+ All Categories
Home > Leadership & Management > Business Continuity & Crisis Management in the Cyberbreach Age

Business Continuity & Crisis Management in the Cyberbreach Age

Date post: 14-Apr-2017
Category:

Leadership & Management
Upload: bryghtpath-llc
View: 370 times
Download: 2 times
Download Report this document
Share this document with a friend
56
Business Continuity & Crisis Management in the Cyberbreach Age Bryan Strawser, MBCP, MBCI, CISSP, CEM Principal Consultant & CEO
Transcript
Page 1: Business Continuity & Crisis Management in the Cyberbreach Age

BusinessContinuity&CrisisManagementintheCyberbreach Age

BryanStrawser,MBCP,MBCI,CISSP,CEMPrincipalConsultant&CEO

Page 2: Business Continuity & Crisis Management in the Cyberbreach Age
Page 3: Business Continuity & Crisis Management in the Cyberbreach Age
Page 4: Business Continuity & Crisis Management in the Cyberbreach Age

4

Page 5: Business Continuity & Crisis Management in the Cyberbreach Age

5

Page 6: Business Continuity & Crisis Management in the Cyberbreach Age
Page 7: Business Continuity & Crisis Management in the Cyberbreach Age

DataBreaches

Company Impacted People

SonyPictures 6,000

SallyBeauty 25,000

NeimanMarcus 1,100,000

Michaels Stores 3,000,000

Community HealthSystems 4,500,000

PFChang’s 7,000,000

HomeDepot 56,000,000

Target 70,000,000

JPMorgan 76,000,000

Anthem 80,000,000

eBay 145,000,000

7

TheLast36Months

Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]

Page 8: Business Continuity & Crisis Management in the Cyberbreach Age
Page 9: Business Continuity & Crisis Management in the Cyberbreach Age

9

Page 10: Business Continuity & Crisis Management in the Cyberbreach Age

10

Page 11: Business Continuity & Crisis Management in the Cyberbreach Age

11

Page 12: Business Continuity & Crisis Management in the Cyberbreach Age

12

Page 13: Business Continuity & Crisis Management in the Cyberbreach Age

Today

• ContinuityofOperations

• Crisis/EmergencyManagement

• CrisisCommunications

• Wheretolearnmore…

• Q&A

13

KeyTopics

Page 14: Business Continuity & Crisis Management in the Cyberbreach Age

ContinuityofOperations

Theabilitytocontinueperformanceofmissionessentialfunctionsundera

broadrangeofcircumstances

14

AnOverview

Page 15: Business Continuity & Crisis Management in the Cyberbreach Age

ContinuityofOperations

• MissionEssentialFunctions(MEFs)– Criticalfunctionsperformedbyyouragency– Determinedthroughamethodology– Plansareinplacetorecoverfromadisruption

• BroadRangeofCircumstances– “All-Hazards”approach– Plans(Annexes)forspecificcircumstances

15

Whatitmeans

Page 16: Business Continuity & Crisis Management in the Cyberbreach Age

GlobalStandards

USGovernment• FEMAFederalContinuityDirectives(FCD1/FCD2)• FEMAContinuityGuidanceCirculars(CGC1/CGC2)• NIST800-34,ContingencyPlanningGuideforFederalInformationSystems

BusinessContinuity• ISO22301(formerlyBS25999)• NFPA1600• ASISBusinessContinuityManagementStandard• ASISSPC.1:OrganizationalResilience

ProfessionalPractices• DisasterRecoveryInstituteInternationalBC/DRProfessionalPractices• BusinessContinuity InstituteGoodPracticeGuide

16

BusinessContinuityandEmergencyManagement

Page 17: Business Continuity & Crisis Management in the Cyberbreach Age

• Federalguidancefornon-Federalgovernmentalentities

• Contents:– PlanningandimplementingaCOOPprogram

– Continuityplanningformissionessentialfunctions

17

FEMAContinuityGuidanceCircular1(CGC1)ContinuityofOperationsProgramforState/Local/TribalGovernment

Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]

Page 18: Business Continuity & Crisis Management in the Cyberbreach Age

• Federalguidancefornon-Federalgovernmentalentities

• Contents:– IdentificationandprioritizationofMissionEssentialFunctions(MEF)

– BusinessProcessAnalysis– BusinessImpactAnalysis– RiskAssessment

18

FEMAContinuityGuidanceCircular2(CGC2)ContinuityofOperationsProgramforState/Local/TribalGovernment

Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]

