn’t enough. You need to educate stakeholders about the protocols, as well as monitor and enforce them. Here are a few policies that should be at the top of your company’s security list: • Vendor access and storage policy • Remote access policy • Internet and electronic communications policy • Social media policy • Password policy • Mobile device policy • Guest access policy • Network device attachment policy PLAN YOUR DATA BREACH RESPONSE Fully plan your counterattack to a data breach, beginning with identifying your internal response team and external response partners. The latter is especially important: The middle of a breach is not the time to argue over indemnification clauses. The key stakeholders should know and be ready to execute the plan. It’s a good idea to practice your plan in a tabletop exercise to judge the response and effectiveness. When you’ve identified your security and forensic experts, you can respond quickly when the Zero Hour strikes. You should be able to open your plan, see who you need to call, and know who has already signed a Terms of Agreement so that everyone can proceed immediately. We suggest these experts be available for emergency access: • Key IT administrators • Law enforcement contacts • Security experts • Forensic experts • External privacy counsel • Communications/public relations/ notification support
Five Steps to Weather the “Zero Hour” 3 Guidancesoftware.com 4 5 CHECK FOR CYBER LIABILITY INSURANCE COVERAGE Do you have cyber liability insurance coverage? The SEC not only requires that you disclose a material breach, but that a breached company discloses any relevant insurance. Find out specifically what your general business liability plan covers. Some case law states that cyber liability exclusions prohibit insurance under a business liability policy. There are some courts, however, that recognize a server as tangible, and subject to coverage under such policies. In these cases, compromise of a server might be covered. It is imperative that you understand what your policy says with respect to cyber liability. Likewise, if you have a separate cyber liability policy, you also need to understand what it covers. There are many expenses that could be incurred such as cost of lost business, investigation, forensic and legal investigation expenses, credit monitoring, legal defense of lawsuits, civil fines, and class action lawsuits. Your policy may require you to work with certain security vendors or forensic vendors, and to adhere to particular standards to have the insurance in check. ASSESS YOUR INFORMATION SECURITY REPRESENTATIONS Understand what you are telling external stakeholders regarding how you will take care of their data, and make sure your representations are up to date and accurate. Here is what one well-known company proclaims: “We aim to provide you with the world’s strongest security and privacy tools. Security and privacy matter to us, we know how important they are to you and we work hard to get them right.” The statement aims very high. The well-meaning company is promising to care for its data with “the world’s strongest security and privacy tools.” If there is a material breach with litigation, the prosecutor is going to key on this statement, portray it as misrepresentation, and use it in a damaging fashion against the company. Such assurances could be considered overpromising the level of data protection your clients have from your organization and could do more damage than good in the long run. As security challenges evolve, how you respond must evolve as well. Check your representations so they are up to date and accurate. CONCLUSION A Japanese proverb states, “The reputation of a thousand years may be determined by the conduct of one hour.” Don’t let the Zero Hour ruin your hard-earned reputation! You probably already know that it’s not a matter of if you’ll be hit with a data breach, but when your Zero Hour phone call will ring. Remember, there’s power in planning. In addition to these five steps, reliable incident response tools are needed for when the Zero Hour phone call happens. Guidance Software is the maker of EnCase, a proven endpoint detection and response tool relied upon by organizations and agencies throughout the world. With EnCase Endpoint Security, you can quickly validate and triage incoming alerts, have complete 360° visibility across the enterprise, and surgically remediate all instances of a threat. The result: complete confidence in the event of a breach. Learn more at guidancesoftware.com For the full paper “The Zero Hour Phone Call: Expedite Your Data Breach Response to Minimize Your Risk” by Sheryl Falk, Partner at Winston Strawn download here.
Five Steps to Weather the “Zero Hour” ABOUT GUIDANCE Guidance exists to turn chaos and the unknown into order and the known-so that companies and their customers can go about their daily lives as usual without worry or disruption, knowing their most valuable information is safe and secure. The makers of EnCase® , the gold standard in forensic security, Guidance provides a mission-critical foundation of market-leading applications that offer deep 360-degree visibility across all endpoints, devices and networks, allowing proactive identification and remediation of threats. From retail to financial institutions, our field-tested and court-proven solutions are deployed on an estimated 33 million endpoints at more than 70 of the Fortune 100 and hundreds of agencies worldwide, from beginning to endpoint. Guidance Software® , EnCase® , EnForce™ and Tableau™ are trademarks owned by Guidance Software and may not be used without prior written permission. All other trademarks and copyrights are the property of their respective owners.

