Global CISO Forum 2017: Privacy Partnership

•Download as PPTX, PDF•

0 likes•137 views

Katherine Fithen has been a leader in information security for more than 20 years. She retired as the Chief Privacy Officer and Director of Governance & Compliance at The Coca-Cola Company in July 2017. Prior to joining The Coca-Cola Company in 2002, Katherine was the Senior Manager of the CSIRT Program at PricewaterhouseCoopers, LLP, and prior to pwc, the Manager of the CERT®. Katherine has earned a Bachelor of Arts in Retail Management, a Master of Arts in Personnel Management, and a Master of Science in Information Science. Katherine is on several advisory boards for privacy and security. In August 2015, Katherine was listed as one of “Women in IT Security: 10 Power Players”

Technology

Classification: //SecureWorks/Confidential - Limited External Distribution:Classification: //SecureWorks/Confidential - Limited External Distribution:
Privacy
Partnership
Katherine Fithen
Retired Chief Privacy Officer
The Coca-ColaCompany
<date>

Classification: //SecureWorks/Confidential - Limited External Distribution:
Agenda
• My Background
• Why Compliance ≠ Security
• Privacy Partnership
• Business
• IT
• Legal
• Risk Management
• Breach Response
• Questions & Contact Information
ciso.eccouncil.org 2

Classification: //SecureWorks/Confidential - Limited External Distribution:
My Background
• Education
• B.A., Retail Management
• M.A., Personnel Management
• M.S., Information Science
• Careers
• Retail – clothing buyer for stores
• Technology
• PREPnet
• CERT®
• pwc
• The Coca-ColaCompany
• SecureWorks
ciso.eccouncil.org 3

Classification: //SecureWorks/Confidential - Limited External Distribution:
Why Compliance ≠ Security
• SOX
• Enron
• PCI
• TJ Maxx breach (2007)
• Had been certified by PCI assessment
• 45.6 million cards compromised
• Privacy
• Target breach (2013 - 2015)
• 42 million cards compromised
• 61 million people had PI compromised
• OPM breach
• 21.5 million people had PI compromised
• Equifax
• 143 million people had PI compromised
ciso.eccouncil.org 4

Classification: //SecureWorks/Confidential - Limited External Distribution:
Privacy Partnership
• Business
• “Owner” of the data
• HR, Marketing,Customer, etc.
• IT
• Technology enables organizations to align with privacy laws, regulations,
and expectations
• Legal
• Provide the legal/regulatory requirements for
• Business owners of data
• IT
ciso.eccouncil.org 5

Classification: //SecureWorks/Confidential - Limited External Distribution:
Privacy Partnership (cont.)
• IT
• IT SDLC
• Access controls
• Negative testing
• Authentication
• MFA vs UserID + passwd
• Encryption
• Who owns/manages the encryption key?
• Age validation implementation
• Logs
• Application
• Network
• Contract obligations for vendors
& vendor management
ciso.eccouncil.org 6

Classification: //SecureWorks/Confidential - Limited External Distribution:
Privacy Partnership (cont.)
• Considerations for Privacy Office & Privacy Council
• Privacy Office
• IT and Legal
• Privacy Council
• Legal
• IT
• Marketing
• HR
• Public Affairs
• InternalAudit
• Controller’s Office
ciso.eccouncil.org 7

Classification: //SecureWorks/Confidential - Limited External Distribution:
Risk Management
• If compliance ≠ security – then what do we do?
• Most organizations cannot protect all assets equally – and probably
should not
• Too costly
• Too resource-intensive
• Risk Management
• Identify sensitive assets
• IP (Intellectual Property)
• PI (Personal Information)
• Insider threat vs external threats
ciso.eccouncil.org 8

Classification: //SecureWorks/Confidential - Limited External Distribution:
Breach Response
• Who, What, Where,When, and How
ciso.eccouncil.org 9

Classification: //SecureWorks/Confidential - Limited External Distribution:
Breach Response (cont.)
• Who, What, Where,When, and How
• Who
• Legal, Business owner of breached data, IT, Public Affairs,Vendor(s), 3rd-party breach
response team (e.g., PCI)
• Who leads/is decision maker?
• Regulators
ciso.eccouncil.org 10

Classification: //SecureWorks/Confidential - Limited External Distribution:
Breach Response (cont.)
• Who, What, Where,When, and How
• What
• What happened?
• How quickly will you know what happened?
• What to communicate about what happened?
• What facts do you have?
• What “beliefs” do you have?
• What steps do I take?
• What services do I offer (e.g., ID theft protection, etc.)
ciso.eccouncil.org 11

Classification: //SecureWorks/Confidential - Limited External Distribution:
Breach Response (cont.)
• Who, What, Where,When, and How (cont.)
• Where
• Where is it?
• My data?
• My users?
• My logs/evidence?
ciso.eccouncil.org 12

Classification: //SecureWorks/Confidential - Limited External Distribution:
Breach Response (cont.)
• Who, What, Where,When, and How (cont.)
• When
• Communicate
• Internally
• Externally
• “Know” what happened to be able
to communicate?
• Bring in a 3rd-party
• Required by regulation?
• Need the SME assistance?
• Want outsider “objective” assistance?
ciso.eccouncil.org 13

Classification: //SecureWorks/Confidential - Limited External Distribution:
Breach Response
• Who, What, Where,When, and How (cont.)
• How
• How do I communicate?
• Internally
• Externally
• How do I make “Everyone” comfortable / confident in my ability to handle?
• Those impacted?
• Regulators?
• Media?
• Employees?
• Partners?
ciso.eccouncil.org 14

Classification: //SecureWorks/Confidential - Limited External Distribution:
In Closing
• We need to work together – Business, IT, and Legal to ensure
enable the business while protecting company assets
ciso.eccouncil.org 15

Classification: //SecureWorks/Confidential - Limited External Distribution:
Questions & Contact Information
ciso.eccouncil.org 16
• Katherine Fithen
Managing Principal Consultant
SecureWorks
kfithen@secureworks.com
+1-770-331-2092

Joe Gray joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Joe is an Enterprise Security Consultant at Sword and Shield Enterprise Security in Knoxville, TN. Joe also maintains his own Blog and Podcast called Advanced Persistent Security. In his spare time, Joe enjoys reading news relevant to information security, attending information security conferences, contributing blogs to various outlets, bass fishing, and flying his drone.