Page 19: Business Continuity & Crisis Management in the Cyberbreach Age

BusinessContinuityRegulations

UnitedStates• FederalFinancialInstitutionsExaminationCouncil(FFIEC)• SecuritiesandExchangeCommission(SEC)• FinancialIndustryRegulatoryAuthority(FINRA)• PaymentCardIndustryStandard(PCI)

19

We’refromthegovernment,we’reheretohelp…

Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]

Page 20: Business Continuity & Crisis Management in the Cyberbreach Age

20

ContinuityofOperationsLifecycleFEMAContinuityGuidanceCircular1(CGC1)

Plans andProcedures

Test, Training,&Exercises

Evaluations,After-ActionReports,andLessonsLearned

DevelopCorrectiveActionPlans

Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]

Page 21: Business Continuity & Crisis Management in the Cyberbreach Age

BusinessImpactAnalysis&RiskAssessmentIdentifyingcriticalbusinessfunctions&theirrisks

BusinessImpactAnalysis• Whatarethemissionessential functionsat

myagency?• Howlongcantheybedisrupted?• Howquicklycantheyberecovered today?• Whatistheimpactfromthatdisruptionto

myagency?• BIAMethods

RiskAssessment• Whataretheriskstothesefunctions?• Whatareourtopenterprise risks?• RiskAssessmentMethods

ThirdParties• Don’tforgetaboutthem…

Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]

Page 22: Business Continuity & Crisis Management in the Cyberbreach Age

Specificactionstomanageyourrisksandaddressyour

opportunities

• Prepareyouragencyfordisruption

• DevelopCOOPPlans• ImplementCOOPSolutions

22

PlansandProceduresHowcanIrecovermymissionessentialfunctionsinthetimeperiodneeded?

Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]

Page 23: Business Continuity & Crisis Management in the Cyberbreach Age

CoreComponentsofaCOOPPlan

• Roles&Responsibilities• Activationprocess• Managingtheimmediate

consequences• Communicationplan• Recoverprioritizedactivities• Mediaresponse• Processforstandingdown

23

PlansandProceduresContinuityofOperationsPlanning

Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]

Page 24: Business Continuity & Crisis Management in the Cyberbreach Age

• People– Whowilldothework?

• Technologies– What,ifany,technologieswill

enablethework?

• Facilities– Wherewilltheworkbedone?

• Communications– Howdowesharethis

information?

24

CorePlanElementsRecoveringOperations

Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]

Page 25: Business Continuity & Crisis Management in the Cyberbreach Age

25

Establish&ImplementBCProceduresWhatprocesseswillIfollowinadisruption?

SpecificdefinedprocessesforBusinessContinuity

Examples:• Emergencypreparedness• Governance• Activation

Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]

Page 26: Business Continuity & Crisis Management in the Cyberbreach Age

• “DisasterRecovery”generallypertainstotherecoverabilityofITsystems– Applications– Infrastructure

• Mustbecloselylinkedtobusinesscontinuitycapability

• ShouldheavilyutilizetheBIAfindingstoinfluenceatieredrecoverystrategy

26

DisasterRecoveryBusinessContinuityforITSystems

Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]

Page 27: Business Continuity & Crisis Management in the Cyberbreach Age

• Allplansshouldbeexercisedatleastannually:– Notification– TableTop– Recovery– Fullyintegrated

• DisasterRecovery– TestingDRplansandstrategies

• GovernmentGuidance:– HomelandSecurityExercise&

EvaluationProgram(HSEEP)

27

Tests,Training,andExercisesHowwillIexerciseandtestmyplans? Basedonthoseresults,howwillIimprove?

Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]

Page 28: Business Continuity & Crisis Management in the Cyberbreach Age

• Definedprocessforcapturinglessonslearnedandapplyingtoplansandstrategies

• Actionitemstrackedandreportedupontokeystakeholdersandleaders

28

DevelopCorrectiveActionPlansImprovingplansandproceduresfollowingatestorexercise

Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]

Page 29: Business Continuity & Crisis Management in the Cyberbreach Age

29

ContinuityofOperationsLifecycleFEMAContinuityGuidanceCircular1(CGC1)

Plans andProcedures

Test, Training,&Exercises

Evaluations,After-ActionReports,and

Lessons Learned

DevelopCorrectiveAction

Plans

Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]

Page 30: Business Continuity & Crisis Management in the Cyberbreach Age

30

ContinuityPlanOperationalPhasesWhathappenswhenthingsgobad?

Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]

Readiness&Preparedness Activation Continuity

Operations Reconstitution

Page 31: Business Continuity & Crisis Management in the Cyberbreach Age

RolesandResponsibilities

31

Whodoeswhat?

Copyright©2015byBryghtpathLLC|bryghtpath.com |+1-612-235-6435|[email protected]

• ElectedOfficials– Ultimatelyresponsibleforcontinuityofessentialfunctionsduringa

disruptionoremergency

• SeniorLeadership– DesignatesContinuityManagerandPlanningTeam– Approvesplans

• ContinuityManager– Responsibleforcoordinatingallcontinuityactivitieswithinanagency

• ContinuityPlanningTeam– Crossfunctionalgroupthatcoordinatesallplanswithinanagency

Page 32: Business Continuity & Crisis Management in the Cyberbreach Age

32

Drip,Drip…Whenadripbecomesaflood…

Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]

Page 33: Business Continuity & Crisis Management in the Cyberbreach Age

• 2013TargetCorporationHQFlood

• ReadPDFCaseStudyatbryghtpath.com

33

CaseStudyWhenadripbecomesaflood…

Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]

Page 34: Business Continuity & Crisis Management in the Cyberbreach Age

34

Copyright©2015byBryghtpathLLC|bryghtpath.com |+1-612-235-6435|[email protected]

Page 35: Business Continuity & Crisis Management in the Cyberbreach Age

CrisisManagement

Theactivemanagementofadisruptionorescalatingsituation

Itemstoconsider:• Clearrolesandresponsibilities• Decisionmakingrightspre-defined• Singlesourceoftruthcommunication• Communicationproducts/messages• Cross-functionalcoordination

AComponentofBusinessContinuityManagement

Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]

Page 36: Business Continuity & Crisis Management in the Cyberbreach Age

CrisisLeadership

36

Characteristicsofastrongcrisisleader

Copyright©2015byBryghtpathLLC|bryghtpath.com |+1-612-235-6435|[email protected]

• Cross-FunctionalLeadership– Leadup(vertically)– Leadacross(horizontally)

• Bebothstrategicandtactical– Strategic:Seetheentireorganizationandexternalinfluences– Tactical:Bewillingtoworkonreallysimpleprocesseswhere

needed• Understandsthatsuccessneverhappenswithinasilo• Doesn’ttrytoget“fancy”• Canpivotinamoment• Possessesextraordinarysituationalawareness

Page 37: Business Continuity & Crisis Management in the Cyberbreach Age

PrivateSectorCrisisManagementFramework

37

SituationalAwareness

Copyright©2015byBryghtpathLLC|bryghtpath.com |+1-612-235-6435|[email protected]

ExecutiveCrisisTeam(ElectedLeaders/SeniorLeader)

Cross-FunctionalCrisisTeam(MissionEssentialLeaders)

CrisisManagementTeam

StrategicDecisionMaking

DaytodayoperationsRecommendations toExecutives

HorizontalCommunication

SubjectmatterexpertsSituationalawarenessupstream

Full-time/volunteer

Page 38: Business Continuity & Crisis Management in the Cyberbreach Age

Planning&Preparedness

38

Routinev.Novel

Copyright©2015byBryghtpathLLC|bryghtpath.com |+1-612-235-6435|[email protected]

• Don’tgetfancyatfirst– Howwilltheteam“activate”andsharethattheyareactivelymanagingasituation?

– Howwilltheyprovideupdates?– Whatdecisionswillbeescalatedtoexecutives?

• Thengetfancy– Whatcoulddisruptourbusiness?– Prioritizetheseriskswithexecutives– Planforkeyrisks

• REMEMBER:Youcannotplanforeverything• Havingaframeworkismoreimportantthanhavingaplanforeverysinglepossibility

Page 39: Business Continuity & Crisis Management in the Cyberbreach Age

39

CaseStudy:Earthquake&Tsunami– Sendai,Japan(2011)

Page 40: Business Continuity & Crisis Management in the Cyberbreach Age

CrisisManagementFramework

40

SituationalAwareness

Copyright©2015byBryghtpathLLC|bryghtpath.com |+1-612-235-6435|[email protected]

RoutineIncidentHOLYS$@!

Whatjusthappened?!

Protocols&ProcessesIncidentSpecificPlansPreparednessSteps

SituationalAwarenessCollaborativecross-functionaldiscussion

StrategicviewFrameworkfor

collaborativedecisionmaking&communication

Page 41: Business Continuity & Crisis Management in the Cyberbreach Age

CrisisLeadership

41

SituationalAwareness

Copyright©2015byBryghtpathLLC|bryghtpath.com |+1-612-235-6435|[email protected]

• What’shappening?• Whatdoweknowaboutit?• Whatimpactisithavingonourorganization?• Whatdon’tweknowwhatweneedtoknow?