Recommended

Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Shawn Tuma
 
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and Ideas
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and IdeasBlack Hat USA 2015: A Visual Snapshot of Security Threats, Trends and Ideas
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and Ideas
Tripwire
 
Preserving the Privilege during Breach Response
Preserving the Privilege during Breach ResponsePreserving the Privilege during Breach Response
Preserving the Privilege during Breach Response
Priyanka Aash
 
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
centralohioissa
 
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye, Inc.
 
DATA BREACH LITIGATION HOW TO AVOID IT AND BE BETTER PREPARED
DATA BREACH LITIGATION HOW TO AVOID IT AND BE BETTER PREPAREDDATA BREACH LITIGATION HOW TO AVOID IT AND BE BETTER PREPARED
DATA BREACH LITIGATION HOW TO AVOID IT AND BE BETTER PREPARED
Priyanka Aash
 
Endpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesEndpoint Detection and Response for Dummies
Endpoint Detection and Response for Dummies
Liberteks
 
Laser App Conference 2017 - Sid Yenamandra, Entreda
Laser App Conference 2017 - Sid Yenamandra, EntredaLaser App Conference 2017 - Sid Yenamandra, Entreda
Laser App Conference 2017 - Sid Yenamandra, Entreda
Laser App Software
 

Recommended

Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Shawn Tuma
 
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and Ideas
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and IdeasBlack Hat USA 2015: A Visual Snapshot of Security Threats, Trends and Ideas
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and Ideas
Tripwire
 
Preserving the Privilege during Breach Response
Preserving the Privilege during Breach ResponsePreserving the Privilege during Breach Response
Preserving the Privilege during Breach Response
Priyanka Aash
 
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
centralohioissa
 
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye, Inc.
 
DATA BREACH LITIGATION HOW TO AVOID IT AND BE BETTER PREPARED
DATA BREACH LITIGATION HOW TO AVOID IT AND BE BETTER PREPAREDDATA BREACH LITIGATION HOW TO AVOID IT AND BE BETTER PREPARED
DATA BREACH LITIGATION HOW TO AVOID IT AND BE BETTER PREPARED
Priyanka Aash
 
Endpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesEndpoint Detection and Response for Dummies
Endpoint Detection and Response for Dummies
Liberteks
 
Laser App Conference 2017 - Sid Yenamandra, Entreda
Laser App Conference 2017 - Sid Yenamandra, EntredaLaser App Conference 2017 - Sid Yenamandra, Entreda
Laser App Conference 2017 - Sid Yenamandra, Entreda
Laser App Software
 
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Tripwire
 
Making Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentMaking Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentConSanFrancisco123
 
Recovering from a Cyber Attack
Recovering from a Cyber AttackRecovering from a Cyber Attack
Recovering from a Cyber Attack
Shawn Tuma
 
Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016
Niran Seriki, CCISO, CISM
 
What We Learned as the First and Best Customer of Symantec ATP
What We Learned as the First and Best Customer of Symantec ATPWhat We Learned as the First and Best Customer of Symantec ATP
What We Learned as the First and Best Customer of Symantec ATP
Symantec
 
Next generation security analytics
Next generation security analyticsNext generation security analytics
Next generation security analytics
Christian Have
 
