SlideShare a Scribd company logo

Webinar notes: Welcome to your worst day ever

Download as PPTX, PDF
S
Sophia Price

This document provides information about building an effective ransomware defense program. It discusses the large costs ransomware attacks have had on the healthcare industry, with the average cost of an attack being over $60 million. A case study is presented on a 200 bed facility that was impacted by a ransomware attack, with their cash reserves being depleted, claims processing stopping, and revenue reductions of $2 million. The document outlines the operational impact of typical ransomware attacks, including two full weeks of downtime and multiple impacted systems. It stresses the importance of having ransomware runbooks, testing controls, and establishing communication plans to prepare and respond to such attacks.

Technology
1 of 13
1 Public release is allowed W E L C O M E T O Y O U R W O R S T D A Y E V E R A ransomware preparedness seminar: How to build an effective ransomware defense program
2 Public release is allowed BUSINESS RESILIENCE VALIDATION™ Expanding beyond compliance to help companies in highly regulated industries build a security and privacy approach that responds everyday. We provide expertise to not only validate your people, process, and technology is working, but also ensure you’re rehearsed, prepared, and resilient against threats. Since 2004
3 Public release is allowed “Ransomware attacks cost the healthcare industry $20.8 billion in downtime in 2020, which is double the number from 2019.” C OMPARI T E C H AN N UAL RE PORT
4 Public release is allowed Average Cost of Ransomware $60M+ RANSOMWARE ATTACKS HEALTHCARE -Wired 560 Healthcare Organizations $21B+ LostTime 21 Days
100,000 90,000 80,000 70,000 60,000 50,000 40,000 30,000 20,000 10,000 0 10,000 20,000 30,000 40,000 -2 -1 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 Cash Reserves, Receipts & Expenses – Per Bed Reserve Expenses Claims 2 per. Mov. Avg. (Reserve) Post Attack CASE STUDY 200 bed facility in a competitive market never recovered • $100K per bed deficit • 6-10% reduction in revenue Attack Pre-Attack • EHR down • Claims processing stops • Elective procedures diverted • EHR back, other systems down • Cash reserves depleted 5
6 Public release is allowed OPERATIONAL IMPACT T YPICAL 2 Full Weeks of Downtime • Opened 24/7 Incident Command Center • Paper process for everything • Confusion & inconsistency • Downtime Boxes – designed for 2-3 days Multiple Systems Impacted • IT focus on Payroll & Materials Mgmt. • No PACS – surgeries postponed • BCA (24/7) devices – lost value quickly • Limited workstation access made EMR unusable • Phones on same network lost ACD/Menu functionality 6
7 Public release is allowed THE RECOVERY Enterprise-Wide Effort Solid four months of work and still happening six months post event. Confusion & Inconsistency Departments, clinics, and ancillary departments entering backlog of data. Frustration & Delays Some did nothing or pointed fingers. Missing Data Continue to find missing charge, order, or result. Delays THE CLEANUP 14 days of paper orders, charges, & results. Four months of matching patients in the system. Additional Expenses $250K-$500K in overtime, special services, remediation assistance. Lost Revenue No claims processing for 60+ days Revenue reduction of $2M. No Progress IT projects delayed for several months. 7
8 Public release is allowed “Only 44% of healthcare providers conform with protocols outlined by NIST CSF.” C Y N E RGI ST E K AN N UAL RE PORT
9 Public release is allowed PREPARE FOR RANSOMWARE APPLYING PANDEMIC LEARNINGS TO SECURITY Testing Perform a Compromise Assessment for signs of adversarial activity Social Distance Limit the spread of infection with Network Segmentation Treatment Plan Build a plan by creating and maintaining runbooks and practice on a regular basis Contact Tracing Get early warning signs with Endpoint Detection & Response Checkup Test controls in production with Security Control Validation Scrubs & Gowns Separation of duties with Privileged Access Management Masks Apply PPE with Multi-Factor Authentication 9
10 Public release is allowed RANSOMWARE RUNBOOK REVIEWS C Y N E RGI ST E K AN ALYSI S
11 Public release is allowed 3 DUTIES WRITE SOMETHING HERE • Who detects and responds to the incident? • How do you determine it is an incident of magnitude? • Who decides? • How do you communicate that an incident has occurred? Duty to Respond • Who is on the team? • Where / how do you get together (potentially with alternate systems)? Duty to Convene • Who makes the decisions? • How do you handle lines of succession? • How do you make decisions quickly with limited data? • Who can you call for help? (internal/external) Duty to Act RANSOMWARE RUNBOOKS 11
12 Public release is allowed COMMUNICATION PLAN RUNBOOKS CRISIS COMMUNICATION IS AN ART • Breaking glass and holding statements • Internal and External Communications • Define cadence of communications • Social media POLICY & PROCEDURE DOCUMENTATION 12 • Policy is different than a procedure • Reference multiple forms of evidence • Update logs • Exercise dates and hot wash •.
13 Public release is allowed T H A N K Y O U Additional Resources • “Ransomware in 2021:We Know It’s an Issue, Now What?” Podcast Episode 11940 Jollyville Road Suite 300-N Austin,TX 78759 (512) 402.8550

