Damage Control - PowerPoint PPT Presentation

1 / 9
About This Presentation
Title:

Damage Control

Description:

Damage Control the act of minimizing the impact of one or more ... Hack your trusted partners. Sell your stuff. Additional Information. Regulatory Compliance ... – PowerPoint PPT presentation

Number of Views:36
Avg rating:3.0/5.0
Slides: 10
Provided by: dalh6
Category:
Tags: control | damage | hack

less

Transcript and Presenter's Notes

Title: Damage Control


1
Damage Control
  • Have a Plan!

Mark Modisette CISSP, PMP, ITIL Foundations,
CCNA, MCSE
2
Agenda
  • Damage Control
  • What is Damage Control?
  • Security Managers role
  • Hackers perspective
  • Additional Information

3
What is Damage Control?
Damage Control the act of minimizing the impact
of one or more negative activities, malicious or
accidental
4
What is Damage Control? (Cont.)
Incident Response Plan (What people forget)
  • IRPs usually include
  • Who should handle the incident
  • How to isolate the breach
  • How to investigate the breach
  • How to restore systems
  • The forgotten!
  • Controlling the flow of information once the
    breach becomes public

5
What is Damage Control? (Cont.)
What the experts say
  • The biggest item missed for major disasters
    involving customer information was the
    miscalculation of the future impact
  • Rely on individuals who have the info and can
    translate what is going on to the media
  • Rebecca Whitener, Director of Security and
    Privacy, EDS
  • If you think you are too busy to test your
    IRP, ask yourself if you are ask yourself if
    you're too busy to go out of business
  • Patrick Gray, Director of X-Force, IBM Security
    Services (Formally ISS)
  • Ensure the right person is communicating with the
    media to ensure inaccuracies are missed

6
Security Managers Role Rules to Live By
  • Keeping an event from happening is not in your
    power minimizing the impact is!!!
  • Dont rely on technical means to mitigate all
    problems
  • Due Diligence is your responsibility
  • Have a measurable, repeatable security program
  • A poor response capability equals financial and
    public relations trouble.
  • Have a plan

Test it quarterly!
7
Hackers Perspective
  • Delay is good for me, it gives me time to
  • Get as much of your stuff as I can
  • Do more damage
  • Cover my tracks
  • Thinkmaybe Ill blackmail you
  • Plant a time bomb
  • Hack your trusted partners
  • Sell your stuff

8
Additional Information
  • Regulatory Compliance
  • California Breach Senate Bill 1386
  • Gramm-Leach-Bliley Act (GLBA)
  • Family Educational Rights and Privacy Act (FERPA)
  • Other Stuff
  • Have a Media Policy
  • Designate a spokesperson (not a incident
    response team member)
  • Establish a list of media contacts
  • Dont lie or mislead the media

9
Questions?
Damage Control
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Damage Control" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!