Red vs. Blue Why we’ve been getting it wrong for 25 years

EC-Council

Regarded as one of the world’s foremost experts on counter threat intelligence within the Information security industry, Chris Roberts constructs and directs a portfolio of defense services designed to improve the physical and digital security posture of both enterprise and government clients. With increasingly sophisticated attacks on targets of opportunity, Roberts’ unique methods of addressing the evolving threat matrix and experience with all information systems make him an indispensable partner to clients and industries that demand protection of financials, intellectual property, customer data and other protected information from attack.

Charity: A Secret for Cyberspace by Jon Creekmore

EC-Council

Today, there lies an untapped source of great capability within cyberspace; charities. From the rise of the makerspace movement, to an explosion of STEM initiatives in third world countries, and even robotic competitions globally, our world is changing due to cyberspace. Through studying current initiatives and personal experiences, this presentation will present a plan and method to impact the evolution of cyberspace.

Hacker Halted 2018: Breaking the Bad News: How to Prevent Your IR Messages fr...

EC-Council

This document provides guidance on effective communication when delivering bad news or security incidents to various stakeholders. It discusses targeting communications to different audience levels, including end users, middle management, and C-level executives. For each group, it suggests focusing on the relevant impact and providing information in a concise, judicious, and empathetic manner. The document also emphasizes the importance of non-verbal communication and body language awareness to ensure the intended message is properly conveyed.

Do it Best Corp. Techapalooza 2013 Presentation

Brian T. O'Hara CISA, CISM, CRISC, CCSP, CISSP

There is a global war already taking place today. We simply have yet to acknowledge it. Our banks are under attack, our public utilities are at risk and the internet is being used more and more for political purposes, both bad and good. Cybercriminals blazingly brazenly brag their accomplishments and thumb their noses at authorities around the world. Governments are struggling with controls that are either too permissive or too restrictive. Join us in an important discussion of the state of the state of Cyber(x) as we explore issues and peer into the future. Find out what the “bad guys” are up to, and what the future holds.

Protecting Your IP: Data Security for Software Technology

Shawn Tuma

Data Analytics Governance and Ethics

HPCC Systems

2014 - KSU - So You Want to Be in Cyber Security?

Phil Agcaoili

This document provides an overview of the cybersecurity field, including why it is a good career option, common career paths and roles, in-demand skills, top job locations, and advice on getting started in the field. It notes that cybersecurity jobs are expected to grow rapidly and face ongoing skills shortages, with average salaries of $116,000 per year. The top job titles include security engineer, security analyst, and information security analyst. Experience in areas like systems administration, networking, development, and auditing is recommended to break into the field.

This document summarizes a presentation about current security challenges and future possibilities. It discusses how malicious actors have advantages over security teams in terms of resources, tools, and lack of bureaucracy. Traditional security tools like antivirus are increasingly ineffective against techniques used by state actors, hackers, and others. The future of security may involve artificial intelligence and self-protecting networks that can autonomously monitor systems, identify threats, and take automated actions like deploying patches. Organizations need to gather and analyze large amounts of data from all devices to better identify malicious patterns and events and automate responses.

Brian Henger - Psychological Warfare: How Cyber Criminals Mess With Your Mind

centralohioissa

ethics final project

Victoriya Poplavskaya

This document discusses the differences between hacking and cracking. Hacking refers to seeking and exploiting weaknesses in computer systems for various motivations, while cracking specifically refers to hacking with criminal intent. The document explores types of cracking like password cracking and software cracking. It argues that hacking can have benefits if done to improve security, but becomes cracking if done for criminal profits or information theft. The line between the two is blurry from a legal perspective. An ethical hacker tests security for vulnerabilities but does not steal or damage systems.

How to Boost your Cyber Risk Management Program and Capabilities?

PECB

The webinar explores how understanding your organization in crisis due to an exploitation of risk can develop the organization’s resilience and team in the drive for a stronger level of compliance maturity. Main points covered: • Information Security maturity • ROPI • Risk Management • Incident Response • Forensic Readiness • Table Top Exercises • Training • Legislation Presenter: Our presenter for this webinar is Peter Jones, an experienced management professional, digital forensic analyst, cybersecurity professional, ISO 27001 and ISO 17025 auditor and University Lecturer. Peter has a wealth of experience and expertise which incorporates knowledge from being an academic and a practitioner in relation to best practice, data management, cyber security, digital system security and digital forensics, where he has conducted thousands of examinations on behalf of law enforcement and the private sector. Peter has extensive information technology and telecommunications experience which ranges from retail to enterprise environments including supporting the BBC with their hit drama series, ‘Silent Witness’. Link the the YouTube video: https://youtu.be/aREo4l-pDgc

Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015

Joe Bartolo

This document summarizes a presentation on cybersecurity risks for law firms and how to protect sensitive client data. The presentation covers: 1. Tips for preventing cyberattacks including having security plans, policies for employees and vendors, and implementing best practices. 2. The response required after a data breach, including activating an incident response plan, securing systems, notifying authorities and counsel, and conducting forensics. 3. Different legal obligations for law firms compared to corporations after a breach in terms of state breach notification laws and preserving attorney-client privilege.

A Child Like Approach to Grid Cybersecurity

Robert M. Lee

This document outlines a presentation given by Robert M. Lee on grid cybersecurity. The presentation uses the metaphor of a child named Little Bobby to discuss various cybersecurity topics in a simplified way. It begins with a case study of the Ukraine cyber attack and then covers Little Bobby's views on attribution, adversary tactics, the media, security controls, active defense, and metrics. The presentation aims to take a child-like approach to explaining complex cybersecurity challenges facing grid infrastructure.

Why is securing the Internet so hard

APNIC

The document discusses why securing the internet is so difficult by examining internet successes and failures. It argues that internet security has failed because there is no single authority, success is unattainable in complex systems, and partial solutions are inadequate. Additionally, shared problems belong to nobody, risk is difficult to mitigate when benefits are unseen, and it is hard to define what "secure" even means at internet scale. Overall, the document analyzes technical, economic, and human factors that contribute to the ongoing challenges of internet security.