Recommended

Ransomware attacks
Ransomware attacksRansomware attacks
Ransomware attacks
Texas Medical Liability Trust
 
How COVID-19 Changed The Cyber Security Worldwide? — Cyberroot Risk Advisory
How COVID-19 Changed The Cyber Security Worldwide? — Cyberroot Risk AdvisoryHow COVID-19 Changed The Cyber Security Worldwide? — Cyberroot Risk Advisory
How COVID-19 Changed The Cyber Security Worldwide? — Cyberroot Risk Advisory
CR Group
 
The Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryThe Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup Story
Quest
 
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Lancope, Inc.
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
APNIC
 
Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.
marketingunitrends
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
James Anderson
 
NTXISSACSC2 - Next-Generation Security and the Problem of Exploitation by Mat...
NTXISSACSC2 - Next-Generation Security and the Problem of Exploitation by Mat...NTXISSACSC2 - Next-Generation Security and the Problem of Exploitation by Mat...
NTXISSACSC2 - Next-Generation Security and the Problem of Exploitation by Mat...
North Texas Chapter of the ISSA
 

Recommended

Ransomware attacks
Ransomware attacksRansomware attacks
Ransomware attacks
Texas Medical Liability Trust
 
How COVID-19 Changed The Cyber Security Worldwide? — Cyberroot Risk Advisory
How COVID-19 Changed The Cyber Security Worldwide? — Cyberroot Risk AdvisoryHow COVID-19 Changed The Cyber Security Worldwide? — Cyberroot Risk Advisory
How COVID-19 Changed The Cyber Security Worldwide? — Cyberroot Risk Advisory
CR Group
 
The Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryThe Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup Story
Quest
 
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Lancope, Inc.
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
APNIC
 
Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.
marketingunitrends
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
James Anderson
 
NTXISSACSC2 - Next-Generation Security and the Problem of Exploitation by Mat...
NTXISSACSC2 - Next-Generation Security and the Problem of Exploitation by Mat...NTXISSACSC2 - Next-Generation Security and the Problem of Exploitation by Mat...
NTXISSACSC2 - Next-Generation Security and the Problem of Exploitation by Mat...
North Texas Chapter of the ISSA
 
NTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
NTXISSACSC2 - Top Ten Trends in TRM by Jon MurphyNTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
NTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
North Texas Chapter of the ISSA
 
Incident Response: How To Prepare
Incident Response: How To PrepareIncident Response: How To Prepare
Incident Response: How To Prepare
Resilient Systems
 
Ransomware: Why Are Backup Vendors Trying To Scare You?
Ransomware: Why Are Backup Vendors Trying To Scare You?Ransomware: Why Are Backup Vendors Trying To Scare You?
Ransomware: Why Are Backup Vendors Trying To Scare You?
marketingunitrends
 
Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!
centralohioissa
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your Company
Veriato
 
The Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOSThe Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOS
Priyanka Aash
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
centralohioissa
 
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
SaraPia5
 
INTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSINTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICS
Sylvain Martinez
 
