SlideShare a Scribd company logo

Takeaways from a Simulated Cyber Attack

Boston Consulting Group
Boston Consulting Group

Explore the key lessons gleaned from the cyber attack simulation exercise at the CyberCanada Senior Leadership Summit

Business
1 of 10
MARCH 1, 2018 Summary Report Cyber attack simulation exercise
1 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. The CyberCanada attack simulation exercise was attended by 100+ Canadian leaders representing a wide-range of organizations from both the private and public sector. Some of the views shared by participants, and captured here, may appear to be conflicting. This is a reflection of different opinions voiced and/or differences between the various individuals and groups represented. A short recap of the learning objectives, feedback shared by attendees during the module readouts, and questions to consider asking your organizations have been included in this short report. To ensure privacy, opinions have not been attributed to any individuals. A brief summary of the discussions during the CyberCanada attack simulation exercise
2 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Recap: the Table Top eXercise (TTX) had specific learning objectives Experience what your management team goes through when under cyberattack • Basic cybersecurity concepts • Cybersecurity as a strategic business risk • The impacts of people, culture, process, procedures and technology on cyber resilience • How to advance cyber resilience beyond the technical part The Experience Understand by doing
3 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Module 1: The Compromise Strengths and weaknesses of CEO's communications • Strengths: out in front, confident, clear, available, took ownership • Weaknesses: other management was not informed, too much information was shared, not enough assurance, not genuine enough, lack of preparation, false statements made Responsibilities of the Management Board • Ensure business continuity • Determine regulatory reporting requirements • Decide on internal communications • Get handle on scope, control the message • Engage the Board What will you do next? • Impact assessment from BUs + Functions • Determine what insurance the company has • Consult legal counsel • Solicit Public Relations support • Determine recovery and comms plans • Determine plan of action • Decide what should be the cadence for updates Summary of responses shared during Module 1 3 2 1
4 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Module 2: The Briefing Views regarding ransom payment and who should make the decision • Much disagreement on whether or not to pay the ransom • Ransom payment considerations: assess the financial impact with cost/benefit analysis, will we get back the data, can operations resume without paying, who is the attacker, ask for extension on deadline, discuss with law enforcement • Who should make decision: some said Board should decide, others said C-Suite should decide with advice from Board Thoughts on engaging the community • Engage the entire ecosystem • Third parties: cybersecurity consultants, legal, PR, insurance, law enforcement, call centers, ransom negotiator • Stakeholders: employees, customers, partners, suppliers, shareholders, government, regulators What are next steps? • Assess the business impact and set long-term strategy • Get back to operations, assign responsible parties • Look at the culture that allowed this to happen • Fire the CEO 3 2 1 Summary of responses shared during Module 2
5 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Module 3: The Response Experts you would contact during a cyber attack and when • Engage law enforcement early; they have intel • Crisis response consultants and forensics teams can help • Different responses for different jurisdictions and industries • Prepare before the attack: meet with law enforcement and establish the relationship beforehand • Collaborate with industry partners Following this exercise, what will you do differently? • Ask the organization questions about cybersecurity • Raise cybersecurity to the Board level • “Culture is to punish the victim” has to stop • Establish relationships with law enforcement and national CERT • Don't wait for an attack to happen, plan incident response now • Set cybersecurity long-term vision/strategy; and be agile • Cybersecurity is not a cost center; it's a business enabler How has digitalization impacted cybersecurity and business strategy? • Increased the number of unknowns and interdependencies • Has caused information overload creating a need to educate the public • IoT has increased the risk by increasing the attack surface Summary of responses shared during Module 3 3 2 1
6 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Key questions you should be asking your organization Crown jewels How does your organization know which systems, data, and assets have the most value and do you conduct tests on breaching those systems? Technology How are the users of your cybersecurity tools properly trained on how to get the best results from them? Culture How is cybersecurity ingrained into the culture of your organization the same way as safety, quality, ethics and compliance? Third parties How do you secure suppliers, acquisitions, business partners, and customers with the same rigor as you secure your enterprise? Design for Cyber How are your products, networks, and systems designed with cybersecurity in mind—from the first design concept meeting through every stage? Business enabler How have you integrated cybersecurity into your business strategy so that your business can safely and securely innovate and grow faster? Consequences How do you optimize your budget between reducing vulnerabilities and reducing the consequences of a breach? Preparation What kind of plans do you have in place for incident response, business continuity & disaster recovery? Do you regularly practice executing these plans?
7 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Boards are in a unique strategic position to improve cyber resilience. And they are ultimately responsible for cyber risk in their companies BCG jointly with the Forum established 10 Board Principles for cyber resilience • Responsibility for Cyber Resilience • Command of the Subject • Accountable officer • Integration of Cyber Resilience • Risk assessment and reporting • Risk appetite • Resilience plans • Community • Review • Effectiveness See also the Forum's comprehensive report on "Advancing Cyber Resilience: Principles and Tools for Boards" (2017) Source: BCG and World Economic Forum See the publication at: http://www3.weforum.org/docs/IP/2017/Adv_Cyber_Resilience_Principles-Tools.pdf 1 2 3 4 6 5 8 7 9 10
8 The services and materials provided by The Boston Consulting Group (BCG) are subject to BCG's Standard Terms (a copy of which is available upon request) or such other agreement as may have been previously executed by BCG. BCG does not provide legal, accounting, or tax advice. The Client is responsible for obtaining independent advice concerning these matters. This advice may affect the guidance given by BCG. Further, BCG has made no undertaking to update these materials after the date hereof, notwithstanding that such information may become outdated or inaccurate. The materials contained in this presentation are designed for the sole use by the board of directors or senior management of the Client and solely for the limited purposes described in the presentation. The materials shall not be copied or given to any person or entity other than the Client (“Third Party”) without the prior written consent of BCG. These materials serve only as the focus for discussion; they are incomplete without the accompanying oral commentary and may not be relied on as a stand-alone document. Further, Third Parties may not, and it is unreasonable for any Third Party to, rely on these materials for any purpose whatsoever. To the fullest extent permitted by law (and except to the extent otherwise agreed in a signed writing by BCG), BCG shall have no liability whatsoever to any Third Party, and any Third Party hereby waives any rights and claims it may have at any time against BCG with regard to the services, this presentation, or other materials, including the accuracy or completeness thereof. Receipt and review of this document shall be deemed agreement with and consideration for the foregoing. BCG does not provide fairness opinions or valuations of market transactions, and these materials should not be relied on or construed as such. Further, the financial evaluations, projected market and financial information, and conclusions contained in these materials are based upon standard valuation methodologies, are not definitive forecasts, and are not guaranteed by BCG. BCG has used public and/or confidential data and assumptions provided to BCG by the Client. BCG has not independently verified the data and assumptions used in these analyses. Changes in the underlying data or operating assumptions will clearly impact the analyses and conclusions. Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved.
bcg.com

