atos: preparing your business to manage cyber incidents

Drew Gibson |

BRACE FOR IMPACTPreparing your businessto manage cyber incidents

2| BRACE FOR IMPACT Preparing your business to manage cyber incidents | ©Atos

Cyber is more than an IT problemOrganisations deal with it to varying degrees of success

This is however industry or market dependent

http://www.google.co.uk/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwjAqI3Fjd_MAhXHAsAKHRfpBlkQjRwIBw&url=http://www.thestudentroom.co.uk/showthread.php?t%3D666512&bvm=bv.122129774,d.ZGg&psig=AFQjCNHbWJ_P3X_pIvut2ab-hbm_-H1qdA&ust=1463505644786930


Global number of attacks - unknown

2012 first time mentioned in WEF Global Risks Report

It has been a known issue for many years The data says it all

So why is it such an issue?

first virus 1982 Elk Cloner(open to debate)

US$315bn* Global cost of attacks over the past 12 months- Grant Thornton survey

$ Recognition as an issue

Ranking in 2016 report – out of top 10,

Global spend on cyber-securityestimated at

20152020

$75 bn $170 bn

becoming more normalised


Cyber is more than an IT problemWe know that cyber attacks are prolific and cost organisations millions

So how do we prepare ourselves for the inevitable in a sustainable manner

???? ?


Legal Obligations

https://www.google.co.uk/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwjuw_qujt_MAhXDLsAKHQUnAaoQjRwIBw&url=https://www.ict4c.co.uk/support/service_information/data_protection_act/&bvm=bv.122129774,d.ZGg&psig=AFQjCNHDwQFt6PdUm54oKyVIpkOp5iicIw&ust=1463505725258127

http://www.google.co.uk/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwi44YHVjt_MAhUHB8AKHVJJCqIQjRwIBw&url=http://www.covermagazine.co.uk/cover/news/2414912/fca-calls-for-changes-to-consumer-communications&bvm=bv.122129774,d.ZGg&psig=AFQjCNFgisU-yDaXWjulEhJu8I_pBFkpYg&ust=1463505950528202

https://www.google.co.uk/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwiN9e3-jt_MAhVmGsAKHbygBUMQjRwIBw&url=https://twitter.com/iconews&bvm=bv.122129774,d.ZGg&psig=AFQjCNHYvo2_JrxPxtDD9KTEw0rDxbHHGA&ust=1463506029277702


What if?


Hypothetically You were a UK based telecoms and internet provider

So what?


Hypothetically Who had been hacked! Multiple times…

How much data has gone?


Hypothetically And you hadn’t joined up your IT Security Team and your PR Department…

How much data has gone?

Publicly messaged

4 million customers

156,000 accounts breachedfollowing forensicinvestigation

cost of prevention estimated at

£3.5-4.5 million(consultancy based)

cost of remediation post incident at

£60 million(reported)

organisational restructures– who stayed, who went, who will go?


Hypothetically What could it do to your share price?


So could this be you?


So Rollback 6 months…


What could you have done?What could have prevented or reduced the impact of the data breach

▶ Technical protection▶ The Legal protection▶ Enhanced/Better IT Security procedures▶ Joined up business processes ▶ Better understanding of vulnerability and victimhood?? ?


What could you have done?Using the technology to protect you

▶ Monitoring▶ Inner protection as well as external


What could you have done?IT processes and procedures

But are these sufficient protection on their own and do they really consider the customer’s view point


What could you have done?Legal aspects are you braced for impact

http://www.google.co.uk/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwjButfVjN_MAhVJDcAKHWdQD-gQjRwIBw&url=http://www.krusecontrolinc.com/reactive-limbo-social-media-crisis-plan/&psig=AFQjCNHW8Mq72lr81xrJL2XDKBlQa_JEIg&ust=1463505382741476

http://www.google.co.uk/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwjnkZTsjN_MAhXHAsAKHRfpBlkQjRwIBw&url=http://www.bizreport.com/2013/07/complacency-makes-uk-easy-target-for-cyber-criminals.html&bvm=bv.122129774,d.ZGg&psig=AFQjCNH-nYFc7kTb7D6hmdR_bSxVrg7SCw&ust=1463505457696311

https://www.google.co.uk/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwjy_5CGjd_MAhXKJMAKHQHpDGMQjRwIBw&url=https://en.wikipedia.org/wiki/Ghostbusters_(franchise)&bvm=bv.122129774,d.ZGg&psig=AFQjCNGl5A1f5K3zb2dGn_ey7W53yWWZ3w&ust=1463505510545549