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
North Texas Chapter of the ISSA
 
Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics
Mohammed Adam
 
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and Mitigations
EnergySec
 
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...
Outpost24
 
How to Recover from a Ransomware Disaster
How to Recover from a Ransomware DisasterHow to Recover from a Ransomware Disaster
How to Recover from a Ransomware Disaster
Spanning Cloud Apps
 
Gavin Hill - Lessons From the Human Immune System
Gavin Hill - Lessons From the Human Immune SystemGavin Hill - Lessons From the Human Immune System
Gavin Hill - Lessons From the Human Immune System
centralohioissa
 
Securing Systems - Still Crazy After All These Years
Securing Systems - Still Crazy After All These YearsSecuring Systems - Still Crazy After All These Years
Securing Systems - Still Crazy After All These Years
Adrian Sanabria
 
Watering Hole Attacks: Detect End-User Compromise Before the Damage is Done
Watering Hole Attacks: Detect End-User Compromise Before the Damage is DoneWatering Hole Attacks: Detect End-User Compromise Before the Damage is Done
Watering Hole Attacks: Detect End-User Compromise Before the Damage is Done
AlienVault
 
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessWebinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Storage Switzerland
 
The Rise of the Purple Team
The Rise of the Purple TeamThe Rise of the Purple Team
The Rise of the Purple Team
Priyanka Aash
 
The state of endpoint defense in 2021
The state of endpoint defense in 2021The state of endpoint defense in 2021
The state of endpoint defense in 2021
Adrian Sanabria
 
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Citrin Cooperman
 
Top Risks in Global Supply Chains: Primary-Source Intelligence and Recommenda...
Top Risks in Global Supply Chains: Primary-Source Intelligence and Recommenda...Top Risks in Global Supply Chains: Primary-Source Intelligence and Recommenda...
Top Risks in Global Supply Chains: Primary-Source Intelligence and Recommenda...
Sustainable Brands
 

More Related Content

What's hot

NTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
NTXISSACSC2 - Top Ten Trends in TRM by Jon MurphyNTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
NTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
North Texas Chapter of the ISSA
 
Incident Response: How To Prepare
Incident Response: How To PrepareIncident Response: How To Prepare
Incident Response: How To Prepare
Resilient Systems
 
Ransomware: Why Are Backup Vendors Trying To Scare You?
Ransomware: Why Are Backup Vendors Trying To Scare You?Ransomware: Why Are Backup Vendors Trying To Scare You?
Ransomware: Why Are Backup Vendors Trying To Scare You?
marketingunitrends
 
Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!
centralohioissa
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your Company
Veriato
 
The Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOSThe Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOS
Priyanka Aash
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
centralohioissa
 
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
SaraPia5
 
INTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSINTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICS
Sylvain Martinez
 
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
North Texas Chapter of the ISSA
 
Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics
Mohammed Adam
 
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and Mitigations
EnergySec
 
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...
Outpost24
 
How to Recover from a Ransomware Disaster
How to Recover from a Ransomware DisasterHow to Recover from a Ransomware Disaster
How to Recover from a Ransomware Disaster
Spanning Cloud Apps
 
Gavin Hill - Lessons From the Human Immune System
Gavin Hill - Lessons From the Human Immune SystemGavin Hill - Lessons From the Human Immune System
Gavin Hill - Lessons From the Human Immune System
centralohioissa
 
Securing Systems - Still Crazy After All These Years
Securing Systems - Still Crazy After All These YearsSecuring Systems - Still Crazy After All These Years
Securing Systems - Still Crazy After All These Years
Adrian Sanabria
 
Watering Hole Attacks: Detect End-User Compromise Before the Damage is Done
Watering Hole Attacks: Detect End-User Compromise Before the Damage is DoneWatering Hole Attacks: Detect End-User Compromise Before the Damage is Done
Watering Hole Attacks: Detect End-User Compromise Before the Damage is Done
AlienVault
 
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessWebinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Storage Switzerland
 
The Rise of the Purple Team
The Rise of the Purple TeamThe Rise of the Purple Team
The Rise of the Purple Team
Priyanka Aash
 