Symantec Data Loss Prevention- From Adoption to Maturity
Symantec Data Loss Prevention- From Adoption to MaturitySymantec Data Loss Prevention- From Adoption to Maturity
Symantec Data Loss Prevention- From Adoption to Maturity
Symantec
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec
 
Source Code Security the Symantec Way
Source Code Security the Symantec WaySource Code Security the Symantec Way
Source Code Security the Symantec Way
Symantec
 
Webinar | Cybersecurity vulnerabilities of your business - Berezha Security G...
Webinar | Cybersecurity vulnerabilities of your business - Berezha Security G...Webinar | Cybersecurity vulnerabilities of your business - Berezha Security G...
Webinar | Cybersecurity vulnerabilities of your business - Berezha Security G...
Berezha Security Group
 
Webinar: "How to invest efficiently in cybersecurity (Return on Security Inv...
Webinar: "How to invest efficiently in cybersecurity (Return on Security Inv...Webinar: "How to invest efficiently in cybersecurity (Return on Security Inv...
Webinar: "How to invest efficiently in cybersecurity (Return on Security Inv...
Berezha Security Group
 
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
Stanton Viaduc
 
Bob West - Educating the Board of Directors
Bob West - Educating the Board of DirectorsBob West - Educating the Board of Directors
Bob West - Educating the Board of Directors
centralohioissa
 
MP_OneSheet_VulnThreat
MP_OneSheet_VulnThreatMP_OneSheet_VulnThreat
MP_OneSheet_VulnThreatKatherine Johnston, CFE
 
Shift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceShift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceDarren Argyle
 
How to Recover from a Ransomware Disaster
How to Recover from a Ransomware DisasterHow to Recover from a Ransomware Disaster
How to Recover from a Ransomware Disaster
Spanning Cloud Apps
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
centralohioissa
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
centralohioissa
 
Aaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & DefenseAaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & Defense
Jason Luttrell, CISSP, CISM
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Shawn Tuma
 
Anteproyecto temporizadores
Anteproyecto temporizadoresAnteproyecto temporizadores
Anteproyecto temporizadores
joseph050
 
Anteproyecto rebobinado motor fase partida
Anteproyecto rebobinado motor fase partidaAnteproyecto rebobinado motor fase partida
Anteproyecto rebobinado motor fase partida
joseph050
 

More Related Content

What's hot

Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Tripwire
 
Making Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentMaking Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentConSanFrancisco123
 
Recovering from a Cyber Attack
Recovering from a Cyber AttackRecovering from a Cyber Attack
Recovering from a Cyber Attack
Shawn Tuma
 
Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016
Niran Seriki, CCISO, CISM
 
What We Learned as the First and Best Customer of Symantec ATP
What We Learned as the First and Best Customer of Symantec ATPWhat We Learned as the First and Best Customer of Symantec ATP
What We Learned as the First and Best Customer of Symantec ATP
Symantec
 
Next generation security analytics
Next generation security analyticsNext generation security analytics
Next generation security analytics
Christian Have
 
Symantec Data Loss Prevention- From Adoption to Maturity
Symantec Data Loss Prevention- From Adoption to MaturitySymantec Data Loss Prevention- From Adoption to Maturity
Symantec Data Loss Prevention- From Adoption to Maturity
Symantec
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec
 
Source Code Security the Symantec Way
Source Code Security the Symantec WaySource Code Security the Symantec Way
Source Code Security the Symantec Way
Symantec
 
Webinar | Cybersecurity vulnerabilities of your business - Berezha Security G...
Webinar | Cybersecurity vulnerabilities of your business - Berezha Security G...Webinar | Cybersecurity vulnerabilities of your business - Berezha Security G...
Webinar | Cybersecurity vulnerabilities of your business - Berezha Security G...
Berezha Security Group
 
Webinar: "How to invest efficiently in cybersecurity (Return on Security Inv...
Webinar: "How to invest efficiently in cybersecurity (Return on Security Inv...Webinar: "How to invest efficiently in cybersecurity (Return on Security Inv...
Webinar: "How to invest efficiently in cybersecurity (Return on Security Inv...
Berezha Security Group
 