Cyber legal update oct 7 2015

Dan Michaluk

This document summarizes recent legal developments regarding privacy risks, incidents, and liability in Canada. It discusses amendments to PIPEDA and PHIPA that expand requirements for breach notification. It also notes a court case, Hopkins v Kay, that suggests actual harm is not required for privacy claims. Additionally, it covers two class action cases, Evans and Condon, that were certified regarding data breaches. The certification in Condon was notable as it allowed for intentional intrusion claims over lost data where no harm was proven.

BSides Huntsville Keynote - Active Cyber Defense Cycle

Robert M. Lee

The Active Cyber Defense Cycle is a strategy for cyber defense that consists of five processes: 1) Threat intelligence consumption to understand the threat landscape and adversary's capabilities. 2) Asset identification and network security monitoring to identify the organization's systems and detect abnormalities. 3) Incident response to determine the scope of threats, collect evidence, and focus on keeping operations running. 4) Threat and environment manipulation to interact with threats in a controlled environment to learn tactics and feed back into threat intelligence. 5) These processes work together in a cycle to better understand adversaries and defend the organization's systems and missions over time.

Advantage ppt data breaches km approved - final (djm notes)

Dan Michaluk

This document discusses how to properly respond to data breaches. It emphasizes the importance of having a formal, written incident response plan in place due to how time-sensitive breaches are and how organizations can behave unpredictably in a crisis. The plan should include roles and processes for identification, escalation, assessment, containment, investigation, and managing liability. It also recommends retaining IT forensics and legal experts in advance. Practicing the plan through fire drills can help identify flaws and improve response skills. When notifying individuals of a breach, organizations should explain what happened, containment steps, and provide contact information for support.

33rd TWNIC IP OPM: Practical Incident Response & Threat Intelligence

APNIC

Ethics of Big Data

Matti Vesala

The document discusses the ethics of big data and how it relates to robotics. It defines big data as data that is large enough to raise practical concerns about its ethical use rather than just theoretical concerns. It also discusses how big data and the internet of things can provide the foundation of knowledge for robots to act upon. Finally, it discusses some of the ethical issues around big data, such as privacy, ownership of data, transparency, and ensuring fair and non-discriminatory use of people's data.

2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...

APNIC

MCG Cybersecurity Webinar Series - Risk Management

William McBorrough

OSINT - Open Source Intelligence "Leading Intelligence and Investigation Tech...

Falgun Rathod

As per Wiki - Open-source intelligence (OSINT) is intelligence collected from publicly available sources. In the intelligence community (IC), the term "open" refers to overt, publicly available sources (as opposed to covert or clandestine sources); it is not related to open-source software or public intelligence. There are lots of other ways to collect information from Public Source which may not provided in this document, This is just an Introductory Document for whose who are beginners and students.

Deral Heiland - Fail Now So I Don't Fail Later

centralohioissa

With network data breaches being reported weekly, it appears our implementation of prevention solutions is failing. With the average time to detect a breach being greater than 6 months our detection solutions also appear to be failing. Maybe these solutions and technologies are working correctly and we are just not training our teams how to manage, maintain, and leverage those solutions effectively. In this presentation I will be discussing security testing and validation methodologies that includes Internal/external pentesting, social engineering, and red team/blue team exercises. In addition I will be covering how using these methodologies we can better prepare and build a more robust security environment that will keep your organization off the front page.

Best cyber security certifications 2017

Koenig Solutions Ltd.

The document discusses the top cyber security certifications that are valuable for a career in cyber security in 2017. It recommends certifications like the CISSP, CEH, ECSA, CCNA Security, and CHFI which validate skills in areas like security policy development, penetration testing, network security, and digital forensics. It also provides information on cyber security training courses offered by Koenig Solutions and their advantages like affordable pricing, experienced trainers, and locations in multiple cities in India and abroad.

How to manage a data breach

Dan Michaluk

The document provides 10 tips for managing a data security incident from a breach practitioner. The tips are to initiate response immediately, don't make assumptions but find facts, keep investigating and progressing the response, don't rush public statements but strive for 90% confidence, obtain objective external input, get technical forensic help if needed, take a broad view of notification, consider the perspective of affected individuals, demonstrate commitment to improvements, and issue an apology from a senior spokesperson.

Conf 2019 - Workshop: Liam Glanfield - know your threat actor

TechExeter

The document discusses various tactics and techniques used by red teams to simulate cyber attacks, including open-source intelligence gathering, social engineering, deploying drop boxes, maintaining persistence, and threat actor profiling. It also introduces the MITRE ATT&CK framework for categorizing adversary behavior and outlines example steps in a red team workflow. Finally, it recommends five areas for organizations to focus on to strengthen their cyber defenses: network security, auditing and logging, password policies, role-based access control, and patch management.

Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...

Shawn Tuma

Bsu skills and_careers_in_cybersecurity

Sandra (Sandy) Dunn

Cyber Security - ASGFOA

Peter Henley

This document discusses cybersecurity and provides guidance on developing a cybersecurity plan. It recommends taking four key steps: 1) understanding common cybersecurity issues, 2) evaluating organizational risks, 3) protecting the organization through measures like data encryption and training, and 4) developing an incident response plan to react to data breaches. The document then covers various components of a cybersecurity plan, including conducting a data inventory, assessing risks, and implementing technical, policy, and training controls.

What's hot

[Bucharest] Catching up with today's malicious actors

OWASP EEE

Brian Henger - Psychological Warfare: How Cyber Criminals Mess With Your Mind

centralohioissa

ethics final project

Victoriya Poplavskaya

How to Boost your Cyber Risk Management Program and Capabilities?

PECB

Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015

Joe Bartolo

A Child Like Approach to Grid Cybersecurity

Robert M. Lee

Why is securing the Internet so hard

APNIC

Cyber legal update oct 7 2015

Dan Michaluk

BSides Huntsville Keynote - Active Cyber Defense Cycle

Robert M. Lee

Advantage ppt data breaches km approved - final (djm notes)

Dan Michaluk

33rd TWNIC IP OPM: Practical Incident Response & Threat Intelligence

APNIC

Ethics of Big Data

Matti Vesala

2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...

APNIC

MCG Cybersecurity Webinar Series - Risk Management

William McBorrough

OSINT - Open Source Intelligence "Leading Intelligence and Investigation Tech...