The state of endpoint defense in 2021
The state of endpoint defense in 2021The state of endpoint defense in 2021
The state of endpoint defense in 2021
Adrian Sanabria
 

What's hot (20)

NTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
NTXISSACSC2 - Top Ten Trends in TRM by Jon MurphyNTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
NTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
 
Incident Response: How To Prepare
Incident Response: How To PrepareIncident Response: How To Prepare
Incident Response: How To Prepare
 
Ransomware: Why Are Backup Vendors Trying To Scare You?
Ransomware: Why Are Backup Vendors Trying To Scare You?Ransomware: Why Are Backup Vendors Trying To Scare You?
Ransomware: Why Are Backup Vendors Trying To Scare You?
 
Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your Company
 
The Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOSThe Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOS
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
 
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
 
INTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSINTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICS
 
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
 
Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics
 
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and Mitigations
 
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...
 
How to Recover from a Ransomware Disaster
How to Recover from a Ransomware DisasterHow to Recover from a Ransomware Disaster
How to Recover from a Ransomware Disaster
 
Gavin Hill - Lessons From the Human Immune System
Gavin Hill - Lessons From the Human Immune SystemGavin Hill - Lessons From the Human Immune System
Gavin Hill - Lessons From the Human Immune System
 
Securing Systems - Still Crazy After All These Years
Securing Systems - Still Crazy After All These YearsSecuring Systems - Still Crazy After All These Years
Securing Systems - Still Crazy After All These Years
 
Watering Hole Attacks: Detect End-User Compromise Before the Damage is Done
Watering Hole Attacks: Detect End-User Compromise Before the Damage is DoneWatering Hole Attacks: Detect End-User Compromise Before the Damage is Done
Watering Hole Attacks: Detect End-User Compromise Before the Damage is Done
 
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessWebinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
 
The Rise of the Purple Team
The Rise of the Purple TeamThe Rise of the Purple Team
The Rise of the Purple Team
 
The state of endpoint defense in 2021
The state of endpoint defense in 2021The state of endpoint defense in 2021
The state of endpoint defense in 2021
 

Similar to Webinar notes: Welcome to your worst day ever

Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Citrin Cooperman
 
Top Risks in Global Supply Chains: Primary-Source Intelligence and Recommenda...
Top Risks in Global Supply Chains: Primary-Source Intelligence and Recommenda...Top Risks in Global Supply Chains: Primary-Source Intelligence and Recommenda...
Top Risks in Global Supply Chains: Primary-Source Intelligence and Recommenda...
Sustainable Brands
 
3A - Turning Data into Decisions - Implementing a Cloud-based HSE Leading Ind...
3A - Turning Data into Decisions - Implementing a Cloud-based HSE Leading Ind...3A - Turning Data into Decisions - Implementing a Cloud-based HSE Leading Ind...
3A - Turning Data into Decisions - Implementing a Cloud-based HSE Leading Ind...
Roberta Sheng-Taylor, BA, CRSP, CHSC, SMS, CSP
 
Wellness presentation
Wellness presentationWellness presentation
Wellness presentation
3DTechnology
 
Pay Me Now or Pay Me A Lot More Later
Pay Me Now or Pay Me A Lot More LaterPay Me Now or Pay Me A Lot More Later
Pay Me Now or Pay Me A Lot More Later
RLE Technologies
 
Securing the digital front door
Securing the digital front doorSecuring the digital front door
Securing the digital front door
Ryan Coleman
 
The Evolution of Cybercrime
The Evolution of CybercrimeThe Evolution of Cybercrime
The Evolution of Cybercrime
Stephen Cobb
 
Mastering disaster e book Telehouse
Mastering disaster e book TelehouseMastering disaster e book Telehouse
Mastering disaster e book Telehouse
Telehouse
 
Legal Firms and the Struggle to Protect Sensitive Data
Legal Firms and the Struggle to Protect Sensitive DataLegal Firms and the Struggle to Protect Sensitive Data
Legal Firms and the Struggle to Protect Sensitive Data
Bluelock
 