Recommended

Digital Consumers, Emerging Markets, and the $4 Trillion Future
Digital Consumers, Emerging Markets, and the $4 Trillion FutureDigital Consumers, Emerging Markets, and the $4 Trillion Future
Digital Consumers, Emerging Markets, and the $4 Trillion FutureBoston Consulting Group
 
Cisco Case Analysis
Cisco Case AnalysisCisco Case Analysis
Cisco Case Analysisperk2624
 
Intelligent Operations for Future-Ready Businesses | Accenture
Intelligent Operations for Future-Ready Businesses | AccentureIntelligent Operations for Future-Ready Businesses | Accenture
Intelligent Operations for Future-Ready Businesses | Accentureaccenture
 
Recruitment of a star mdim
Recruitment of a star mdimRecruitment of a star mdim
Recruitment of a star mdimKaushik Goswami
 
curled-metal case study analysis
curled-metal case study analysiscurled-metal case study analysis
curled-metal case study analysisancientsoul90
 
James Burke A Career In American Business
James Burke A Career In American BusinessJames Burke A Career In American Business
James Burke A Career In American BusinessRon Liu
 
Carolinas healthcare system
Carolinas healthcare system Carolinas healthcare system
Carolinas healthcare system Sanmeet Dhokay
 
Strategy Study 2014 | A.T. Kearney
Strategy Study 2014 | A.T. KearneyStrategy Study 2014 | A.T. Kearney
Strategy Study 2014 | A.T. KearneyKearney
 

Recommended

Digital Consumers, Emerging Markets, and the $4 Trillion Future
Digital Consumers, Emerging Markets, and the $4 Trillion FutureDigital Consumers, Emerging Markets, and the $4 Trillion Future
Digital Consumers, Emerging Markets, and the $4 Trillion FutureBoston Consulting Group
 
Cisco Case Analysis
Cisco Case AnalysisCisco Case Analysis
Cisco Case Analysisperk2624
 
Intelligent Operations for Future-Ready Businesses | Accenture
Intelligent Operations for Future-Ready Businesses | AccentureIntelligent Operations for Future-Ready Businesses | Accenture
Intelligent Operations for Future-Ready Businesses | Accentureaccenture
 
Recruitment of a star mdim
Recruitment of a star mdimRecruitment of a star mdim
Recruitment of a star mdimKaushik Goswami
 
curled-metal case study analysis
curled-metal case study analysiscurled-metal case study analysis
curled-metal case study analysisancientsoul90
 
James Burke A Career In American Business
James Burke A Career In American BusinessJames Burke A Career In American Business
James Burke A Career In American BusinessRon Liu
 
Carolinas healthcare system
Carolinas healthcare system Carolinas healthcare system
Carolinas healthcare system Sanmeet Dhokay
 
Strategy Study 2014 | A.T. Kearney
Strategy Study 2014 | A.T. KearneyStrategy Study 2014 | A.T. Kearney
Strategy Study 2014 | A.T. KearneyKearney
 
Ncc case study
Ncc case studyNcc case study
Ncc case studyNipun Baruah
 
Nike Cost of Capital
Nike Cost of Capital Nike Cost of Capital
Nike Cost of Capital Fadila Pratika Alimuddin
 
Accelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesAccelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesMcKinsey & Company
 
harrah entertainment inc - case study
harrah entertainment inc - case studyharrah entertainment inc - case study
harrah entertainment inc - case studyTushar Arora
 
Apex corporation case study
Apex corporation case studyApex corporation case study
Apex corporation case studyUtkarsh Shivam
 
What’s Chipping Away at Automotive Production
What’s Chipping Away at Automotive ProductionWhat’s Chipping Away at Automotive Production
What’s Chipping Away at Automotive ProductionBoston Consulting Group
 
Ipremier case
Ipremier caseIpremier case
Ipremier caseFabian Okidi
 
COVID-19 Auto & Mobility Consumer Insights
COVID-19 Auto & Mobility Consumer InsightsCOVID-19 Auto & Mobility Consumer Insights
COVID-19 Auto & Mobility Consumer InsightsMcKinsey & Company
 
Harrah's Entertainment, Inc. Case Analysis
Harrah's Entertainment, Inc. Case AnalysisHarrah's Entertainment, Inc. Case Analysis
Harrah's Entertainment, Inc. Case Analysismbartugs
 