Falgun Rathod

Deral Heiland - Fail Now So I Don't Fail Later

centralohioissa

Best cyber security certifications 2017

Koenig Solutions Ltd.

How to manage a data breach

Dan Michaluk

Conf 2019 - Workshop: Liam Glanfield - know your threat actor

TechExeter

Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...

Shawn Tuma

What's hot (20)

[Bucharest] Catching up with today's malicious actors

Brian Henger - Psychological Warfare: How Cyber Criminals Mess With Your Mind

ethics final project

How to Boost your Cyber Risk Management Program and Capabilities?

Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015

A Child Like Approach to Grid Cybersecurity

Why is securing the Internet so hard

Cyber legal update oct 7 2015

BSides Huntsville Keynote - Active Cyber Defense Cycle

Advantage ppt data breaches km approved - final (djm notes)

33rd TWNIC IP OPM: Practical Incident Response & Threat Intelligence

Ethics of Big Data

2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...

MCG Cybersecurity Webinar Series - Risk Management

OSINT - Open Source Intelligence "Leading Intelligence and Investigation Tech...

Deral Heiland - Fail Now So I Don't Fail Later

Best cyber security certifications 2017

How to manage a data breach

Conf 2019 - Workshop: Liam Glanfield - know your threat actor

Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...

Similar to Global CISO Forum 2017: Privacy Partnership

Bsu skills and_careers_in_cybersecurity

Sandra (Sandy) Dunn

Cyber Security - ASGFOA

Peter Henley

Cyber security series vulnerability assessments

Jim Kaplan CIA CFE

This webinar series is designed to help internal auditors looking to equip themselves with competencies and confidence to handle audit of IT controls and information security, and learn about the emerging technologies and their underlying risks The series focuses on contemporary IT audit approaches relevant to Internal Auditors and the processes underlying risk based IT audits. Session 9 of 10 This Webinar focuses on Vulnerability Assessment • Ongoing identification of potential risks and areas of weakness • Hazard Assessment and Risk Identification • Problems in Vulnerability Assessment • Use of Penetration Testing • Network Vulnerability Testing • Web Vulnerability Testing • Wireless War Driving / Walking • Phone Network Testing • Social Engineering Testing • Walk-throughs and Dumpster Diving • Physical Security Auditing

Moving to the Cloud: A Security and Hosting Introduction

Blackbaud

The document discusses security measures taken by Blackbaud to protect client data. It provides an overview of today's security landscape including recent high-profile data breaches. It then details Blackbaud's approach to security through technology, people, certifications, and processes. Technologies used include firewalls, access controls, password management and data center security. Blackbaud also focuses on security training for employees, partnerships with security firms, and certifications like PCI, SSAE16, SOC1/2 and ITIL. Rigorous security processes around patching, change management, incident response and testing are also described.

Logs in Security and Compliance flare

zilberberg

Penetration Testing and Vulnerability Assessments: Examining the SEC and FINR...

TruShield Security Solutions

While advancements in technology have greatly improved the speed, efficiency and capability of investment advisers’ and broker-dealers’ systems and workflows, these developments have also significantly increased operational and reputational risk. An isolated system intrusion can have dramatic consequences for a SEC or FINRA registrant including financial loss, ongoing liability to clients and investors and potential regulatory enforcement action. In today’s environment, if a “hacked” SEC or FINRA registrant has any hope of avoiding a regulatory enforcement action, it is imperative they can demonstrate that they have adequate policies and procedures to identify and test potential cybersecurity vulnerabilities and weaknesses. Such policies must also address the experience, security vetting process and the location of any external party performing such tests.

Privacy Secrets Your Systems May Be Telling

Rebecca Leitch

Privacy has overtaken security as a top concern for many organizations. New laws such as GDPR come with steep fines and stringent rules, and more are certainly to come. Attend this webcast to learn how everyday business operations put customer privacy data at risk. More importantly understand best practices on protecting this data and dealing with disclosure requirements.   Topics include: * Types of privacy and threats to them * How is privacy different than security? * Business systems putting you most at risk

Privacy Secrets Your Systems May Be Telling

Security Innovation

This document summarizes a webinar on privacy secrets and how systems can reveal personal information. It discusses defining privacy, the seven types of privacy, and the differences between privacy and security. It also covers threats to privacy like big data, location tracking, and metadata analysis. The webinar examines data types like PII, PHI, and anonymous/pseudonymous data. It provides examples of data lifecycles and analyzing how data flows through systems and to third parties. The goal is to help organizations understand privacy risks and comply with regulations like GDPR.

Aligning Application Security to Compliance

Security Innovation

Regulatory compliance mandates have historically focused on IT & endpoint security as the primary means to protect data. However, as our digital economy has increasingly become software dependent, standards bodies have dutifully added requirements as they relate to development and deployment practices. Enterprise applications and cloud-based services constantly store and transmit data; yet, they are often difficult to understand and assess for compliance. This webcast will present a practical approach towards mapping application security practices to common compliance frameworks. It will discuss how to define and enact a secure, repeatable software development lifecycle (SDLC) and highlight activities that can be leveraged across multiple compliance controls. Topics include: * Consolidating security and compliance controls * Creating application security standards for development and operations teams * Identifying and remediating gaps between current practices and industry accepted "best practices”

SharePointlandia 2013: SharePoint and Compliance

Matthew R. Barrett

Webinar cybersecurity presentation-6-2018 (final)

AT-NET Services, Inc. - Charleston Division

This document provides an overview of cyber security threats for non-technical executives. It discusses who may target a company's data such as hackers, criminals, and terrorists. It outlines common methods of attack like phishing, ransomware, and malware. The document also considers what data is most valuable to an organization to assess potential damage from attacks. Finally, it recommends actions for protection including implementing security baselines, training, and balancing cyber risks with other business risks.