Legal Firms and the Struggle to Protect Sensitive Data
Legal Firms and the Struggle to Protect Sensitive DataLegal Firms and the Struggle to Protect Sensitive Data
Legal Firms and the Struggle to Protect Sensitive Data
Kayla Catron
 
State of on call report 2014
State of on call report 2014State of on call report 2014
State of on call report 2014
Todd Vernon
 
Flaskdata.io automated monitoring for clinical trials
Flaskdata.io automated monitoring for clinical trialsFlaskdata.io automated monitoring for clinical trials
Flaskdata.io automated monitoring for clinical trials
Flaskdata.io
 
Mastering disaster a data center checklist
Mastering disaster a data center checklistMastering disaster a data center checklist
Mastering disaster a data center checklist
Chris Wick
 
Dr Steve Goldman's Top Ten Business Continuity Predictions / Trends for 2014
Dr Steve Goldman's Top Ten Business Continuity Predictions / Trends for 2014Dr Steve Goldman's Top Ten Business Continuity Predictions / Trends for 2014
Dr Steve Goldman's Top Ten Business Continuity Predictions / Trends for 2014
xMatters Inc
 
Complaint handling-management-denmark
Complaint handling-management-denmarkComplaint handling-management-denmark
Complaint handling-management-denmark
GlobalCompliancePanel
 
Complaint handling-management-denmark
Complaint handling-management-denmarkComplaint handling-management-denmark
Complaint handling-management-denmark
GlobalCompliancePanel
 
Endpoint (big) Data In The Age of Compromise, Ian Rainsburgh
Endpoint (big) Data In The Age of Compromise, Ian RainsburghEndpoint (big) Data In The Age of Compromise, Ian Rainsburgh
Endpoint (big) Data In The Age of Compromise, Ian Rainsburgh
Napier University
 
Ministry of Health / Health NZ Public Health response to Covid using Salesforce
Ministry of Health / Health NZ Public Health response to Covid using SalesforceMinistry of Health / Health NZ Public Health response to Covid using Salesforce
Ministry of Health / Health NZ Public Health response to Covid using Salesforce
Anna Loughnan Colquhoun
 
CommCare Workshop_Javetski and Wacksmon_4.22.13
CommCare Workshop_Javetski and Wacksmon_4.22.13CommCare Workshop_Javetski and Wacksmon_4.22.13
CommCare Workshop_Javetski and Wacksmon_4.22.13
CORE Group
 
Business Continuity Planning During and After the Coronavirus (COVID-19) Pand...
Business Continuity Planning During and After the Coronavirus (COVID-19) Pand...Business Continuity Planning During and After the Coronavirus (COVID-19) Pand...
Business Continuity Planning During and After the Coronavirus (COVID-19) Pand...
PECB
 

Similar to Webinar notes: Welcome to your worst day ever (20)

Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
 
Top Risks in Global Supply Chains: Primary-Source Intelligence and Recommenda...
Top Risks in Global Supply Chains: Primary-Source Intelligence and Recommenda...Top Risks in Global Supply Chains: Primary-Source Intelligence and Recommenda...
Top Risks in Global Supply Chains: Primary-Source Intelligence and Recommenda...
 
3A - Turning Data into Decisions - Implementing a Cloud-based HSE Leading Ind...
3A - Turning Data into Decisions - Implementing a Cloud-based HSE Leading Ind...3A - Turning Data into Decisions - Implementing a Cloud-based HSE Leading Ind...
3A - Turning Data into Decisions - Implementing a Cloud-based HSE Leading Ind...
 