Page 42: Business Continuity & Crisis Management in the Cyberbreach Age

42

Page 43: Business Continuity & Crisis Management in the Cyberbreach Age

43

Page 44: Business Continuity & Crisis Management in the Cyberbreach Age

PracticalAdvice

44

TheSimpleThings

Copyright©2015byBryghtpathLLC|bryghtpath.com |+1-612-235-6435|[email protected]

• Work/Organization– Clearroles&responsibilities– Establishdecisionmakingrights– Howwillyoucommunicate?– SituationalAwareness

• Personal– BeInformed– MakeaPlan– BuildaKit– Visitready.gov formorepracticaladvice

Page 45: Business Continuity & Crisis Management in the Cyberbreach Age

45

Page 46: Business Continuity & Crisis Management in the Cyberbreach Age

46

Page 47: Business Continuity & Crisis Management in the Cyberbreach Age

ReputationImpactHurricaneSandy- 2012

Copyright©2015byBryghtpathLLC|bryghtpath.com |+1-612-235-6435|[email protected]

InternationalBusinessTimes–11/3

Page 48: Business Continuity & Crisis Management in the Cyberbreach Age

CrisisCommunications

48

Sendingoutapressreleaseisn’tgoingtocutit

Copyright©2015byBryghtpathLLC|bryghtpath.com |+1-612-235-6435|[email protected]

• You’llonlygetonechancetomessagethingswithyourversionofthestory– don’tpassupthisopportunity!

• Slow,methodicalPRplanningwillnotsuffice–communicationsmustbenimble.

• Speed,accuracy,claritywillbecriticalinadatabreach

• Honesty– spinisok,butbehonest.

• Culturalcontextiscritical.

Page 49: Business Continuity & Crisis Management in the Cyberbreach Age

49

Page 50: Business Continuity & Crisis Management in the Cyberbreach Age

50

Page 51: Business Continuity & Crisis Management in the Cyberbreach Age

HowtoLeadduringacrisis

51

EricMcNulty,HarvardBusinessReview,December2013

Copyright©2015byBryghtpathLLC|bryghtpath.com |+1-612-235-6435|[email protected]

• Ensurecertaintyaboutdecisionmakingandstrategicmessaging

• UnderstandStakeholders– Mapoutyourstakeholders– Understandeachhasuniqueneedsforinformationandreassurance

– Developstoryarcsforeach

• Understandthatthecrisiswillevolveovertime

Page 52: Business Continuity & Crisis Management in the Cyberbreach Age

52

Page 53: Business Continuity & Crisis Management in the Cyberbreach Age

ContinuityofOperationsTraining

53

FEMAEmergencyManagementInstitute

Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]

• FreeFEMAIndependentStudycoursesonline

• http://training.fema.gov/EMI

Page 54: Business Continuity & Crisis Management in the Cyberbreach Age

ContinuityofOperationsCertifications

54

FEMAEmergencyManagementInstitute

Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]

• FEMAContinuityofOperations(COOP)Certifications

• Level1:ProfessionalContinuityPractitioner• Seriesof13independentstudyorin-personcourses• Manyin-personcoursescanbetakenthroughMNHomelandSecurity&

EmergencyManagementforfree

• Level2:MasterContinuityPractitioner• CompleteLevel1certification• Complete5additionalindependentstudyandin-personcourses• Instructonecontinuitycourseasaninstructor• Completeandpasscomprehensivewrittenexamination

• Learnmoreathttp://training.fema.gov/programs/COOP

Page 55: Business Continuity & Crisis Management in the Cyberbreach Age

IndustryProfessionalCertifications

BusinessContinuity• DisasterRecoveryInstituteInternational

– AssociateBusiness ContinuityProfessional(ABCP)– CertifiedBusiness ContinuityProfessional(CBCP)– MasterBusiness ContinuityProfessional(MBCP)

• BusinessContinuityInstitute– Member,Business ContinuityInstitute(MBCI)– Fellow,BusinessContinuity Institute(FBCI)

EmergencyManagement• InternationalAssociationofEmergencyManagers

– AssociateEmergencyManager(AEM)– CertifiedEmergencyManager(CEM)

55

BusinessContinuityandEmergencyManagement

Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]

