Published on March 6, 2014
Surviving A Security Firestorm: Tales From Those Who've Lived Through It SESSION ID: CISO-W03 Moderator: Ronald Woerner Director, Cybersecurity Studies, Bellevue University @ronw123 Panelists: Bill Downes Kostas Georgakopoulos CISO & VP CTO Engineering The Hartford Financial Services Group US Regional Manager Security IT UBS Roland Cloutier Rocco Grillo Chief Security Officer Automatic Data Processing, Inc. Managing Director Global Leader, Incident Response and Forensics Investigations Protiviti, Inc.
Surviving A Security Firestorm – Session Overview Hearing from those who have lived through it #RSAC 2
Surviving A Security Firestorm You think you’ve been breached. How do you know for sure? So you think that you’ve been hacked? Now what? What’s your process for handing a real or potential breach? Documented or undocumented? Formal or informal? Reaction or response? How Current is Your Incident Response Plan? What's your plan ? How do you know? #RSAC 3
Surviving A Security Firestorm To pull the plug or not pull the plug, that is the question… Know what you don’t know before you contain Gathering threat intelligence to understand attack vectors Once We Find It, Now What? When is it over? When Can We Go Back to Normal? Lessons Learned #RSAC 4
Surviving A Security Firestorm How do you manage the different groups involved? External & Internal Communications Who are the key stakeholders to involve When to Discloses Publicly How do you escalate? Parallel activities Stress One of the leading Social Media platform announced late February 2013 that it had been breached and that data for 250,000 users was vulnerable 5 #RSAC
Surviving A Security Firestorm Who do you contact? Internal External Legal, Outside Counsel Executive Management, PR & Crisis Management IR Handlers &Forensics Investigators IT, Private investigators, Security Law enforcement, End User Awareness Vendors, Customers #RSAC 6
Surviving A Security Firestorm Tools & Technologies Detection Response Logging & Auditing Proactive – SOC monitoring Reactive Forensics #RSAC 7
Surviving A Security Firestorm Are breaches inevitable? Not a matter of if, but when? If we can’t stop them, what can we do? What advice do you have for a new CISO / Security Manager? STOP Data Breaches #RSAC 8
Surviving A Security Firestorm Session Take-Aways “Be Prepared” Know how to fail “Who ya gonna call?” Learn from it #RSAC 9
RSA Conference conducts information security events around the globe that connect you to industry leaders and highly relevant information. We also deliver ...
RSA Conference 2014 ... Join us for RSA Conference 2015 April ... RSA and their respective logos are registered trademarks or ...
TeleTrusT-Programm auf der RSA 2014 (gemeinsam organisiert mit den TeleTrusT-Mitgliedern GABA, Symantec, Bundesdruckerei):
205 ll t 3 State of Cybersecurity: Implications for 2015 The survey was sent to selected ISACA certification holders and RSA Conference constituents.
Art Coviello's Keynote Speech RSA Conference 2014; Data & Spec Sheet February 25, 2015 ... RSA Cybersecurity Poverty Index. videos. SAIC on RSA Security ...
RSA® Conference 2014 Gathered Top Information Security Experts to Address Critical Cybersecurity Issues Through Debate and Shared Learning.
Today at the RSA Conference, we heard from people at the Microsoft booth, including several company representatives and some of the customers ...
View past RSA conference keynotes and Congressional speeches on cybersecurity to experience why RSA is a leader in cybersecruity technology.
The annual RSA Conference USA in San Francisco brings together many of the brightest minds in IT security and features a wide range of important ...
RSA Names. Exhibitor and Speaker Contacts from the Leading Cybersecurity Conference. RSA Names is a special research project and compilation that profiles ...