Wellness presentation
Wellness presentationWellness presentation
Wellness presentation
 
Pay Me Now or Pay Me A Lot More Later
Pay Me Now or Pay Me A Lot More LaterPay Me Now or Pay Me A Lot More Later
Pay Me Now or Pay Me A Lot More Later
 
Securing the digital front door
Securing the digital front doorSecuring the digital front door
Securing the digital front door
 
The Evolution of Cybercrime
The Evolution of CybercrimeThe Evolution of Cybercrime
The Evolution of Cybercrime
 
Mastering disaster e book Telehouse
Mastering disaster e book TelehouseMastering disaster e book Telehouse
Mastering disaster e book Telehouse
 
Legal Firms and the Struggle to Protect Sensitive Data
Legal Firms and the Struggle to Protect Sensitive DataLegal Firms and the Struggle to Protect Sensitive Data
Legal Firms and the Struggle to Protect Sensitive Data
 
Legal Firms and the Struggle to Protect Sensitive Data
Legal Firms and the Struggle to Protect Sensitive DataLegal Firms and the Struggle to Protect Sensitive Data
Legal Firms and the Struggle to Protect Sensitive Data
 
State of on call report 2014
State of on call report 2014State of on call report 2014
State of on call report 2014
 
Flaskdata.io automated monitoring for clinical trials
Flaskdata.io automated monitoring for clinical trialsFlaskdata.io automated monitoring for clinical trials
Flaskdata.io automated monitoring for clinical trials
 
Mastering disaster a data center checklist
Mastering disaster a data center checklistMastering disaster a data center checklist
Mastering disaster a data center checklist
 
Dr Steve Goldman's Top Ten Business Continuity Predictions / Trends for 2014
Dr Steve Goldman's Top Ten Business Continuity Predictions / Trends for 2014Dr Steve Goldman's Top Ten Business Continuity Predictions / Trends for 2014
Dr Steve Goldman's Top Ten Business Continuity Predictions / Trends for 2014
 
Complaint handling-management-denmark
Complaint handling-management-denmarkComplaint handling-management-denmark
Complaint handling-management-denmark
 
Complaint handling-management-denmark
Complaint handling-management-denmarkComplaint handling-management-denmark
Complaint handling-management-denmark
 
Endpoint (big) Data In The Age of Compromise, Ian Rainsburgh
Endpoint (big) Data In The Age of Compromise, Ian RainsburghEndpoint (big) Data In The Age of Compromise, Ian Rainsburgh
Endpoint (big) Data In The Age of Compromise, Ian Rainsburgh
 
Ministry of Health / Health NZ Public Health response to Covid using Salesforce
Ministry of Health / Health NZ Public Health response to Covid using SalesforceMinistry of Health / Health NZ Public Health response to Covid using Salesforce
Ministry of Health / Health NZ Public Health response to Covid using Salesforce
 
CommCare Workshop_Javetski and Wacksmon_4.22.13
CommCare Workshop_Javetski and Wacksmon_4.22.13CommCare Workshop_Javetski and Wacksmon_4.22.13
CommCare Workshop_Javetski and Wacksmon_4.22.13
 
Business Continuity Planning During and After the Coronavirus (COVID-19) Pand...
Business Continuity Planning During and After the Coronavirus (COVID-19) Pand...Business Continuity Planning During and After the Coronavirus (COVID-19) Pand...
Business Continuity Planning During and After the Coronavirus (COVID-19) Pand...
 

Recently uploaded

“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
Edge AI and Vision Alliance
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
MichaelKnudsen27
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
Pixlogix Infotech
 
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Jeffrey Haguewood
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
tolgahangng
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Tosin Akinosho
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
saastr
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
Zilliz
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
DanBrown980551
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
saastr
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
Ivanti
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
Jason Packer
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
Brandon Minnick, MBA
 
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - HiikeSystem Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
Hiike
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
akankshawande
 
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
Data Hops
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 

Recently uploaded (20)

“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
 
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
 
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - HiikeSystem Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
 