Utilizing OSINT in Threat Analytics and Incident Response

Christopher Beiring

Validating potential incidents or indicators of compromise (IOCs) in today’s fast paced environment can be somewhat overwhelming and difficult. Sometimes a team does not believe they have all of the tools and resources to quickly and accurately identify, verify, and rectify a potential indicator in their environment in time. Sometimes these investigations are performed yet may leave out valuable key pieces of data that would benefit the prevention or hardening against future similar attacks. Everyone wants the expensive and shiny tool that vendors offer, but sometimes budgets do not always allow teams access to the latest and greatest, and honestly, not all tools are equal. Relying on one piece of data for IOC validation is a bad idea, even if that resource is the best in the industry. The approach is to use not only the tools you have, but to augment them with existing open source tools that will enrich your investigation, provide accuracy, and supplement your ability to quickly and accurately respond to valid threats in order to increase your security team’s effectiveness. The purpose of this presentation will be to walk users through the value of Open Source Intel and how to use the tools available effectively to help research and identify potential issues during an incident response engagement.

Deconstructing Data Breach Cost

Resilient Systems

This document provides an overview of the costs associated with data breaches. It begins by introducing the speakers and the agenda. It then discusses what constitutes a data breach and the types of data that may be exposed, such as PII, PHI, intellectual property, and financial information. The document explores the various direct and indirect costs of a breach for different entities. It provides examples of cost estimates from past breaches, which range from thousands to over $170 million depending on the size and type of breach. Patterns in breach cost data are examined, though correlations are weak. Overall, the document deconstructs the complexities involved in understanding and estimating the full costs of a data breach.

Co3 rsc r5

Patrick Florer

This document provides an overview of the costs associated with data breaches. It begins by introducing the speakers and the agenda. It then discusses what constitutes a data breach and the types of data that may be exposed, such as PII, PHI, intellectual property, and financial information. The document outlines direct and indirect costs of breaches, including response costs, lost productivity, fines, and reputation damage. It provides estimates of costs from studies and actual breaches, which range from hundreds of thousands to over $170 million depending on the size and type of breach. Patterns in breach cost data are discussed. The document aims to help organizations understand and plan for the potential financial impact of a data security incident.

Information Security in a Compliance World

Evan Francen

2019 GDRR: Blockchain Data Analytics - Real World Adventures at a Cryptocurre...

The Statistical and Applied Mathematical Sciences Institute

Cryptocurrency exchanges offer challenges to even the most seasoned data scientists, security engineers and financial analysts. Everything from customer due diligence to predictive analytics to cybersecurity to illicit activity tracking requires both techniques and data that are unique to cryptocurrency and often hard to obtain. The ease by which dishonest exchanges can inflate trading volumes and the difficulty of obtaining approval for custody solutions presents hurdles when seeking formal regulatory approval. Advancements in Deep Fake videos and highly targeted phishing campaigns have tipped the scales in favor of attackers, keeping security teams constantly trying to stay one step ahead of adversaries and leaving enforcement bodies wondering about what precisely to collect in terms of forensic evidence. My talk will describe how a regulated cryptocurrency spot and futures exchange went from an idea to a fully regulated entity, the challenges we encountered along the way with regard to the design of custody and unique data analytics, and the open research challenges remaining.

ACEDS-Zylab 4-3-15 Webcast

Logikcull.com

This document summarizes a presentation on bridging the gap between legal and IT through information governance. The presentation discusses how data conceals both risk and value for organizations, noting regulatory, compliance, security, and disclosure risks as well as faster decision making, improved profitability, and other benefits. It outlines common problems general counsels face around demonstrating value, limited budgets, and being too busy firefighting daily tasks. The presentation then discusses how poor information governance can lead to litigation risks, problems with regulatory requests and investigations, and issues with internal policies. It stresses that information governance is a cross-disciplinary issue involving multiple departments. The presentation provides requirements for successful information governance programs and stresses focusing on specific quantifiable benefits to obtain support and resources

(2016_01_20)_IS_Management_Basics_LinkedIn

Ian Naumenko, CISSP, CRISC

Information security management requires having a plan to manage security, understanding the business needs, and promoting a security-positive culture. Effective communication and understanding business drivers are important. Information security professionals need to adopt risk-based approaches, classify sensitive information, and ensure compliance with relevant regulations while supporting business objectives. Maintaining security also involves incident response, business continuity planning, and keeping up with emerging threats and technologies.

C01 office 365, DLP data loss preventions, privacy, compliance, regulations

Edge Pereira

This document provides an overview of data protection, privacy, compliance and regulations capabilities in Office 365. It discusses how criminals are increasingly targeting personally identifiable information over financial data. There were over 1 billion records compromised in 2014 resulting in $400 million in losses. Scammers also steal $80 million annually from Australians. The document then outlines various controls in Office 365 for data loss prevention, eDiscovery, auditing, and encrypted email communications. It provides demonstrations of these capabilities.

Office 365 Data Leakage Protection, DLP, Data Loss Prevention, Privacy, Comp...

Edge Pereira

Similar to Global CISO Forum 2017: Privacy Partnership (20)

Bsu skills and_careers_in_cybersecurity

Cyber Security - ASGFOA

Cyber security series vulnerability assessments

Moving to the Cloud: A Security and Hosting Introduction

Logs in Security and Compliance flare

Penetration Testing and Vulnerability Assessments: Examining the SEC and FINR...

Privacy Secrets Your Systems May Be Telling

Aligning Application Security to Compliance

SharePointlandia 2013: SharePoint and Compliance

Webinar cybersecurity presentation-6-2018 (final)

Utilizing OSINT in Threat Analytics and Incident Response

Deconstructing Data Breach Cost

Co3 rsc r5

Information Security in a Compliance World

2019 GDRR: Blockchain Data Analytics - Real World Adventures at a Cryptocurre...

ACEDS-Zylab 4-3-15 Webcast

(2016_01_20)_IS_Management_Basics_LinkedIn

C01 office 365, DLP data loss preventions, privacy, compliance, regulations

Office 365 Data Leakage Protection, DLP, Data Loss Prevention, Privacy, Comp...

More from EC-Council

CyberOm - Hacking the Wellness Code in a Chaotic Cyber World

EC-Council

Cloud Security Architecture - a different approach

EC-Council

Whether people admit or not, everyone is moving to the cloud and all future business will run somewhere on the internet. Moving to the cloud requires different set of architecture and mindset. Data is stored, accessed and processed on different platforms and devices. Employees are working anywhere from the world, corporate data is no more under company IT custody. CISOs and CIOs need to think differently and set new Cloud Security Architecture. This session will try to draw the main areas of concern from Security perspective while moving to the cloud.