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
Stanton Viaduc
 
Bob West - Educating the Board of Directors
Bob West - Educating the Board of DirectorsBob West - Educating the Board of Directors
Bob West - Educating the Board of Directors
centralohioissa
 
Shift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceShift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceDarren Argyle
 
How to Recover from a Ransomware Disaster
How to Recover from a Ransomware DisasterHow to Recover from a Ransomware Disaster
How to Recover from a Ransomware Disaster
Spanning Cloud Apps
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
centralohioissa
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
centralohioissa
 
Aaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & DefenseAaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & Defense
Jason Luttrell, CISSP, CISM
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Shawn Tuma
 

What's hot (20)

Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
 
Making Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentMaking Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software Development
 
Recovering from a Cyber Attack
Recovering from a Cyber AttackRecovering from a Cyber Attack
Recovering from a Cyber Attack
 
Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016
 
What We Learned as the First and Best Customer of Symantec ATP
What We Learned as the First and Best Customer of Symantec ATPWhat We Learned as the First and Best Customer of Symantec ATP
What We Learned as the First and Best Customer of Symantec ATP
 
Next generation security analytics
Next generation security analyticsNext generation security analytics
Next generation security analytics
 
Symantec Data Loss Prevention- From Adoption to Maturity
Symantec Data Loss Prevention- From Adoption to MaturitySymantec Data Loss Prevention- From Adoption to Maturity
Symantec Data Loss Prevention- From Adoption to Maturity
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
 
Source Code Security the Symantec Way
Source Code Security the Symantec WaySource Code Security the Symantec Way
Source Code Security the Symantec Way
 
Webinar | Cybersecurity vulnerabilities of your business - Berezha Security G...
Webinar | Cybersecurity vulnerabilities of your business - Berezha Security G...Webinar | Cybersecurity vulnerabilities of your business - Berezha Security G...
Webinar | Cybersecurity vulnerabilities of your business - Berezha Security G...
 
Webinar: "How to invest efficiently in cybersecurity (Return on Security Inv...
Webinar: "How to invest efficiently in cybersecurity (Return on Security Inv...Webinar: "How to invest efficiently in cybersecurity (Return on Security Inv...
Webinar: "How to invest efficiently in cybersecurity (Return on Security Inv...
 
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
 
Bob West - Educating the Board of Directors
Bob West - Educating the Board of DirectorsBob West - Educating the Board of Directors
Bob West - Educating the Board of Directors
 
MP_OneSheet_VulnThreat
MP_OneSheet_VulnThreatMP_OneSheet_VulnThreat
MP_OneSheet_VulnThreat
 
Shift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceShift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber Resilience
 
How to Recover from a Ransomware Disaster
How to Recover from a Ransomware DisasterHow to Recover from a Ransomware Disaster
How to Recover from a Ransomware Disaster
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
 
Aaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & DefenseAaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & Defense
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
 

Viewers also liked

Anteproyecto temporizadores
Anteproyecto temporizadoresAnteproyecto temporizadores
Anteproyecto temporizadores
joseph050
 
Anteproyecto rebobinado motor fase partida
Anteproyecto rebobinado motor fase partidaAnteproyecto rebobinado motor fase partida
Anteproyecto rebobinado motor fase partida
joseph050
 
Algebra boleana
Algebra boleanaAlgebra boleana
Algebra boleana
Henry Faz
 
Kentico_General_brochure
Kentico_General_brochureKentico_General_brochure
Kentico_General_brochureMichael Parker
 
Informe práctica 18
Informe práctica 18Informe práctica 18
Informe práctica 18
joseph050
 
Mídia Kit 2016
Mídia Kit 2016Mídia Kit 2016
Mídia Kit 2016
nubiassousa
 
PROYECTO FINAL DE REBOBINADO MANTENIMIENTO
PROYECTO FINAL DE REBOBINADO MANTENIMIENTOPROYECTO FINAL DE REBOBINADO MANTENIMIENTO
PROYECTO FINAL DE REBOBINADO MANTENIMIENTO
Karliitha Fallaz
 
