Upload
att
View
384
Download
1
Embed Size (px)
Citation preview
© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.
Not “If,” but “When”A CEO’s Guide to Cyberbreach Response
Jason Porter, Vice President of AT&T SolutionsTodd Waskelis, Executive Director of AT&T Security Consulting
Presentation title here—edit on Slide Master
© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.2
Cyberbreach response
The Problem The Solution
• 62% of organizations acknowledge a data breach in 2015
• Only 34% of organizations believe they have an effective cyberresponse plan
• The number of successful cyberattacks continues to grow year over year
• It takes an average of 229 days for a breach to be detected
• Multi-layered, end-to-end cybersecurity program
• Comprehensive, cyberbreach response plan
Presentation title here—edit on Slide Master
© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.3
Cyberbreach response plan
• Put your plan together BEFORE your organization is breached (or before your next data breach)
• Don’t wait for the aftermath to figure out your best course of action
• While each successful cyberattack may have its unique attributes – amount of data stolen, impact on business operations, type of attack – an effective plan will still serve as a good guideline
Presentation title here—edit on Slide Master
© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.4
Put your team together
• Your cyberbreach response team should be ready to spring into action the moment the breach is discovered
• The team should include more than IT personnel– C-suite– IT– Legal– Cybersecurity– Public Relations/Marketing/
Communications
Presentation title here—edit on Slide Master
© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.5
Practice
• Conduct response drills and tabletop exercises with your team regularly
• Make sure your team members have “backups”
• Consider training from external cybersecurity experts
Presentation title here—edit on Slide Master
© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.6
Short-term response
The first 24 hours
1. Activate the incident response plan
2. Remove or isolate the infection
3. Assess legal implications
4. Determine root cause
5. Involve the legal team
6. Define critical business impact
Presentation title here—edit on Slide Master
© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.7
Long-term planning
• Along with drills and tabletops, conduct education and training for the entire staff– More than half of data breaches
involve employee error– These errors are drastically reduced
after repeated training and testing
• Conduct tabletop exercises and drills at least twice a year
• Invest in prevention and detection technologies to help defend against the day-to-day attacks
Presentation title here—edit on Slide Master
© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.
Poll 1
Does your organization have a cyberbreach response plan?
A. YesB. NoC. Not Sure
8
Presentation title here—edit on Slide Master
© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.9
The four types of organizations
Progressive Proactive Reactive Passive
• Highest level of security readiness
• C-suite involvement
• Comprehensive cybersecurity prevention and response strategy
• Above-average security readiness
• C-suite awareness
• Basic steps are put in place
• Below-average security readiness
• C-suite pays little to no attention to cybersecurity or incident response
• Least ready
• C-suite is “hands off” in matters of IT and cybersecurity
Presentation title here—edit on Slide Master
© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.10
Consider consultants
• Fresh pair of eyes• Expertise in finding gaps• Extensive knowledge of trending
threats, industry-specific attacks, etc.
• They can assess your current cybersecurity program and evaluate or help prepare your response plan
Presentation title here—edit on Slide Master
© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.
Poll 2
Has your organization ever worked with a cybersecurity consultant?
A. YesB. NoC. Not Sure
11
Presentation title here—edit on Slide Master
© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.12
Preparing for the inevitable
• Impossible to predict when you’ll be hit
• The likelihood of cyberattacks continues to increase
• Rapid, thorough response will determine whether your data breach is a minor footnote or a major disruption
Presentation title here—edit on Slide Master
© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.
Q&A
12 © 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. The information contained herein is not an offer, commitment, representation or warranty by AT&T and is subject to change.
Presentation title here—edit on Slide Master
© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.14
For more information
Cybersecurity Insights Reportswww.att.com/cybersecurity-insights
Security Resource CenterSecurityResourceCenter.att.com
Presentation title here—edit on Slide Master
© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.