Page 56: Business Continuity & Crisis Management in the Cyberbreach Age

ContactInformation

ContactBryan:BryanStrawserPrincipalConsultant&CEOPhone: +1-612-235-6435E-Mail: [email protected]: @bryanstrawser

LearnmoreaboutBryghtpathLLCWebsite: www.bryghtpath.comTwitter: @bryghtpathFacebook: /bryghtpathllc

56

Bryghtpath LLC

Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]

OurConsultingServicesInclude:BusinessContinuity

Crisis/EmergencyManagementEnterpriseRiskManagementExerciseDesign&FacilitationGlobalIntelligence&SecurityISOTraining&Certification

Project&ProgramManagementTravelRisk&Security


Recommended
Business Crisis and Continuity Management (BCCM) Class Session 12 12 - 1.

Business Crisis and Continuity Management (BCCM) Class Session 12 12 - 1.

Documents

Crisis Management & Business Continuity - IOSH€¦ · Crisis Management & Business Continuity . Introduction Michael McDonough Director of Health Safety, Security & Environment Northwestern

Crisis Management & Business Continuity - IOSH€¦ · Crisis Management & Business Continuity . Introduction Michael McDonough Director of Health Safety, Security & Environment Northwestern

Documents

2018-19 CONTINUITY/CRISIS MANAGEMENT PLAN

2018-19 CONTINUITY/CRISIS MANAGEMENT PLAN

Documents

Semiosis and the Crisis of Meaning: Continuity and Play in ...

Semiosis and the Crisis of Meaning: Continuity and Play in ...

Documents

Business Continuity and Crisis Management

Business Continuity and Crisis Management

Documents

Business Continuity and Building for Recovery · Business Continuity Planning –a more proactive approach to developing crisis management plans Business Continuity Management –the

Business Continuity and Building for Recovery · Business Continuity Planning –a more proactive approach to developing crisis management plans Business Continuity Management –the

Documents

team response: nike ’s process -driven crisis communications · nike ’s process -driven crisis communications Kate Willis, Nike, Inc. Global Business Continuity ... Crisis Management

team response: nike ’s process -driven crisis communications · nike ’s process -driven crisis communications Kate Willis, Nike, Inc. Global Business Continuity ... Crisis Management

Documents

Crisis Management and Continuity of Operations

Crisis Management and Continuity of Operations

Documents

The CEO’s Guide to Cyberbreach Response

The CEO’s Guide to Cyberbreach Response

Technology

SURVEY ON THE FINANCIAL CRISIS EFFECT ON BUSINESS CONTINUITY a year later.

SURVEY ON THE FINANCIAL CRISIS EFFECT ON BUSINESS CONTINUITY a year later.

Documents

Continuity or Crisis? - AA School Homepage · Continuity or Crisis? A brief history between the polemics of Aldo Rossi and Reyner Banham By Matthew Critchley Thesis Advisors; Pier

Continuity or Crisis? - AA School Homepage · Continuity or Crisis? A brief history between the polemics of Aldo Rossi and Reyner Banham By Matthew Critchley Thesis Advisors; Pier

Documents

Business Crisis and Continuity Management (BCCM) Class Session 18 18 - 1.

Business Crisis and Continuity Management (BCCM) Class Session 18 18 - 1.

Documents

Disaster Recovery and Business Continuity Ensuring Member Service in Times of Crisis.

Disaster Recovery and Business Continuity Ensuring Member Service in Times of Crisis.

Documents

2012 Business Continuity Management for CRISIS

2012 Business Continuity Management for CRISIS

Documents

Services Security and Business Continuity Incident ... · Services: Security and Business Continuity Incident Response and Crisis Management 7 Crisis Management Room The pre-designated

Services Security and Business Continuity Incident ... · Services: Security and Business Continuity Incident Response and Crisis Management 7 Crisis Management Room The pre-designated

Documents

DC Analysts' Roundtable: Crisis Management, Business Continuity, Awareness

DC Analysts' Roundtable: Crisis Management, Business Continuity, Awareness

Business

Corporate Business Continuity (and crisis management… External.pdf · 1 EXTERNAL USE Business Continuity and Crisis Management Policy NXP is a safety and security-conscious business,

Corporate Business Continuity (and crisis management… External.pdf · 1 EXTERNAL USE Business Continuity and Crisis Management Policy NXP is a safety and security-conscious business,

Documents

CRISIS MANAGEMENT TOOLKIT Business Continuity Resource Guide

CRISIS MANAGEMENT TOOLKIT Business Continuity Resource Guide

Documents