igpc data breach planning braindump

YOUR SPEAKER • JAMES MCKINLAY IS CURRENTLY THE HEAD OF INFORMATION SECURITY AT ATOS WORLDLINE.

• HE SITS ON THE GLOBAL DATA PROTECTION OFFICERS COMMITTEE AND THE GLOBAL SECURITY

STEERING COMMITTEE, CONTRIBUTING TO THE GLOBAL SECURITY KPI PROGRAM AS WELL AS DATA

PROTECTION TRAINING, AWARENESS AND COMMUNICATIONS.

• HE IS RESPONSIBLE FOR THE DEVELOPMENT OF INFORMATION SECURITY STRATEGY ACROSS ALL UK

PRODUCTS, PLATFORMS AND SERVICES WHILST SUPPORTING THE GLOBAL 27001 INITIATIVE.

• JAMES WAS PREVIOUSLY RESPONSIBLE FOR CISO LEVEL INCIDENT RESPONSE CONSULTANCY WHERE

HE ADVISED ON SOC, CIRT AND SIEM PROJECTS AND FOR MANAGING THE INFORMATION SECURITY

MONITORING TEAMS AT A NUMBER OF HOUSEHOLDS NAMES SUCH AS ASDA, MANCHESTER AIRPORTS

GROUP AND NETFLIGHTS.COM

AGENDA

HOW DATA BREACH PLANNING CAN BUILD IMPORTANT BRIDGES ACROSS

YOUR ORGANISATION

• BACKGROUND,

• INFORMATION SYSTEMS VIEW,

• & BUSINESS VIEW

DEFINITIONS

CSIRT Computer Security Incident Response Team

SOC Security Operations Centre

PCIDSS Payment Card Industry Data Security Standard

DFIR Digital Forensics Incident Response

LEA Law Enforcement Agency

SIEM Security Information Event Management

SANS System Administrator Network Security Institute

NSM Network Security Monitoring

Others JDI JIT SEP NMP TARFUN

DATA BREACHES IN THE NEWS • NOVEMBER 14TH – WESTLAW

• NOVEMBER 14TH – TURKISH POWER ADMINISTRATION

• NOVEMBER 13TH – PARASOLE RESTAURANT HOLDINGS

• NOVEMBER 13TH – THOMAS COOK BELGIUM

• NOVEMBER 13TH – FINALEASE CAR CREDIT

• NOVEMBER 13TH - MENSURA

• NOVEMBER 13TH – HSBC TURKEY

• NOVEMBER 12TH – ONSIGHT HEALTH DIAGNOSTICS

• NOVEMBER 12TH – EASTERN IOWA AIRPORT

• NOVEMBER 10TH – GRAND CASINO MILLE LACS

DATA BREACH NEWS SOURCES

INCIDENT RESPONSE STANDARDS

PCIDSS REQUIREMENT 12.10

CARD BRAND SUPPORT

TOP 20 CRITICAL CONTROLS CSC 18: Incident Response and Management Protect the organization’s information, as well as its reputation, by developing and implementing an incident response infrastructure (e.g., plans, defined roles, training, communications, management oversight) for quickly discovering an attack and then effectively containing the damage, eradicating the attacker’s presence, and restoring the integrity of the network and systems.

http://www.counciloncybersecurity.org/critical-controls/

CYBER WORKFORCE

http://www.counciloncybersecurity.org/workforce/cybersecurity-roles/ http://energy.gov/cio/downloads/essential-body-knowledge-ebk

http://www.counciloncybersecurity.org/workforce/cybersecurity-roles/




http://energy.gov/cio/downloads/essential-body-knowledge-ebk










SOC EVOLUTION • HTTP://H20195.WWW2.HP.COM/V2/GETPDF.ASPX/4AA4-6539ENW.PDF

ENTERPRISE SECURITY MONITORING

• CREDIT : DAVID BIANCO, BSIDESDC PRESENTATION, 2013

INCIDENT RESPONSE

DFIR BLOGS • HTTP://BLOG.HANDLERDIARIES.COM/

• HTTPS://WWW.ALIENVAULT.COM/BLOGS/

OTA DATA BREACH READINESS GUIDE • HTTPS://OTALLIANCE.ORG/RESOURCES/2014-DATA-PROTECTION-BREACH-READINESS-GUIDE-OVERVIEW

PEOPLE YOU NEED TO MAKE FRIENDS WITH • DPO ( AS REGISTERED WITH ICO) OR AS CHOSEN WITHIN THE ORG

• CONTRACTS MANAGER (LEGAL) (SECURITY IN SUPPLY CHAIN REVIEW)

• PRIVACY EXPERT (LEGAL) (COMPOSING LETTERS, PRESS RELEASES, MEETING REGULATORY TIMELINES)

• HEAD OF RISK – GET DATA LOSS ON THE CORPORATE RISK REGISTER

• HEAD OF INTERNAL AUDIT – GET DATA PROTECTION AUDITS ON THEIR AGENDA

• SERVICEDESK MANAGER – AN ITIL INCIDENT IS NOT ALWAYS A CSIRT INCIDENT

• BCM – PANDEMIC PLAN, BIA, BC PLAN, MAJOR INCIDENT PLAN, MODEL FOR DATA BREACH PLAN

• INTERNAL COMMS TEAM - (PREVENT RUMOURS, GET QUICK AND ACCURATE MESSAGE OUT INTERNALLY)

• EXTERNAL COMMS TEAM – (LAW ENFORCEMENT AS WELL AS MEDIA AND CUSTOMER)

• LEARNING AND DEVELOPMENT – (MANDATORY TRAINING)

• INSURANCE BROKER

AT HOME

FIND ME

• ON LINKEDIN

• UK.LINKEDIN.COM/IN/JMCK4CYBERSECURITY/

http://uk.linkedin.com/in/jmck4cybersecurity/

igpc data breach planning braindump

Technology

head of information

data loss

data protection training

itil incident

data breach planning

data protection audits

global security kpi

major incident plan