Phases of Incident Response

EC-Council

Weaponizing OSINT – Hacker Halted 2019 – Michael James

EC-Council

The document discusses weaponizing open-source intelligence (OSINT) and outlines potential passive attack paths an attacker could take using only publicly available information. It describes how attackers could profile targets using personal details from social media, pastebins, medical records, business cards, news articles, and other open sources. The document also provides recommendations for prevention, including assessing one's digital footprint and value to attackers, using privacy tools, updating social media settings, and spreading disinformation to obscure true personal details and locations that could be leveraged in attacks.

Hacking Your Career – Hacker Halted 2019 – Keith Turpin

EC-Council

Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee

EC-Council

Cloud Proxy Technology – Hacker Halted 2019 – Jeff Silver

EC-Council

The document provides an overview of cloud proxy technology and cyber security. It discusses how proxies work by terminating connections between users and servers and inspecting transmitted objects. The document then shares several "real world" examples of how proxies can detect and prevent phishing attempts, malware infections, and other cyber threats by analyzing URLs, file downloads, and network traffic patterns. It emphasizes the importance of threat intelligence and how proxies use global intelligence networks to identify and block malicious activity in real-time.

DNS – Strategies for Reducing Data Leakage & Protecting Online Privacy – Hack...

EC-Council

This document discusses strategies for reducing DNS data leakage and protecting online privacy. It begins with an introduction and overview of topics to be covered, including why DNS data is important from a privacy perspective, common DNS privacy exploits, insecure DNS resolution processes, and solutions for anonymizing DNS data like DNS over HTTPS and DNS over TLS. The document provides details on how DNS data can be tracked and leaked, as well as tools and techniques for analyzing DNS traffic and protecting privacy, including public secure resolvers, browser-based protections, VPNs, and running one's own recursive resolver. It concludes with taking privacy to varying degrees and balancing privacy with usability.

Data in cars can be creepy – Hacker Halted 2019 – Andrea Amico

EC-Council

Breaking Smart [Bank] Statements – Hacker Halted 2019 – Manuel Nader

EC-Council

Are your cloud servers under attack?– Hacker Halted 2019 – Brian Hileman

EC-Council

War Game: Ransomware – Global CISO Forum 2019

EC-Council

This document describes a tabletop exercise to simulate responding to a ransomware attack. It provides examples of recent ransomware attacks against various organizations, including municipalities and healthcare and private companies. These resulted in ransoms demanded from $51,000 to $600,000 and costs of recovery and lost operations from $17 million to companies having to cease operations. The exercise involves forming an incident response team and working through simulated ransomware attacks, assessing damage, determining payment and recovery options, developing alternative communications, and deciding whether to pay a ransom demand.

How to become a Security Behavior Alchemist – Global CISO Forum 2019 – Perry ...

EC-Council

Introduction to FAIR Risk Methodology – Global CISO Forum 2019 – Donna Gall...

EC-Council

Alexa is a snitch! Hacker Halted 2019 - Wes Widner

EC-Council

Hacker Halted 2018: Don't Panic! Big Data Analytics vs. Law Enforcement

EC-Council

A man was discovered murdered on a street late at night. Police were called to the scene and began their investigation. They found limited clues but saw footage of a potential suspect. Detectives then used big data analytics to identify individuals near the crime scene around the time of the murder. This led them to three male suspects. Further investigation of these suspects focused on building profiles of their patterns of life in hopes of identifying the killer.

Hacker Halted 2018: HACKING TRILLIAN: A 42-STEP SOLUTION TO EXPLOIT POST-VOGA...

EC-Council

Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...

EC-Council

Hacker Halted 2018: SE vs Predator: Using Social Engineering in ways I never ...

EC-Council

Global CCISO Forum 2018 | Sebastian Hess "Cyber Insurance and Cyber Risk Quan...

EC-Council

More from EC-Council (20)

CyberOm - Hacking the Wellness Code in a Chaotic Cyber World

Cloud Security Architecture - a different approach

Phases of Incident Response

Weaponizing OSINT – Hacker Halted 2019 – Michael James

Hacking Your Career – Hacker Halted 2019 – Keith Turpin

Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee

Cloud Proxy Technology – Hacker Halted 2019 – Jeff Silver

DNS – Strategies for Reducing Data Leakage & Protecting Online Privacy – Hack...

Data in cars can be creepy – Hacker Halted 2019 – Andrea Amico

Breaking Smart [Bank] Statements – Hacker Halted 2019 – Manuel Nader

Are your cloud servers under attack?– Hacker Halted 2019 – Brian Hileman

War Game: Ransomware – Global CISO Forum 2019

How to become a Security Behavior Alchemist – Global CISO Forum 2019 – Perry ...

Introduction to FAIR Risk Methodology – Global CISO Forum 2019 – Donna Gall...

Alexa is a snitch! Hacker Halted 2019 - Wes Widner

Hacker Halted 2018: Don't Panic! Big Data Analytics vs. Law Enforcement

Hacker Halted 2018: HACKING TRILLIAN: A 42-STEP SOLUTION TO EXPLOIT POST-VOGA...

Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...

Hacker Halted 2018: SE vs Predator: Using Social Engineering in ways I never ...

Global CCISO Forum 2018 | Sebastian Hess "Cyber Insurance and Cyber Risk Quan...

Recently uploaded

Must Know Postgres Extension for DBA and Developer during Migration

Mydbops

Mydbops Opensource Database Meetup 16 Topic: Must-Know PostgreSQL Extensions for Developers and DBAs During Migration Speaker: Deepak Mahto, Founder of DataCloudGaze Consulting Date & Time: 8th June | 10 AM - 1 PM IST Venue: Bangalore International Centre, Bangalore Abstract: Discover how PostgreSQL extensions can be your secret weapon! This talk explores how key extensions enhance database capabilities and streamline the migration process for users moving from other relational databases like Oracle. Key Takeaways: * Learn about crucial extensions like oracle_fdw, pgtt, and pg_audit that ease migration complexities. * Gain valuable strategies for implementing these extensions in PostgreSQL to achieve license freedom. * Discover how these key extensions can empower both developers and DBAs during the migration process. * Don't miss this chance to gain practical knowledge from an industry expert and stay updated on the latest open-source database trends. Mydbops Managed Services specializes in taking the pain out of database management while optimizing performance. Since 2015, we have been providing top-notch support and assistance for the top three open-source databases: MySQL, MongoDB, and PostgreSQL. Our team offers a wide range of services, including assistance, support, consulting, 24/7 operations, and expertise in all relevant technologies. We help organizations improve their database's performance, scalability, efficiency, and availability. Contact us: info@mydbops.com Visit: https://www.mydbops.com/ Follow us on LinkedIn: https://in.linkedin.com/company/mydbops For more details and updates, please follow up the below links. Meetup Page : https://www.meetup.com/mydbops-databa... Twitter: https://twitter.com/mydbopsofficial Blogs: https://www.mydbops.com/blog/ Facebook(Meta): https://www.facebook.com/mydbops/

Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians

Neo4j

Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...