Informe 1 Electronica I Laboratorio
Informe 1 Electronica I LaboratorioInforme 1 Electronica I Laboratorio
Informe 1 Electronica I Laboratorio
Universidad de Tarapaca
 

Viewers also liked (8)

Anteproyecto temporizadores
Anteproyecto temporizadoresAnteproyecto temporizadores
Anteproyecto temporizadores
 
Anteproyecto rebobinado motor fase partida
Anteproyecto rebobinado motor fase partidaAnteproyecto rebobinado motor fase partida
Anteproyecto rebobinado motor fase partida
 
Algebra boleana
Algebra boleanaAlgebra boleana
Algebra boleana
 
Kentico_General_brochure
Kentico_General_brochureKentico_General_brochure
Kentico_General_brochure
 
Informe práctica 18
Informe práctica 18Informe práctica 18
Informe práctica 18
 
Mídia Kit 2016
Mídia Kit 2016Mídia Kit 2016
Mídia Kit 2016
 
PROYECTO FINAL DE REBOBINADO MANTENIMIENTO
PROYECTO FINAL DE REBOBINADO MANTENIMIENTOPROYECTO FINAL DE REBOBINADO MANTENIMIENTO
PROYECTO FINAL DE REBOBINADO MANTENIMIENTO
 
Informe 1 Electronica I Laboratorio
Informe 1 Electronica I LaboratorioInforme 1 Electronica I Laboratorio
Informe 1 Electronica I Laboratorio
 

Similar to EXTERNAL - Whitepaper - 5 Steps to Weather the Zero Hour

Responding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for MerchantsResponding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for Merchants
- Mark - Fullbright
 
Anticipating an Attack: A Pre-Breach Checklist
Anticipating an Attack: A Pre-Breach ChecklistAnticipating an Attack: A Pre-Breach Checklist
Anticipating an Attack: A Pre-Breach Checklist
Morrison & Foerster
 
Top 6 things_small_businesses_q12015
Top 6 things_small_businesses_q12015Top 6 things_small_businesses_q12015
Top 6 things_small_businesses_q12015
anpapathanasiou
 
CyberSecurity Insurance - The Ugly Truth!
CyberSecurity Insurance - The Ugly Truth!CyberSecurity Insurance - The Ugly Truth!
CyberSecurity Insurance - The Ugly Truth!
topseowebmaster
 
How to Effectively Manage a Data Breach
How to Effectively Manage a Data Breach How to Effectively Manage a Data Breach
How to Effectively Manage a Data Breach
SecurityMetrics
 
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...
Shawn Tuma
 
Cyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceCyber Security for the Small Business Experience
Cyber Security for the Small Business Experience
National Retail Federation
 
Rogers eBook Security
Rogers eBook SecurityRogers eBook Security
Rogers eBook Security
Rogers Communications
 
Aftab Hasan Speaking at Cyber Security in Banking Conference - Dubai
Aftab Hasan Speaking at Cyber Security in Banking Conference - DubaiAftab Hasan Speaking at Cyber Security in Banking Conference - Dubai
Aftab Hasan Speaking at Cyber Security in Banking Conference - DubaiAftab Hasan
 
Cyber Security - Things you need to know
Cyber Security - Things you need to knowCyber Security - Things you need to know
Cyber Security - Things you need to know
Nathan Desfontaines
 
Trustwave: 7 Experts on Transforming Your Threat Detection & Response Strategy
Trustwave: 7 Experts on Transforming Your Threat Detection & Response StrategyTrustwave: 7 Experts on Transforming Your Threat Detection & Response Strategy
Trustwave: 7 Experts on Transforming Your Threat Detection & Response Strategy
Mighty Guides, Inc.
 
BSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing businessBSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing business
Joel Cardella
 
Tech Talent Meetup Hacking Security Event Recap
Tech Talent Meetup Hacking Security Event RecapTech Talent Meetup Hacking Security Event Recap
Tech Talent Meetup Hacking Security Event RecapDominic Vogel
 
Protecting the Core of Your Network
Protecting the Core of Your Network Protecting the Core of Your Network
Protecting the Core of Your Network
Mighty Guides, Inc.
 
A data-centric program
A data-centric program A data-centric program
A data-centric program
at MicroFocus Italy ❖✔
 
Cyber Security and Data Protection
Cyber Security and Data ProtectionCyber Security and Data Protection
Cyber Security and Data Protection
Strategic Insurance Software
 
Foley-Cybersecurity-White-Paper_3.9.15
Foley-Cybersecurity-White-Paper_3.9.15Foley-Cybersecurity-White-Paper_3.9.15
Foley-Cybersecurity-White-Paper_3.9.15James Fisher
 
SecureWorld Expo Dallas - Cybersecurity Law: What Business and IT Leaders Nee...
SecureWorld Expo Dallas - Cybersecurity Law: What Business and IT Leaders Nee...SecureWorld Expo Dallas - Cybersecurity Law: What Business and IT Leaders Nee...
SecureWorld Expo Dallas - Cybersecurity Law: What Business and IT Leaders Nee...
Shawn Tuma
 
Cyber Security .pdf
Cyber Security .pdfCyber Security .pdf
Cyber Security .pdf
samayraina1
 
The Unconventional Guide to Cyber Threat Intelligence - Ahad.pdf
The Unconventional Guide to Cyber Threat Intelligence - Ahad.pdfThe Unconventional Guide to Cyber Threat Intelligence - Ahad.pdf
The Unconventional Guide to Cyber Threat Intelligence - Ahad.pdf
Ahad
 

Similar to EXTERNAL - Whitepaper - 5 Steps to Weather the Zero Hour (20)

Responding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for MerchantsResponding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for Merchants
 
Anticipating an Attack: A Pre-Breach Checklist
Anticipating an Attack: A Pre-Breach ChecklistAnticipating an Attack: A Pre-Breach Checklist
Anticipating an Attack: A Pre-Breach Checklist
 
Top 6 things_small_businesses_q12015
Top 6 things_small_businesses_q12015Top 6 things_small_businesses_q12015
Top 6 things_small_businesses_q12015
 
CyberSecurity Insurance - The Ugly Truth!
CyberSecurity Insurance - The Ugly Truth!CyberSecurity Insurance - The Ugly Truth!
CyberSecurity Insurance - The Ugly Truth!
 
How to Effectively Manage a Data Breach
How to Effectively Manage a Data Breach How to Effectively Manage a Data Breach
How to Effectively Manage a Data Breach
 
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...
 
Cyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceCyber Security for the Small Business Experience
Cyber Security for the Small Business Experience
 
Rogers eBook Security
Rogers eBook SecurityRogers eBook Security
Rogers eBook Security
 
Aftab Hasan Speaking at Cyber Security in Banking Conference - Dubai
Aftab Hasan Speaking at Cyber Security in Banking Conference - DubaiAftab Hasan Speaking at Cyber Security in Banking Conference - Dubai
Aftab Hasan Speaking at Cyber Security in Banking Conference - Dubai
 
Cyber Security - Things you need to know
Cyber Security - Things you need to knowCyber Security - Things you need to know
Cyber Security - Things you need to know
 
Trustwave: 7 Experts on Transforming Your Threat Detection & Response Strategy
Trustwave: 7 Experts on Transforming Your Threat Detection & Response StrategyTrustwave: 7 Experts on Transforming Your Threat Detection & Response Strategy
Trustwave: 7 Experts on Transforming Your Threat Detection & Response Strategy
 
BSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing businessBSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing business
 
