Speaking at the recent Cyber Security Summit in London, Lee Miles, Deputy Head of the U.K. National Cyber Crime Unit said, "cybercrime is anonymous, sophisticated, and international." Gone are the days of hacking "to plant a flag for kudos... it's all about the money now," he said. Accounts like these highlight the inevitability of breaches and emphasize just how crucial a capable incident response capability is to survival. This webinar will review the major components of a modern incident response function, highlighting what organizations can do to quickly improve their program. It will use the Co3 platform to demonstrate how firms can dramatically improve incident response without requiring a significant investment in staff, professional services, or infrastructure. Our featured speakers for this webinar will be: - Ted Julian, Chief Marketing Officer, Co3 Systems - Tim Armstrong, Security Incident Response Specialist, Co3 Systems Are you a CIPP holder? (CIPP/US, CIPP/C, CIPP/E, CIPP/G and CIPP/IT) Attend this webinar for CPE credit.
1 “Co3 makes the process of planning for a nightmare scenario as painless as possible, making it an Editors’ Choice.” – PC Magazine, Editor’s Choice “Co3…defines what software packages for privacy look like.” – Gartner “Platform is comprehensive, user friendly, and very well designed.” – Ponemon Institute “One of the most important startups in security…” – Business Insider “One of the hottest products at RSA…” – Network World “...an invaluable weapon when responding to security incidents.” – Government Computer News “Co3 has done better than a home-run... it has knocked one out of the park.” – SC Magazine “Most Innovative Security Startup.” – RSA Conference We’ll get started in just a minute.
Transcript
1
“Co3 makes the process of planning for a nightmare scenario as painless as possible, making it an Editors’ Choice.”
– PC Magazine, Editor’s Choice
“Co3…defines what software packages for privacy look like.”
– Gartner
“Platform is comprehensive, user friendly, and very well designed.”
– Ponemon Institute
“One of the most important startups in security…”
– Business Insider
“One of the hottest products at RSA…”
– Network World
“...an invaluable weapon when responding to security incidents.”
– Government Computer News
“Co3 has done better than a home-run... it has knocked one out of the park.”
– SC Magazine
“Most Innovative Security Startup.”
– RSA Conference
We’ll get started
in just a minute.
EU Cyber Attacks & The
Incident Response
Imperative
3
Agenda
Introductions
Co3 Systems Background
Today’s Breach Reality
IR Functional Components
IR Management Demo
Q&A
4
Introductions: Today’s Speakers
• Ted Julian, Chief Marketing Officer, Co3 Systems
• Tim Armstrong, Security Incident Response Specialist, Co3 Systems
5
SS
AE
16
TY
PE
II C
ER
TIF
IED
D
AS
HB
OA
RD
S &
RE
PO
RT
ING
Bringing people, process, and technology together for times of crisis
I N C I D E N T R E S P O N S E P L A N
PLAN SYNTHESIS INTEGRATED INTELLIGENCE ARTIFACT CORRELATION
INSTANT CREATION
& STREAMLINED
COLLABORATION
HR IT
LEGAL/ COMPLIANCE MARKETING
COMMUNITY BEST
PRACTICES
INDUSTRY STANDARD
FRAMEWORKS
ORGANIZATIONAL SOPS
GLOBAL PRIVACY BREACH REGULATIONS
CONTRACTUAL REQUIREMENTS
ACCELERATED MITIGATION TROUBLE TICKETING SIM GRC
AUTOMATED ESCALATION EMAIL WEB FORM TROUBLE TICKETING ENTRY WIZARD SIM
6
Today’s Breach Reality – The EU Conundrum
• Data in the U.S. and anecdotal experience suggests a worldwide epidemic
• But without mandated public breach disclosure across the E.U., data is limited, and it’s hard to quantify
7
Today’s Breach Reality
Source: Verizon DBIR 2014
Incident classification patterns over time
8
Today’s Breach Reality
81% of large organisations had a security breach (down from
86%* a year ago)
60% of small businesses had a security breach (down from
64%* a year ago)
59% of respondents expect there will be more security
incidents in the next year than last
£600k -
£1.15m
average cost to a large organisation of its worst security
breach of the year (up from £450 - £850k a year ago)
£65k -
£115k
average cost to a small business of its worst security
breach of the year (up from £35 - £65k a year ago)
Source: 2014 Information Security Breaches Survey, pwc
U.K. Breaches Are Slightly Down
But Costs Are Way Up
9
Co3 Systems, Inc.
IR Can Help
An IR Plan and a Strong security posture reduce expense
Impact of eight factors on the per capita cost of data breach
Source: 2014 Cost of Data Breach Study: Global Analysis
IBM & Ponemon Institute
POLL
11
The IR Lifecycle
Prepare Improve Organizational Readiness
• Appoint team members
• Fine tune response SOPs
• Link in legacy applications
• Run simulations (fire drills, table tops)
Mitigate Document Results & Improve Performance
• Generate reports for management, auditors, and authorities
• Conduct post-mortem
• Update SOPs
• Track evidence
• Evaluate historical performance
• Educate the organization
Assess Identify and Evaluate Incidents
• Assign appropriate team members
• Evaluate precursors and indicators
• Track incidents, maintain logbook
• Automatically prioritize activities based on criticality