The evolving value chain in life sciences
The evolving value chain in life sciencesThe evolving value chain in life sciences
The evolving value chain in life sciencesEY
 
Ge Digital Revolution
Ge Digital RevolutionGe Digital Revolution
Ge Digital RevolutionGhouse S
 
Whole Brain Leadership: New Rules of Engagement for the C-Suite| Accenture St...
Whole Brain Leadership: New Rules of Engagement for the C-Suite| Accenture St...Whole Brain Leadership: New Rules of Engagement for the C-Suite| Accenture St...
Whole Brain Leadership: New Rules of Engagement for the C-Suite| Accenture St...accenture
 
Vinsun infra engineering: Case on ERP
Vinsun infra engineering: Case on ERPVinsun infra engineering: Case on ERP
Vinsun infra engineering: Case on ERPHimanshu Arora
 
Alphabet Eyes New Frontiers
Alphabet Eyes New FrontiersAlphabet Eyes New Frontiers
Alphabet Eyes New FrontiersRadha Gupta
 
Fintech New York: Partnerships, Platforms and Open Innovation
Fintech New York: Partnerships, Platforms and Open InnovationFintech New York: Partnerships, Platforms and Open Innovation
Fintech New York: Partnerships, Platforms and Open Innovationaccenture
 
Consumer privacy in retail
Consumer privacy in retailConsumer privacy in retail
Consumer privacy in retailDeloitte United States
 
Putting digital technology and data to work for Tech CMO's
Putting digital technology and data to work for Tech CMO'sPutting digital technology and data to work for Tech CMO's
Putting digital technology and data to work for Tech CMO'sPwC
 
BCG Telco Sustainability Index
BCG Telco Sustainability IndexBCG Telco Sustainability Index
BCG Telco Sustainability IndexBoston Consulting Group
 
TMT Outlook 2017: A new wave of advances offer opportunities and challenges
TMT Outlook 2017: A new wave of advances offer opportunities and challengesTMT Outlook 2017: A new wave of advances offer opportunities and challenges
TMT Outlook 2017: A new wave of advances offer opportunities and challengesDeloitte United States
 
Accenture Consumer Behavior Research: The value shake-up
Accenture Consumer Behavior Research: The value shake-upAccenture Consumer Behavior Research: The value shake-up
Accenture Consumer Behavior Research: The value shake-upaccenture
 
A Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveA Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveDawn Yankeelov
 
Workshop B: Jill Cuthbert, Citi
Workshop B: Jill Cuthbert, CitiWorkshop B: Jill Cuthbert, Citi
Workshop B: Jill Cuthbert, CitiStuart Reid
 

More Related Content

What's hot

Accelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesAccelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesMcKinsey & Company
 
harrah entertainment inc - case study
harrah entertainment inc - case studyharrah entertainment inc - case study
harrah entertainment inc - case studyTushar Arora
 
Apex corporation case study
Apex corporation case studyApex corporation case study
Apex corporation case studyUtkarsh Shivam
 
What’s Chipping Away at Automotive Production
What’s Chipping Away at Automotive ProductionWhat’s Chipping Away at Automotive Production
What’s Chipping Away at Automotive ProductionBoston Consulting Group
 
COVID-19 Auto & Mobility Consumer Insights
COVID-19 Auto & Mobility Consumer InsightsCOVID-19 Auto & Mobility Consumer Insights
COVID-19 Auto & Mobility Consumer InsightsMcKinsey & Company
 
Harrah's Entertainment, Inc. Case Analysis
Harrah's Entertainment, Inc. Case AnalysisHarrah's Entertainment, Inc. Case Analysis
Harrah's Entertainment, Inc. Case Analysismbartugs
 
The evolving value chain in life sciences
The evolving value chain in life sciencesThe evolving value chain in life sciences
The evolving value chain in life sciencesEY
 
Ge Digital Revolution
Ge Digital RevolutionGe Digital Revolution
Ge Digital RevolutionGhouse S
 
Whole Brain Leadership: New Rules of Engagement for the C-Suite| Accenture St...
Whole Brain Leadership: New Rules of Engagement for the C-Suite| Accenture St...Whole Brain Leadership: New Rules of Engagement for the C-Suite| Accenture St...
Whole Brain Leadership: New Rules of Engagement for the C-Suite| Accenture St...accenture
 
Vinsun infra engineering: Case on ERP
Vinsun infra engineering: Case on ERPVinsun infra engineering: Case on ERP
Vinsun infra engineering: Case on ERPHimanshu Arora
 
Alphabet Eyes New Frontiers
Alphabet Eyes New FrontiersAlphabet Eyes New Frontiers
Alphabet Eyes New FrontiersRadha Gupta
 
Fintech New York: Partnerships, Platforms and Open Innovation
Fintech New York: Partnerships, Platforms and Open InnovationFintech New York: Partnerships, Platforms and Open Innovation
Fintech New York: Partnerships, Platforms and Open Innovationaccenture
 
Putting digital technology and data to work for Tech CMO's
Putting digital technology and data to work for Tech CMO'sPutting digital technology and data to work for Tech CMO's
Putting digital technology and data to work for Tech CMO'sPwC
 
TMT Outlook 2017: A new wave of advances offer opportunities and challenges
TMT Outlook 2017: A new wave of advances offer opportunities and challengesTMT Outlook 2017: A new wave of advances offer opportunities and challenges
TMT Outlook 2017: A new wave of advances offer opportunities and challengesDeloitte United States
 
Accenture Consumer Behavior Research: The value shake-up
Accenture Consumer Behavior Research: The value shake-upAccenture Consumer Behavior Research: The value shake-up
Accenture Consumer Behavior Research: The value shake-upaccenture
 