Pitangent Analytics & Technology Solutions Pvt. Ltd

Nordic Marketo Engage User Group_June 13_ 2024.pptx

MichaelKnudsen27

Mutation Testing for Task-Oriented Chatbots

Pablo Gómez Abajo

Conversational agents, or chatbots, are increasingly used to access all sorts of services using natural language. While open-domain chatbots - like ChatGPT - can converse on any topic, task-oriented chatbots - the focus of this paper - are designed for specific tasks, like booking a flight, obtaining customer support, or setting an appointment. Like any other software, task-oriented chatbots need to be properly tested, usually by defining and executing test scenarios (i.e., sequences of user-chatbot interactions). However, there is currently a lack of methods to quantify the completeness and strength of such test scenarios, which can lead to low-quality tests, and hence to buggy chatbots. To fill this gap, we propose adapting mutation testing (MuT) for task-oriented chatbots. To this end, we introduce a set of mutation operators that emulate faults in chatbot designs, an architecture that enables MuT on chatbots built using heterogeneous technologies, and a practical realisation as an Eclipse plugin. Moreover, we evaluate the applicability, effectiveness and efficiency of our approach on open-source chatbots, with promising results.

What is an RPA CoE? Session 1 – CoE Vision

DianaGray10

Y-Combinator seed pitch deck template PP

c5vrf27qcz

Astute Business Solutions | Oracle Cloud Partner |

AstuteBusiness

What is an RPA CoE? Session 2 – CoE Roles

DianaGray10

AppSec PNW: Android and iOS Application Security with MobSF

Ajin Abraham

Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application. This talk covers: Using MobSF for static analysis of mobile applications. Interactive dynamic security assessment of Android and iOS applications. Solving Mobile app CTF challenges. Reverse engineering and runtime analysis of Mobile malware. How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.

"What does it really mean for your system to be available, or how to define w...

Fwdays

GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph

Neo4j

Christine's Supplier Sourcing Presentaion.pptx

christinelarrosa

Introduction of Cybersecurity with OSS at Code Europe 2024

Hiroshi SHIBATA

I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems. The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS. Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application. I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.

A Deep Dive into ScyllaDB's Architecture

ScyllaDB

zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...

Alex Pruden

Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security. Paper Link: https://eprint.iacr.org/2024/257

LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...

DanBrown980551

This LF Energy webinar took place June 20, 2024. It featured: -Alex Thornton, LF Energy -Hallie Cramer, Google -Daniel Roesler, UtilityAPI -Henry Richardson, WattTime In response to the urgency and scale required to effectively address climate change, open source solutions offer significant potential for driving innovation and progress. Currently, there is a growing demand for standardization and interoperability in energy data and modeling. Open source standards and specifications within the energy sector can also alleviate challenges associated with data fragmentation, transparency, and accessibility. At the same time, it is crucial to consider privacy and security concerns throughout the development of open source platforms. This webinar will delve into the motivations behind establishing LF Energy’s Carbon Data Specification Consortium. It will provide an overview of the draft specifications and the ongoing progress made by the respective working groups. Three primary specifications will be discussed: -Discovery and client registration, emphasizing transparent processes and secure and private access -Customer data, centering around customer tariffs, bills, energy usage, and full consumption disclosure -Power systems data, focusing on grid data, inclusive of transmission and distribution networks, generation, intergrid power flows, and market settlement data

"$10 thousand per minute of downtime: architecture, queues, streaming and fin...

Fwdays

Direct losses from downtime in 1 minute = $5-$10 thousand dollars. Reputation is priceless. As part of the talk, we will consider the architectural strategies necessary for the development of highly loaded fintech solutions. We will focus on using queues and streaming to efficiently work and manage large amounts of data in real-time and to minimize latency. We will focus special attention on the architectural patterns used in the design of the fintech system, microservices and event-driven architecture, which ensure scalability, fault tolerance, and consistency of the entire system.

Session 1 - Intro to Robotic Process Automation.pdf

UiPathCommunity

👉 Check out our full 'Africa Series - Automation Student Developers (EN)' page to register for the full program: https://bit.ly/Automation_Student_Kickstart In this session, we shall introduce you to the world of automation, the UiPath Platform, and guide you on how to install and setup UiPath Studio on your Windows PC. 📕 Detailed agenda: What is RPA? Benefits of RPA? RPA Applications The UiPath End-to-End Automation Platform UiPath Studio CE Installation and Setup 💻 Extra training through UiPath Academy: Introduction to Automation UiPath Business Automation Platform Explore automation development with UiPath Studio 👉 Register here for our upcoming Session 2 on June 20: Introduction to UiPath Studio Fundamentals: https://community.uipath.com/events/details/uipath-lagos-presents-session-2-introduction-to-uipath-studio-fundamentals/

inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill

LizaNolte

HERE IS YOUR WEBINAR CONTENT! 'Mastering Customer Journey Management with Dr. Graham Hill'. We hope you find the webinar recording both insightful and enjoyable. In this webinar, we explored essential aspects of Customer Journey Management and personalization. Here’s a summary of the key insights and topics discussed: Key Takeaways: Understanding the Customer Journey: Dr. Hill emphasized the importance of mapping and understanding the complete customer journey to identify touchpoints and opportunities for improvement. Personalization Strategies: We discussed how to leverage data and insights to create personalized experiences that resonate with customers. Technology Integration: Insights were shared on how inQuba’s advanced technology can streamline customer interactions and drive operational efficiency.

