Security Breach
It is vital that all departments work together after a security breach and initiate immediate corrective actions to mitigate any damage.
Unfortunately, this crisis-mode situation often causes departments to become even more disjointed, and finger-pointing and blaming take center stage.
Learn how to create a plan that will get all business units (and executives) on the same page so that actions and responses are coordinated, timely, and effective.
Working Together to Prepare for a Security Breach
00:54:34
Henry Park
Pandoblox Executive Partner
With experience in investment banking, mergers and acquisitions as well as 20 years in the IT industry, Henry balances the financial perspectives of Information Technology strategy, along with business goals, operational efficiency, and a holistic view of the IT environment. Experienced in structuring deals, executive management, architecting, and finance modeling, his over-arching view applies well to enterprises & small businesses.
Bob Van Dusen
Pandoblox Executive Partner & CISO
Bob is a global IT executive experienced in leading technology & security organizations for high profile brands like Blizzard Ent., City National Bank, and The Honest Company. With 14 years at Blizzard, he was able to grow the IT operations with 2 people to a global organization of 250 engineers, developers, managers, and executives supporting 5000 employees and millions of customers. He had back-office IT operations, production design and delivery technical operations, and enterprise cyber security all reporting to him. Having grown the business as a digital first business, he was pioneering DevOps before there was a word for it.
Silvia Van Dusen
SVP & Chief Human Resources Officer of LinQuest Corporation
Throughout her almost 30-year career in human resources, Sylvia has demonstrated her ability to transform the human resource culture into a service culture, making it an integral business partner within the organizations she has worked with. Currently, she not only oversees all human resources and corporate Communications activities across all business units as the chief human resources officer of LinQuest but also serves as the company's executive vice president as well.
Jim Rinaldi
Chief Information Technology Advisor at JPL
James Rinaldi is JPL's Chief Information Technology Advisor to the Office of the Director. He was the JPL CIO until October 2019, where he stepped out after 14 years. His current role is to create a future IT vision and strategy for the Lab looking out to 2025 and beyond. As CIO, James had direct management responsibility over JPL's Information Technology Directorate. Works closely with JPL management, supporting end users of the engineering, interplanetary network and finance/business operations. James sat on the JPL Executive Council and various management councils. He developed the IT strategy, budgets and executed major IT contracts. He actively participated in NASA IT governance councils. Early career roles include CIO at U.S. FDA, CIO at the IRS.
Roberto Orci
Pandoblox Executive Partner
Roberto Orci is the CEO and Chairman of Acento, an independent Hispanic advertising, promotions and PR agency, founded in 1983. Roberto Orci's 30 years in marketing and advertising in Mexico, Canada and the US make him a leader in his field. Previously, he was a brand manager at Procter & Gamble (Mexico), VP Management Supervisor at Ogilvy & Mather in the US, Canada and Mexico; and until 2002, President of the fourth largest independent Hispanic agency in the US. Roberto also serves on the Advisory Board for Cal State University School of Business. Roberto Received his BBA in Finance from the University of Houston and his MBA from Thunderbird Graduate School of International Finance.
Panelists
Summary
A cyber attack occurs every 11 seconds and costs an average of $13 million to organizations affected. Attacks are increasingly destructive and now take on many forms. The stakes are simply too high to ignore this information.Today, it's not a matter of if an organization will be targeted by cyber criminals, but when.
This informative webinar does not focus on protecting you from the types of threats you and your team may face, such as Malware, Ransomware, Data Hacks, or Insider Attacks. Instead, it focuses on what to do after a security breach.
Few companies have experience successfully navigating major security crises while in the hot seat.
This webinar will show you exactly what needs to be done in the minutes and hours after a breach, and will help you create a Cyber Security Incident Response Plan (CSIRP) to guide you through this turbulent situation and direct the actions of all impacted departments.
Video Clips
JPL CTIA's - Cybersecurity Breach Remediation Plan
Speaker: Jim Rinaldi
A cybersecurity breach remediation plan should be treated as a project for the purposes of tracking and for a formal, reliable process in place. It is also important that the parties concerned are confident of the process and that it can prevent a future breach. It is also important to engage with the proper departments in a responsible fashion so other departments are not involved if they are not affected.
Cybersecurity for Different Size Companies- Preparation is Key
Speakers: Bob Van Dusen, Silvia Van Dusen, Roberto Orci, Jim Rinaldi
Regardless of size, all companies should have a cybersecurity policy and that preparation is the key so the business is prepared in the event of a cybersecurity crisis. It also helps to have a risk management in place, with cyber risk included in the plan and that specific people are identified beforehand who will play a particular role so any instance of a cyber incident will be addressed promptly and effectively. Moreso, it is important to have a backup in place to ensure continuity and efficiency, especially given that cyber incidents tend to happen outside business hours.
If a smaller company doesn’t have the resources…. What to do?
Speaker: Bob Van Dusen, Silvia Van Dusen, Roberto Orci, Jim Rinaldi
For companies that do not have the expertise or resources to address a security breach, it is important to identify and find partners or stakeholders from outside the organization who can fill in those gaps. It is also important to establish some basics such as having confidentiality agreements with these partners and set up trainings to address possible risks, regardless of the size of the company that is trying to get such expertise or resource.
Ex CTO of Blizzard’s thoughts on a cybersecurity incident response plan
Speakers: Bob Van Dusen
Bob Van Dusen shares that while the steps in preparing a cybersecurity incident response plan are diverse, depending on the company size, industry, or specific threats it faces, the first step should always a complete risk assessment that identifies where and how the company tends to be targeted and to partner with key stakeholders in preparing a solid response plan. It’s also important to run practice sessions at least once a year once the response plan in place to make sure all employees are covered with the plan.
Why we create security remediation plans
Speaker: Henry Park
Many companies do not realize how much coordination is needed to respond to a security breach in a period as short as 1 to 4 hours. To help these companies in the event of such breaches, we have prepared security remediation plans based on years of cybersecurity experience both locally and globally.