What's hot (20)

Ncc case study
Ncc case studyNcc case study
Ncc case study
 
Nike Cost of Capital
Nike Cost of Capital Nike Cost of Capital
Nike Cost of Capital
 
Accelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesAccelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securities
 
harrah entertainment inc - case study
harrah entertainment inc - case studyharrah entertainment inc - case study
harrah entertainment inc - case study
 
Apex corporation case study
Apex corporation case studyApex corporation case study
Apex corporation case study
 
What’s Chipping Away at Automotive Production
What’s Chipping Away at Automotive ProductionWhat’s Chipping Away at Automotive Production
What’s Chipping Away at Automotive Production
 
Ipremier case
Ipremier caseIpremier case
Ipremier case
 
COVID-19 Auto & Mobility Consumer Insights
COVID-19 Auto & Mobility Consumer InsightsCOVID-19 Auto & Mobility Consumer Insights
COVID-19 Auto & Mobility Consumer Insights
 
Harrah's Entertainment, Inc. Case Analysis
Harrah's Entertainment, Inc. Case AnalysisHarrah's Entertainment, Inc. Case Analysis
Harrah's Entertainment, Inc. Case Analysis
 
The evolving value chain in life sciences
The evolving value chain in life sciencesThe evolving value chain in life sciences
The evolving value chain in life sciences
 
Ge Digital Revolution
Ge Digital RevolutionGe Digital Revolution
Ge Digital Revolution
 
Whole Brain Leadership: New Rules of Engagement for the C-Suite| Accenture St...
Whole Brain Leadership: New Rules of Engagement for the C-Suite| Accenture St...Whole Brain Leadership: New Rules of Engagement for the C-Suite| Accenture St...
Whole Brain Leadership: New Rules of Engagement for the C-Suite| Accenture St...
 
Vinsun infra engineering: Case on ERP
Vinsun infra engineering: Case on ERPVinsun infra engineering: Case on ERP
Vinsun infra engineering: Case on ERP
 
Alphabet Eyes New Frontiers
Alphabet Eyes New FrontiersAlphabet Eyes New Frontiers
Alphabet Eyes New Frontiers
 
Fintech New York: Partnerships, Platforms and Open Innovation
Fintech New York: Partnerships, Platforms and Open InnovationFintech New York: Partnerships, Platforms and Open Innovation
Fintech New York: Partnerships, Platforms and Open Innovation
 
Consumer privacy in retail
Consumer privacy in retailConsumer privacy in retail
Consumer privacy in retail
 
Putting digital technology and data to work for Tech CMO's
Putting digital technology and data to work for Tech CMO'sPutting digital technology and data to work for Tech CMO's
Putting digital technology and data to work for Tech CMO's
 
BCG Telco Sustainability Index
BCG Telco Sustainability IndexBCG Telco Sustainability Index
BCG Telco Sustainability Index
 
TMT Outlook 2017: A new wave of advances offer opportunities and challenges
TMT Outlook 2017: A new wave of advances offer opportunities and challengesTMT Outlook 2017: A new wave of advances offer opportunities and challenges
TMT Outlook 2017: A new wave of advances offer opportunities and challenges
 
Accenture Consumer Behavior Research: The value shake-up
Accenture Consumer Behavior Research: The value shake-upAccenture Consumer Behavior Research: The value shake-up
Accenture Consumer Behavior Research: The value shake-up
 

Similar to Takeaways from a Simulated Cyber Attack

A Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveA Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveDawn Yankeelov
 
Workshop B: Jill Cuthbert, Citi
Workshop B: Jill Cuthbert, CitiWorkshop B: Jill Cuthbert, Citi
Workshop B: Jill Cuthbert, CitiStuart Reid
 
Cyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework PanelCyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework PanelPaul Di Gangi
 
Implementing and Auditing GDPR Series (8 of 10)
Implementing and Auditing GDPR Series (8 of 10) Implementing and Auditing GDPR Series (8 of 10)
Implementing and Auditing GDPR Series (8 of 10) Jim Kaplan CIA CFE
 
Information Assurance Guidelines For Commercial Buildings...
Information Assurance Guidelines For Commercial Buildings...Information Assurance Guidelines For Commercial Buildings...
Information Assurance Guidelines For Commercial Buildings...Laura Benitez
 
Internet security and privacy issues
Internet security and privacy issuesInternet security and privacy issues
Internet security and privacy issuesJagdeepSingh394
 
Kmicro Cybersecurity Offerings 2020
Kmicro Cybersecurity Offerings 2020Kmicro Cybersecurity Offerings 2020
Kmicro Cybersecurity Offerings 2020Manuel Guillen
 
New Ohio Cybersecurity Law Requirements
New Ohio Cybersecurity Law RequirementsNew Ohio Cybersecurity Law Requirements
New Ohio Cybersecurity Law RequirementsSkoda Minotti
 
Cyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitCyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitKevin Duffey
 
Best practices to mitigate data breach risk
Best practices to mitigate data breach riskBest practices to mitigate data breach risk
Best practices to mitigate data breach riskLivingstone Advisory
 
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec Stakeholders
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec StakeholdersIvanti Webinar - How to Win Budget and Influence Non-InfoSec Stakeholders
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec StakeholdersIvanti
 
CIS 2015- User-centric Privacy of Identity- Jenn Behrens
CIS 2015- User-centric Privacy of Identity- Jenn BehrensCIS 2015- User-centric Privacy of Identity- Jenn Behrens
CIS 2015- User-centric Privacy of Identity- Jenn BehrensCloudIDSummit
 