Tech Talent Meetup Hacking Security Event Recap
Tech Talent Meetup Hacking Security Event RecapTech Talent Meetup Hacking Security Event Recap
Tech Talent Meetup Hacking Security Event Recap
 
Protecting the Core of Your Network
Protecting the Core of Your Network Protecting the Core of Your Network
Protecting the Core of Your Network
 
A data-centric program
A data-centric program A data-centric program
A data-centric program
 
Cyber Security and Data Protection
Cyber Security and Data ProtectionCyber Security and Data Protection
Cyber Security and Data Protection
 
Foley-Cybersecurity-White-Paper_3.9.15
Foley-Cybersecurity-White-Paper_3.9.15Foley-Cybersecurity-White-Paper_3.9.15
Foley-Cybersecurity-White-Paper_3.9.15
 
SecureWorld Expo Dallas - Cybersecurity Law: What Business and IT Leaders Nee...
SecureWorld Expo Dallas - Cybersecurity Law: What Business and IT Leaders Nee...SecureWorld Expo Dallas - Cybersecurity Law: What Business and IT Leaders Nee...
SecureWorld Expo Dallas - Cybersecurity Law: What Business and IT Leaders Nee...
 
Cyber Security .pdf
Cyber Security .pdfCyber Security .pdf
Cyber Security .pdf
 
The Unconventional Guide to Cyber Threat Intelligence - Ahad.pdf
The Unconventional Guide to Cyber Threat Intelligence - Ahad.pdfThe Unconventional Guide to Cyber Threat Intelligence - Ahad.pdf
The Unconventional Guide to Cyber Threat Intelligence - Ahad.pdf
 