What could you have done?Do the business processes match the IT Security processes

▶ It is not necessarily about the breach, but how it is managed

▶ lack of communications▶ Well intentioned, but misleading

communications – potentially 4 million customers v 156,000 actual

4 million potential

156,000 actual16,000


What could you have done?Psychologically are you braced for impact

▶ how does the rest of the world view you – the victim or part of the problem

▶ Were you irresponsible with people’s data▶ So what did you really save by not investing in better data

protection measures▶ Consumers understanding about their data – they can give

it away with ease, but you have to protect it in a way that they don’t have to.

▶ The assumption that you will treat all their data in confidence

▶ It might not be you – have you been negligent in who you have engaged to look after the data

▶ Or to transfer it?


The Perception


Stealing money from a cash machineSo what is the difference


Cyber is more than an IT problemSo did these organisations understand the attacks impacts?

This is however industry or market dependent

http://www.google.co.uk/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwjAqI3Fjd_MAhXHAsAKHRfpBlkQjRwIBw&url=http://www.thestudentroom.co.uk/showthread.php?t%3D666512&bvm=bv.122129774,d.ZGg&psig=AFQjCNHbWJ_P3X_pIvut2ab-hbm_-H1qdA&ust=1463505644786930


The Costs


The costs are simple to articulate.McKinsey/World Economic Forum report,Increased Cyber Security Can Save Global Economy Trillions (2014) stated:

But they still don’t provide a clear definition of cyber or its issues

8 Months is the average time that an advanced threat goes unnoticed on a victims network

US 3$ Trillionis the total global impactof cyber-crime

2.5 Billion exposed records as a result of a data breach in the past five years, (2009-2014)

1 in 5 organisations have experienced an Advanced Persistent Threat (APT) attack

In 2013 there was a

in breaches being identified and reported and it is growing

62% increase


Studies into perceptions and actual costs of cyber attacksOften not the share price, but the hidden costs that result from a cyber attack


The CostsDo Cyber Attacks effect share prices?


The Solution


Understand how you define “cyber”Understand that you are comparing the same thing, only differently

So how do organisations define what it relates clearly?

ClearUnclearLow

Understanding ofthe term Cyber

Abili

ty t

o de

fine

the

term

Cyb

erHigh

Dev

elop

gre

ater

und

erst

andi

ng a

to

wha

t de

finit

ions

mea

n in

rela

tion

to

vuln

erab

iliti

es

Provide greater clarity as to what cyberrefers to and what it does not

Vagueness of

Definitions

Muddled Definitions

Coherence of

Definitions

Confusion of Definitions

Move to greater coherence of definitions

1

2

3

4


Understand how you define “cyber”Understand that you are comparing the same thing, only differently

Current issue in achieving greater coherence of definitions

So need to define what it relates clearly.

ClearUnclearLow

Understanding ofthe term Cyber

Abili

ty t

o de

fine

the

term

Cyb

erHigh

Dev

elop

gre

ater

und

erst

andi

ng a

to

wha

t de

finit

ions

mea

n in

rela

tion

to

vuln

erab

iliti

es

Provide greater clarity as to what cyberrefers to and what it does not

Vagueness of

Definitions

Muddled Definitions

Coherence of

Definitions

Confusion of Definitions

1

2

3

4


Questions


Thank you

Drew Gibson MScPrincipal Consultant – Operational Risk and Cyber Resilience, Atos Consulting+44 (0) 7894 437 [email protected]

mailto:[email protected]

atos: preparing your business to manage cyber incidents

Business