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...AIIM International
 
Vendor Management - An Overview (Project File)
Vendor Management - An Overview (Project File)Vendor Management - An Overview (Project File)
Vendor Management - An Overview (Project File)Jyoti Kumari
 
8242015 Combating cyber risk in the supply chain ­ Print Art.docx
8242015 Combating cyber risk in the supply chain ­ Print Art.docx8242015 Combating cyber risk in the supply chain ­ Print Art.docx
8242015 Combating cyber risk in the supply chain ­ Print Art.docxevonnehoggarth79783
 
Law Firm Hacked by Cyber Criminals
Law Firm Hacked by Cyber Criminals Law Firm Hacked by Cyber Criminals
Law Firm Hacked by Cyber Criminals Richard Brzakala
 
Executive Perspective Building an OT Security Program from the Top Down
Executive Perspective Building an OT Security Program from the Top DownExecutive Perspective Building an OT Security Program from the Top Down
Executive Perspective Building an OT Security Program from the Top Downaccenture
 

Similar to Takeaways from a Simulated Cyber Attack (20)

A Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveA Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate Perspective
 
Workshop B: Jill Cuthbert, Citi
Workshop B: Jill Cuthbert, CitiWorkshop B: Jill Cuthbert, Citi
Workshop B: Jill Cuthbert, Citi
 
Cyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework PanelCyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework Panel
 
Implementing and Auditing GDPR Series (8 of 10)
Implementing and Auditing GDPR Series (8 of 10) Implementing and Auditing GDPR Series (8 of 10)
Implementing and Auditing GDPR Series (8 of 10)
 
Information Assurance Guidelines For Commercial Buildings...
Information Assurance Guidelines For Commercial Buildings...Information Assurance Guidelines For Commercial Buildings...
Information Assurance Guidelines For Commercial Buildings...
 
Internet security and privacy issues
Internet security and privacy issuesInternet security and privacy issues
Internet security and privacy issues
 
Kmicro Cybersecurity Offerings 2020
Kmicro Cybersecurity Offerings 2020Kmicro Cybersecurity Offerings 2020
Kmicro Cybersecurity Offerings 2020
 
New Ohio Cybersecurity Law Requirements
New Ohio Cybersecurity Law RequirementsNew Ohio Cybersecurity Law Requirements
New Ohio Cybersecurity Law Requirements
 
CIOReview
CIOReviewCIOReview
CIOReview
 
Cyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitCyber Recovery - Legal Toolkit
Cyber Recovery - Legal Toolkit
 
Introducing Ethical Hacking to the Ministry of Defence.pdf
Introducing Ethical Hacking to the Ministry of Defence.pdfIntroducing Ethical Hacking to the Ministry of Defence.pdf
Introducing Ethical Hacking to the Ministry of Defence.pdf
 
Best practices to mitigate data breach risk
Best practices to mitigate data breach riskBest practices to mitigate data breach risk
Best practices to mitigate data breach risk
 
Standards in Third Party Risk - DVV Solutions ISACA North May 19
Standards in Third Party Risk - DVV Solutions ISACA North May 19 Standards in Third Party Risk - DVV Solutions ISACA North May 19
Standards in Third Party Risk - DVV Solutions ISACA North May 19
 
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec Stakeholders
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec StakeholdersIvanti Webinar - How to Win Budget and Influence Non-InfoSec Stakeholders
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec Stakeholders
 
CIS 2015- User-centric Privacy of Identity- Jenn Behrens
CIS 2015- User-centric Privacy of Identity- Jenn BehrensCIS 2015- User-centric Privacy of Identity- Jenn Behrens
CIS 2015- User-centric Privacy of Identity- Jenn Behrens
 
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
 
Vendor Management - An Overview (Project File)
Vendor Management - An Overview (Project File)Vendor Management - An Overview (Project File)
Vendor Management - An Overview (Project File)
 
8242015 Combating cyber risk in the supply chain ­ Print Art.docx
8242015 Combating cyber risk in the supply chain ­ Print Art.docx8242015 Combating cyber risk in the supply chain ­ Print Art.docx
8242015 Combating cyber risk in the supply chain ­ Print Art.docx
 
Law Firm Hacked by Cyber Criminals
Law Firm Hacked by Cyber Criminals Law Firm Hacked by Cyber Criminals
Law Firm Hacked by Cyber Criminals
 
Executive Perspective Building an OT Security Program from the Top Down
Executive Perspective Building an OT Security Program from the Top DownExecutive Perspective Building an OT Security Program from the Top Down
Executive Perspective Building an OT Security Program from the Top Down
 

More from Boston Consulting Group

Sources of advantage in Regulatory Filing Management
Sources of advantage in Regulatory Filing Management Sources of advantage in Regulatory Filing Management
Sources of advantage in Regulatory Filing Management Boston Consulting Group
 
Urban Mobility Is Evolving in Unexpected Ways Due to COVID-19
Urban Mobility Is Evolving in Unexpected Ways Due to COVID-19Urban Mobility Is Evolving in Unexpected Ways Due to COVID-19
Urban Mobility Is Evolving in Unexpected Ways Due to COVID-19Boston Consulting Group
 
Win The Fight: Crush and Contain for Safer Reopening
Win The Fight: Crush and Contain for Safer Reopening Win The Fight: Crush and Contain for Safer Reopening
Win The Fight: Crush and Contain for Safer Reopening Boston Consulting Group
 
Seismic shifts: Retail banking in the wake of COVID-19
Seismic shifts: Retail banking in the wake of COVID-19Seismic shifts: Retail banking in the wake of COVID-19
Seismic shifts: Retail banking in the wake of COVID-19Boston Consulting Group
 