Recently uploaded (20)

Must Know Postgres Extension for DBA and Developer during Migration

Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians

Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...

Nordic Marketo Engage User Group_June 13_ 2024.pptx

Mutation Testing for Task-Oriented Chatbots

What is an RPA CoE? Session 1 – CoE Vision

Y-Combinator seed pitch deck template PP

Astute Business Solutions | Oracle Cloud Partner |

What is an RPA CoE? Session 2 – CoE Roles

AppSec PNW: Android and iOS Application Security with MobSF

"What does it really mean for your system to be available, or how to define w...

GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph

Christine's Supplier Sourcing Presentaion.pptx

Introduction of Cybersecurity with OSS at Code Europe 2024

A Deep Dive into ScyllaDB's Architecture

zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...

LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...

"$10 thousand per minute of downtime: architecture, queues, streaming and fin...

Session 1 - Intro to Robotic Process Automation.pdf

inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill

Global CISO Forum 2017: Privacy Partnership

1. Classification: //SecureWorks/Confidential - Limited External Distribution:Classification: //SecureWorks/Confidential - Limited External Distribution: Privacy Partnership Katherine Fithen Retired Chief Privacy Officer The Coca-ColaCompany <date>

2. Classification: //SecureWorks/Confidential - Limited External Distribution: Agenda • My Background • Why Compliance ≠ Security • Privacy Partnership • Business • IT • Legal • Risk Management • Breach Response • Questions & Contact Information ciso.eccouncil.org 2

3. Classification: //SecureWorks/Confidential - Limited External Distribution: My Background • Education • B.A., Retail Management • M.A., Personnel Management • M.S., Information Science • Careers • Retail – clothing buyer for stores • Technology • PREPnet • CERT® • pwc • The Coca-ColaCompany • SecureWorks ciso.eccouncil.org 3

4. Classification: //SecureWorks/Confidential - Limited External Distribution: Why Compliance ≠ Security • SOX • Enron • PCI • TJ Maxx breach (2007) • Had been certified by PCI assessment • 45.6 million cards compromised • Privacy • Target breach (2013 - 2015) • 42 million cards compromised • 61 million people had PI compromised • OPM breach • 21.5 million people had PI compromised • Equifax • 143 million people had PI compromised ciso.eccouncil.org 4

5. Classification: //SecureWorks/Confidential - Limited External Distribution: Privacy Partnership • Business • “Owner” of the data • HR, Marketing,Customer, etc. • IT • Technology enables organizations to align with privacy laws, regulations, and expectations • Legal • Provide the legal/regulatory requirements for • Business owners of data • IT ciso.eccouncil.org 5

6. Classification: //SecureWorks/Confidential - Limited External Distribution: Privacy Partnership (cont.) • IT • IT SDLC • Access controls • Negative testing • Authentication • MFA vs UserID + passwd • Encryption • Who owns/manages the encryption key? • Age validation implementation • Logs • Application • Network • Contract obligations for vendors & vendor management ciso.eccouncil.org 6

7. Classification: //SecureWorks/Confidential - Limited External Distribution: Privacy Partnership (cont.) • Considerations for Privacy Office & Privacy Council • Privacy Office • IT and Legal • Privacy Council • Legal • IT • Marketing • HR • Public Affairs • InternalAudit • Controller’s Office ciso.eccouncil.org 7

8. Classification: //SecureWorks/Confidential - Limited External Distribution: Risk Management • If compliance ≠ security – then what do we do? • Most organizations cannot protect all assets equally – and probably should not • Too costly • Too resource-intensive • Risk Management • Identify sensitive assets • IP (Intellectual Property) • PI (Personal Information) • Insider threat vs external threats ciso.eccouncil.org 8

9. Classification: //SecureWorks/Confidential - Limited External Distribution: Breach Response • Who, What, Where,When, and How ciso.eccouncil.org 9

10. Classification: //SecureWorks/Confidential - Limited External Distribution: Breach Response (cont.) • Who, What, Where,When, and How • Who • Legal, Business owner of breached data, IT, Public Affairs,Vendor(s), 3rd-party breach response team (e.g., PCI) • Who leads/is decision maker? • Regulators ciso.eccouncil.org 10

11. Classification: //SecureWorks/Confidential - Limited External Distribution: Breach Response (cont.) • Who, What, Where,When, and How • What • What happened? • How quickly will you know what happened? • What to communicate about what happened? • What facts do you have? • What “beliefs” do you have? • What steps do I take? • What services do I offer (e.g., ID theft protection, etc.) ciso.eccouncil.org 11

12. Classification: //SecureWorks/Confidential - Limited External Distribution: Breach Response (cont.) • Who, What, Where,When, and How (cont.) • Where • Where is it? • My data? • My users? • My logs/evidence? ciso.eccouncil.org 12

13. Classification: //SecureWorks/Confidential - Limited External Distribution: Breach Response (cont.) • Who, What, Where,When, and How (cont.) • When • Communicate • Internally • Externally • “Know” what happened to be able to communicate? • Bring in a 3rd-party • Required by regulation? • Need the SME assistance? • Want outsider “objective” assistance? ciso.eccouncil.org 13

14. Classification: //SecureWorks/Confidential - Limited External Distribution: Breach Response • Who, What, Where,When, and How (cont.) • How • How do I communicate? • Internally • Externally • How do I make “Everyone” comfortable / confident in my ability to handle? • Those impacted? • Regulators? • Media? • Employees? • Partners? ciso.eccouncil.org 14

15. Classification: //SecureWorks/Confidential - Limited External Distribution: In Closing • We need to work together – Business, IT, and Legal to ensure enable the business while protecting company assets ciso.eccouncil.org 15

16. Classification: //SecureWorks/Confidential - Limited External Distribution: Questions & Contact Information ciso.eccouncil.org 16 • Katherine Fithen Managing Principal Consultant SecureWorks kfithen@secureworks.com +1-770-331-2092

Global CISO Forum 2017: Privacy Partnership

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Global CISO Forum 2017: Privacy Partnership

Similar to Global CISO Forum 2017: Privacy Partnership (20)

More from EC-Council

More from EC-Council (20)

Recently uploaded

Recently uploaded (20)

Global CISO Forum 2017: Privacy Partnership