EXTERNAL - Whitepaper - 5 Steps to Weather the Zero Hour

  • 1. 5 STEPS TO WEATHER THE “ZERO HOUR” SUMMARIZED FROM “THE ZERO HOUR PHONE CALL: EXPEDITE YOUR DATA BREACH RESPONSE TO MINIMIZE RISK” BY SHERYL FALK, PARTNER AT WINSTON & STRAWN
  • 2. Five Steps to Weather the “Zero Hour” 2 Guidancesoftware.com 1 2 3 Perhaps your InfoSec team found a malicious code wreaking mischief upon your network. Or maybe the FBI called to report that your organization’s data has been hacked. Either way, you have entered the “Zero Hour.” There is a security breach of your network and you must respond—now—because sensitive data is at risk. If the Zero Hour strikes your organization, here are five steps to help you make faster decisions and return your endpoints back to a trusted state: UNDERSTAND YOUR DATA It is critical to have a firm grasp on your data—especially your most sensitive information—and where it’s stored. This basic precaution will be invaluable in the event of a breach. Remember, not all of your data needs to be shared outside of your environment. Some organizations have their own internal networks, and do not rely on data connected to the Internet. This greatly reduces the risk of compromised information. If some data has more value to you, consider caching it in a highly secure, less accessible place. Here are a few guidelines to keep in mind: • Understand where your data is and how it is protected • Depending on the location, different laws may apply • Classify your sensitive/proprietary data • Use a data map to track the whereabouts of your most valuable information EVALUATE AND UPDATE YOUR DATA SECURITY POLICIES You may already have data security policies, but is it time for an update? Policies need to change and evolve over time to maintain industry standards. And merely having guidelines isn’t enough. You need to educate stakeholders about the protocols, as well as monitor and enforce them. Here are a few policies that should be at the top of your company’s security list: • Vendor access and storage policy • Remote access policy • Internet and electronic communications policy • Social media policy • Password policy • Mobile device policy • Guest access policy • Network device attachment policy PLAN YOUR DATA BREACH RESPONSE Fully plan your counterattack to a data breach, beginning with identifying your internal response team and external response partners. The latter is especially important: The middle of a breach is not the time to argue over indemnification clauses. The key stakeholders should know and be ready to execute the plan. It’s a good idea to practice your plan in a tabletop exercise to judge the response and effectiveness. When you’ve identified your security and forensic experts, you can respond quickly when the Zero Hour strikes. You should be able to open your plan, see who you need to call, and know who has already signed a Terms of Agreement so that everyone can proceed immediately. We suggest these experts be available for emergency access: • Key IT administrators • Law enforcement contacts • Security experts • Forensic experts • External privacy counsel • Communications/public relations/ notification support
  • 3. Five Steps to Weather the “Zero Hour” 3 Guidancesoftware.com 4 5 CHECK FOR CYBER LIABILITY INSURANCE COVERAGE Do you have cyber liability insurance coverage? The SEC not only requires that you disclose a material breach, but that a breached company discloses any relevant insurance. Find out specifically what your general business liability plan covers. Some case law states that cyber liability exclusions prohibit insurance under a business liability policy. There are some courts, however, that recognize a server as tangible, and subject to coverage under such policies. In these cases, compromise of a server might be covered. It is imperative that you understand what your policy says with respect to cyber liability. Likewise, if you have a separate cyber liability policy, you also need to understand what it covers. There are many expenses that could be incurred such as cost of lost business, investigation, forensic and legal investigation expenses, credit monitoring, legal defense of lawsuits, civil fines, and class action lawsuits. Your policy may require you to work with certain security vendors or forensic vendors, and to adhere to particular standards to have the insurance in check. ASSESS YOUR INFORMATION SECURITY REPRESENTATIONS Understand what you are telling external stakeholders regarding how you will take care of their data, and make sure your representations are up to date and accurate. Here is what one well-known company proclaims: “We aim to provide you with the world’s strongest security and privacy tools. Security and privacy matter to us, we know how important they are to you and we work hard to get them right.” The statement aims very high. The well-meaning company is promising to care for its data with “the world’s strongest security and privacy tools.” If there is a material breach with litigation, the prosecutor is going to key on this statement, portray it as misrepresentation, and use it in a damaging fashion against the company. Such assurances could be considered overpromising the level of data protection your clients have from your organization and could do more damage than good in the long run. As security challenges evolve, how you respond must evolve as well. Check your representations so they are up to date and accurate. CONCLUSION A Japanese proverb states, “The reputation of a thousand years may be determined by the conduct of one hour.” Don’t let the Zero Hour ruin your hard-earned reputation! You probably already know that it’s not a matter of if you’ll be hit with a data breach, but when your Zero Hour phone call will ring. Remember, there’s power in planning. In addition to these five steps, reliable incident response tools are needed for when the Zero Hour phone call happens. Guidance Software is the maker of EnCase, a proven endpoint detection and response tool relied upon by organizations and agencies throughout the world. With EnCase Endpoint Security, you can quickly validate and triage incoming alerts, have complete 360° visibility across the enterprise, and surgically remediate all instances of a threat. The result: complete confidence in the event of a breach. Learn more at guidancesoftware.com For the full paper “The Zero Hour Phone Call: Expedite Your Data Breach Response to Minimize Your Risk” by Sheryl Falk, Partner at Winston Strawn download here.
  • 4. Five Steps to Weather the “Zero Hour” ABOUT GUIDANCE Guidance exists to turn chaos and the unknown into order and the known-so that companies and their customers can go about their daily lives as usual without worry or disruption, knowing their most valuable information is safe and secure. The makers of EnCase® , the gold standard in forensic security, Guidance provides a mission-critical foundation of market-leading applications that offer deep 360-degree visibility across all endpoints, devices and networks, allowing proactive identification and remediation of threats. From retail to financial institutions, our field-tested and court-proven solutions are deployed on an estimated 33 million endpoints at more than 70 of the Fortune 100 and hundreds of agencies worldwide, from beginning to endpoint. Guidance Software® , EnCase® , EnForce™ and Tableau™ are trademarks owned by Guidance Software and may not be used without prior written permission. All other trademarks and copyrights are the property of their respective owners.