What Does the Recovery of Demand for Urban Mobility Look Like Post-COVID-19?
What Does the Recovery of Demand for Urban Mobility Look Like Post-COVID-19?What Does the Recovery of Demand for Urban Mobility Look Like Post-COVID-19?
What Does the Recovery of Demand for Urban Mobility Look Like Post-COVID-19?Boston Consulting Group
 
Retail Banking in the New Reality – Summary Survey Findings
Retail Banking in the New Reality – Summary Survey FindingsRetail Banking in the New Reality – Summary Survey Findings
Retail Banking in the New Reality – Summary Survey FindingsBoston Consulting Group
 
Unlocking the Hidden Value in Securities Services
Unlocking the Hidden Value in Securities ServicesUnlocking the Hidden Value in Securities Services
Unlocking the Hidden Value in Securities ServicesBoston Consulting Group
 
Navigating the COVID-19 Crisis V2 - April 20
Navigating the COVID-19 Crisis V2 - April 20 Navigating the COVID-19 Crisis V2 - April 20
Navigating the COVID-19 Crisis V2 - April 20 Boston Consulting Group
 
COVID-19 Rapid Response Crisis Checklist
COVID-19 Rapid Response Crisis ChecklistCOVID-19 Rapid Response Crisis Checklist
COVID-19 Rapid Response Crisis ChecklistBoston Consulting Group
 
Covid-19 Is a Call for Retail Banks to Accelerate Digital Transformation
Covid-19 Is a Call for Retail Banks to Accelerate Digital TransformationCovid-19 Is a Call for Retail Banks to Accelerate Digital Transformation
Covid-19 Is a Call for Retail Banks to Accelerate Digital TransformationBoston Consulting Group
 
COVID-19 Rapid Response Checklist for Nonprofits
COVID-19 Rapid Response Checklist for NonprofitsCOVID-19 Rapid Response Checklist for Nonprofits
COVID-19 Rapid Response Checklist for NonprofitsBoston Consulting Group
 
COVID-19: Sustaining Liquidity/Funding Management and Treasury Operations in ...
COVID-19: Sustaining Liquidity/Funding Management and Treasury Operations in ...COVID-19: Sustaining Liquidity/Funding Management and Treasury Operations in ...
COVID-19: Sustaining Liquidity/Funding Management and Treasury Operations in ...Boston Consulting Group
 
Adapting Compliance Projects and Operating Models for COVID-19
Adapting Compliance Projects and Operating Models for COVID-19Adapting Compliance Projects and Operating Models for COVID-19
Adapting Compliance Projects and Operating Models for COVID-19Boston Consulting Group
 
COVID-19: Sustaining Business in All Scenarios: A New Lens on Bank Credit Ris...
COVID-19: Sustaining Business in All Scenarios: A New Lens on Bank Credit Ris...COVID-19: Sustaining Business in All Scenarios: A New Lens on Bank Credit Ris...
COVID-19: Sustaining Business in All Scenarios: A New Lens on Bank Credit Ris...Boston Consulting Group
 

More from Boston Consulting Group (20)

Sources of advantage in Regulatory Filing Management
Sources of advantage in Regulatory Filing Management Sources of advantage in Regulatory Filing Management
Sources of advantage in Regulatory Filing Management
 
Green Venture Opportunities
Green Venture Opportunities Green Venture Opportunities
Green Venture Opportunities
 
Reinvent M
Reinvent MReinvent M
Reinvent M
 
BCG Telco Sustainability Index
BCG Telco Sustainability IndexBCG Telco Sustainability Index
BCG Telco Sustainability Index
 
Urban Mobility Is Evolving in Unexpected Ways Due to COVID-19
Urban Mobility Is Evolving in Unexpected Ways Due to COVID-19Urban Mobility Is Evolving in Unexpected Ways Due to COVID-19
Urban Mobility Is Evolving in Unexpected Ways Due to COVID-19
 
Win The Fight: Crush and Contain for Safer Reopening
Win The Fight: Crush and Contain for Safer Reopening Win The Fight: Crush and Contain for Safer Reopening
Win The Fight: Crush and Contain for Safer Reopening
 
Seismic shifts: Retail banking in the wake of COVID-19
Seismic shifts: Retail banking in the wake of COVID-19Seismic shifts: Retail banking in the wake of COVID-19
Seismic shifts: Retail banking in the wake of COVID-19
 
Driving Change in Racial Equity
Driving Change in Racial Equity Driving Change in Racial Equity
Driving Change in Racial Equity
 
What Does the Recovery of Demand for Urban Mobility Look Like Post-COVID-19?
What Does the Recovery of Demand for Urban Mobility Look Like Post-COVID-19?What Does the Recovery of Demand for Urban Mobility Look Like Post-COVID-19?
What Does the Recovery of Demand for Urban Mobility Look Like Post-COVID-19?
 