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 

Webinar notes: Welcome to your worst day ever

  • 1. 1 Public release is allowed W E L C O M E T O Y O U R W O R S T D A Y E V E R A ransomware preparedness seminar: How to build an effective ransomware defense program
  • 2. 2 Public release is allowed BUSINESS RESILIENCE VALIDATION™ Expanding beyond compliance to help companies in highly regulated industries build a security and privacy approach that responds everyday. We provide expertise to not only validate your people, process, and technology is working, but also ensure you’re rehearsed, prepared, and resilient against threats. Since 2004
  • 3. 3 Public release is allowed “Ransomware attacks cost the healthcare industry $20.8 billion in downtime in 2020, which is double the number from 2019.” C OMPARI T E C H AN N UAL RE PORT
  • 4. 4 Public release is allowed Average Cost of Ransomware $60M+ RANSOMWARE ATTACKS HEALTHCARE -Wired 560 Healthcare Organizations $21B+ LostTime 21 Days
  • 5. 100,000 90,000 80,000 70,000 60,000 50,000 40,000 30,000 20,000 10,000 0 10,000 20,000 30,000 40,000 -2 -1 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 Cash Reserves, Receipts & Expenses – Per Bed Reserve Expenses Claims 2 per. Mov. Avg. (Reserve) Post Attack CASE STUDY 200 bed facility in a competitive market never recovered • $100K per bed deficit • 6-10% reduction in revenue Attack Pre-Attack • EHR down • Claims processing stops • Elective procedures diverted • EHR back, other systems down • Cash reserves depleted 5
  • 6. 6 Public release is allowed OPERATIONAL IMPACT T YPICAL 2 Full Weeks of Downtime • Opened 24/7 Incident Command Center • Paper process for everything • Confusion & inconsistency • Downtime Boxes – designed for 2-3 days Multiple Systems Impacted • IT focus on Payroll & Materials Mgmt. • No PACS – surgeries postponed • BCA (24/7) devices – lost value quickly • Limited workstation access made EMR unusable • Phones on same network lost ACD/Menu functionality 6
  • 7. 7 Public release is allowed THE RECOVERY Enterprise-Wide Effort Solid four months of work and still happening six months post event. Confusion & Inconsistency Departments, clinics, and ancillary departments entering backlog of data. Frustration & Delays Some did nothing or pointed fingers. Missing Data Continue to find missing charge, order, or result. Delays THE CLEANUP 14 days of paper orders, charges, & results. Four months of matching patients in the system. Additional Expenses $250K-$500K in overtime, special services, remediation assistance. Lost Revenue No claims processing for 60+ days Revenue reduction of $2M. No Progress IT projects delayed for several months. 7
  • 8. 8 Public release is allowed “Only 44% of healthcare providers conform with protocols outlined by NIST CSF.” C Y N E RGI ST E K AN N UAL RE PORT
  • 9. 9 Public release is allowed PREPARE FOR RANSOMWARE APPLYING PANDEMIC LEARNINGS TO SECURITY Testing Perform a Compromise Assessment for signs of adversarial activity Social Distance Limit the spread of infection with Network Segmentation Treatment Plan Build a plan by creating and maintaining runbooks and practice on a regular basis Contact Tracing Get early warning signs with Endpoint Detection & Response Checkup Test controls in production with Security Control Validation Scrubs & Gowns Separation of duties with Privileged Access Management Masks Apply PPE with Multi-Factor Authentication 9
  • 10. 10 Public release is allowed RANSOMWARE RUNBOOK REVIEWS C Y N E RGI ST E K AN ALYSI S
  • 11. 11 Public release is allowed 3 DUTIES WRITE SOMETHING HERE • Who detects and responds to the incident? • How do you determine it is an incident of magnitude? • Who decides? • How do you communicate that an incident has occurred? Duty to Respond • Who is on the team? • Where / how do you get together (potentially with alternate systems)? Duty to Convene • Who makes the decisions? • How do you handle lines of succession? • How do you make decisions quickly with limited data? • Who can you call for help? (internal/external) Duty to Act RANSOMWARE RUNBOOKS 11
  • 12. 12 Public release is allowed COMMUNICATION PLAN RUNBOOKS CRISIS COMMUNICATION IS AN ART • Breaking glass and holding statements • Internal and External Communications • Define cadence of communications • Social media POLICY & PROCEDURE DOCUMENTATION 12 • Policy is different than a procedure • Reference multiple forms of evidence • Update logs • Exercise dates and hot wash •.
  • 13. 13 Public release is allowed T H A N K Y O U Additional Resources • “Ransomware in 2021:We Know It’s an Issue, Now What?” Podcast Episode 11940 Jollyville Road Suite 300-N Austin,TX 78759 (512) 402.8550