Retail Banking in the New Reality – Summary Survey Findings
Retail Banking in the New Reality – Summary Survey FindingsRetail Banking in the New Reality – Summary Survey Findings
Retail Banking in the New Reality – Summary Survey Findings
 
2019 CPG Growth Leaders Report
2019 CPG Growth Leaders Report2019 CPG Growth Leaders Report
2019 CPG Growth Leaders Report
 
Unlocking the Hidden Value in Securities Services
Unlocking the Hidden Value in Securities ServicesUnlocking the Hidden Value in Securities Services
Unlocking the Hidden Value in Securities Services
 
Navigating the COVID-19 Crisis V2 - April 20
Navigating the COVID-19 Crisis V2 - April 20 Navigating the COVID-19 Crisis V2 - April 20
Navigating the COVID-19 Crisis V2 - April 20
 
Navigating the COVID-19 Crisis V1
Navigating the COVID-19 Crisis V1Navigating the COVID-19 Crisis V1
Navigating the COVID-19 Crisis V1
 
COVID-19 Rapid Response Crisis Checklist
COVID-19 Rapid Response Crisis ChecklistCOVID-19 Rapid Response Crisis Checklist
COVID-19 Rapid Response Crisis Checklist
 
Covid-19 Is a Call for Retail Banks to Accelerate Digital Transformation
Covid-19 Is a Call for Retail Banks to Accelerate Digital TransformationCovid-19 Is a Call for Retail Banks to Accelerate Digital Transformation
Covid-19 Is a Call for Retail Banks to Accelerate Digital Transformation
 
COVID-19 Rapid Response Checklist for Nonprofits
COVID-19 Rapid Response Checklist for NonprofitsCOVID-19 Rapid Response Checklist for Nonprofits
COVID-19 Rapid Response Checklist for Nonprofits
 
COVID-19: Sustaining Liquidity/Funding Management and Treasury Operations in ...
COVID-19: Sustaining Liquidity/Funding Management and Treasury Operations in ...COVID-19: Sustaining Liquidity/Funding Management and Treasury Operations in ...
COVID-19: Sustaining Liquidity/Funding Management and Treasury Operations in ...
 
Adapting Compliance Projects and Operating Models for COVID-19
Adapting Compliance Projects and Operating Models for COVID-19Adapting Compliance Projects and Operating Models for COVID-19
Adapting Compliance Projects and Operating Models for COVID-19
 
COVID-19: Sustaining Business in All Scenarios: A New Lens on Bank Credit Ris...
COVID-19: Sustaining Business in All Scenarios: A New Lens on Bank Credit Ris...COVID-19: Sustaining Business in All Scenarios: A New Lens on Bank Credit Ris...
COVID-19: Sustaining Business in All Scenarios: A New Lens on Bank Credit Ris...
 

Recently uploaded

rishikeshgirls.in- Rishikesh call girl.pdf
rishikeshgirls.in- Rishikesh call girl.pdfrishikeshgirls.in- Rishikesh call girl.pdf
rishikeshgirls.in- Rishikesh call girl.pdfmuskan1121w
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Dave Litwiller
 
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingTech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingShawn Pang
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdfRenandantas16
 
Cash Payment 9602870969 Escort Service in Udaipur Call Girls
Cash Payment 9602870969 Escort Service in Udaipur Call GirlsCash Payment 9602870969 Escort Service in Udaipur Call Girls
Cash Payment 9602870969 Escort Service in Udaipur Call GirlsApsara Of India
 
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...lizamodels9
 
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With RoomVIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Roomdivyansh0kumar0
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfpollardmorgan
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.Aaiza Hassan
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppelCorporation
 
Sales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessSales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessAggregage
 
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,noida100girls
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Dipal Arora
 
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...anilsa9823
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANIlamathiKannappan
 
Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room ServiceCall Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Servicediscovermytutordmt
 
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...lizamodels9
 
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝soniya singh
 

Recently uploaded (20)

rishikeshgirls.in- Rishikesh call girl.pdf
rishikeshgirls.in- Rishikesh call girl.pdfrishikeshgirls.in- Rishikesh call girl.pdf
rishikeshgirls.in- Rishikesh call girl.pdf
 
Forklift Operations: Safety through Cartoons
Forklift Operations: Safety through CartoonsForklift Operations: Safety through Cartoons
Forklift Operations: Safety through Cartoons
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
 
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingTech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
 
Cash Payment 9602870969 Escort Service in Udaipur Call Girls
Cash Payment 9602870969 Escort Service in Udaipur Call GirlsCash Payment 9602870969 Escort Service in Udaipur Call Girls
Cash Payment 9602870969 Escort Service in Udaipur Call Girls
 
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
 
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With RoomVIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
 
Sales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessSales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for Success
 
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
 
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
 
KestrelPro Flyer Japan IT Week 2024 (English)
KestrelPro Flyer Japan IT Week 2024 (English)KestrelPro Flyer Japan IT Week 2024 (English)
KestrelPro Flyer Japan IT Week 2024 (English)
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMAN
 
Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room ServiceCall Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Service
 
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
 
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝
 

Takeaways from a Simulated Cyber Attack

  • 1. MARCH 1, 2018 Summary Report Cyber attack simulation exercise
  • 2. 1 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. The CyberCanada attack simulation exercise was attended by 100+ Canadian leaders representing a wide-range of organizations from both the private and public sector. Some of the views shared by participants, and captured here, may appear to be conflicting. This is a reflection of different opinions voiced and/or differences between the various individuals and groups represented. A short recap of the learning objectives, feedback shared by attendees during the module readouts, and questions to consider asking your organizations have been included in this short report. To ensure privacy, opinions have not been attributed to any individuals. A brief summary of the discussions during the CyberCanada attack simulation exercise
  • 3. 2 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Recap: the Table Top eXercise (TTX) had specific learning objectives Experience what your management team goes through when under cyberattack • Basic cybersecurity concepts • Cybersecurity as a strategic business risk • The impacts of people, culture, process, procedures and technology on cyber resilience • How to advance cyber resilience beyond the technical part The Experience Understand by doing
  • 4. 3 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Module 1: The Compromise Strengths and weaknesses of CEO's communications • Strengths: out in front, confident, clear, available, took ownership • Weaknesses: other management was not informed, too much information was shared, not enough assurance, not genuine enough, lack of preparation, false statements made Responsibilities of the Management Board • Ensure business continuity • Determine regulatory reporting requirements • Decide on internal communications • Get handle on scope, control the message • Engage the Board What will you do next? • Impact assessment from BUs + Functions • Determine what insurance the company has • Consult legal counsel • Solicit Public Relations support • Determine recovery and comms plans • Determine plan of action • Decide what should be the cadence for updates Summary of responses shared during Module 1 3 2 1
  • 5. 4 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Module 2: The Briefing Views regarding ransom payment and who should make the decision • Much disagreement on whether or not to pay the ransom • Ransom payment considerations: assess the financial impact with cost/benefit analysis, will we get back the data, can operations resume without paying, who is the attacker, ask for extension on deadline, discuss with law enforcement • Who should make decision: some said Board should decide, others said C-Suite should decide with advice from Board Thoughts on engaging the community • Engage the entire ecosystem • Third parties: cybersecurity consultants, legal, PR, insurance, law enforcement, call centers, ransom negotiator • Stakeholders: employees, customers, partners, suppliers, shareholders, government, regulators What are next steps? • Assess the business impact and set long-term strategy • Get back to operations, assign responsible parties • Look at the culture that allowed this to happen • Fire the CEO 3 2 1 Summary of responses shared during Module 2
  • 6. 5 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Module 3: The Response Experts you would contact during a cyber attack and when • Engage law enforcement early; they have intel • Crisis response consultants and forensics teams can help • Different responses for different jurisdictions and industries • Prepare before the attack: meet with law enforcement and establish the relationship beforehand • Collaborate with industry partners Following this exercise, what will you do differently? • Ask the organization questions about cybersecurity • Raise cybersecurity to the Board level • “Culture is to punish the victim” has to stop • Establish relationships with law enforcement and national CERT • Don't wait for an attack to happen, plan incident response now • Set cybersecurity long-term vision/strategy; and be agile • Cybersecurity is not a cost center; it's a business enabler How has digitalization impacted cybersecurity and business strategy? • Increased the number of unknowns and interdependencies • Has caused information overload creating a need to educate the public • IoT has increased the risk by increasing the attack surface Summary of responses shared during Module 3 3 2 1
  • 7. 6 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Key questions you should be asking your organization Crown jewels How does your organization know which systems, data, and assets have the most value and do you conduct tests on breaching those systems? Technology How are the users of your cybersecurity tools properly trained on how to get the best results from them? Culture How is cybersecurity ingrained into the culture of your organization the same way as safety, quality, ethics and compliance? Third parties How do you secure suppliers, acquisitions, business partners, and customers with the same rigor as you secure your enterprise? Design for Cyber How are your products, networks, and systems designed with cybersecurity in mind—from the first design concept meeting through every stage? Business enabler How have you integrated cybersecurity into your business strategy so that your business can safely and securely innovate and grow faster? Consequences How do you optimize your budget between reducing vulnerabilities and reducing the consequences of a breach? Preparation What kind of plans do you have in place for incident response, business continuity & disaster recovery? Do you regularly practice executing these plans?
  • 8. 7 Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved. Boards are in a unique strategic position to improve cyber resilience. And they are ultimately responsible for cyber risk in their companies BCG jointly with the Forum established 10 Board Principles for cyber resilience • Responsibility for Cyber Resilience • Command of the Subject • Accountable officer • Integration of Cyber Resilience • Risk assessment and reporting • Risk appetite • Resilience plans • Community • Review • Effectiveness See also the Forum's comprehensive report on "Advancing Cyber Resilience: Principles and Tools for Boards" (2017) Source: BCG and World Economic Forum See the publication at: http://www3.weforum.org/docs/IP/2017/Adv_Cyber_Resilience_Principles-Tools.pdf 1 2 3 4 6 5 8 7 9 10
  • 9. 8 The services and materials provided by The Boston Consulting Group (BCG) are subject to BCG's Standard Terms (a copy of which is available upon request) or such other agreement as may have been previously executed by BCG. BCG does not provide legal, accounting, or tax advice. The Client is responsible for obtaining independent advice concerning these matters. This advice may affect the guidance given by BCG. Further, BCG has made no undertaking to update these materials after the date hereof, notwithstanding that such information may become outdated or inaccurate. The materials contained in this presentation are designed for the sole use by the board of directors or senior management of the Client and solely for the limited purposes described in the presentation. The materials shall not be copied or given to any person or entity other than the Client (“Third Party”) without the prior written consent of BCG. These materials serve only as the focus for discussion; they are incomplete without the accompanying oral commentary and may not be relied on as a stand-alone document. Further, Third Parties may not, and it is unreasonable for any Third Party to, rely on these materials for any purpose whatsoever. To the fullest extent permitted by law (and except to the extent otherwise agreed in a signed writing by BCG), BCG shall have no liability whatsoever to any Third Party, and any Third Party hereby waives any rights and claims it may have at any time against BCG with regard to the services, this presentation, or other materials, including the accuracy or completeness thereof. Receipt and review of this document shall be deemed agreement with and consideration for the foregoing. BCG does not provide fairness opinions or valuations of market transactions, and these materials should not be relied on or construed as such. Further, the financial evaluations, projected market and financial information, and conclusions contained in these materials are based upon standard valuation methodologies, are not definitive forecasts, and are not guaranteed by BCG. BCG has used public and/or confidential data and assumptions provided to BCG by the Client. BCG has not independently verified the data and assumptions used in these analyses. Changes in the underlying data or operating assumptions will clearly impact the analyses and conclusions. Copyright©2017byTheBostonConsultingGroup,Inc.Allrightsreserved.