Recommandé
Contenu connexe
En vedette
Similaire à Group 3 presentation
Similaire à Group 3 presentation (20)
Dernier
Dernier (20)
Group 3 presentation
- 1. freegoogleslidestemplates.com Niki Veronis Phil Tocci Ryan Shannon Sam Talarico Wen Shi Zachary Trona
- 2. freegoogleslidestemplates.com News Coverage (Initial Breach) Our Visit To An Impacted Wendy’s Wendy’s Overview Timeline of the Breach Wendy’s Public Statement Evidence and Handling Incident Response Team Seeking Legal Counsel Steps to Fix Security Breach Reputational Damages Financial Damages Steps to Repair Reputation What have we learned? Q & A Table of Contents
- 4. freegoogleslidestemplates.com Our Visit To An Impacted Wendy’s 1 > 1000 1000 6490 ≈15.4% Total Wendy’s Locations Impacted Locations
- 5. freegoogleslidestemplates.com Wendy’s Overview Wendy’s is a fast food chain restaurant operating in 30 countries with over 6,490 different locations. Installation and updates of POS systems are managed by a third party vendor. The Company was founded by Dave Thomas in 1969. Dave, himself, was an orphan and leveraged his success from Wendy's to start the Dave Thomas Foundation for Adoption.
- 6. freegoogleslidestemplates.com Fall 2015 Fall 2015:Wendy’s breached by POS system January Payment Company Contacts Wendys April Wendy’s confirms investigating potential breach M ay June Wendy’s confirms malware on POS systems in “some” locations January February April May June July Federal credit union sues Wendy’s for not taking adequate steps for cyber security Wendy’s reports breach impact of fewer than 300 franchise, “Malware is Eradicated” Reports that breaches impact more locations than expected with different variations of malware. Also reported the malware is disabled. Updated list of breached locations shows that 1,025 restaurants has been breached. Timeline of the Breach Wendy’s stock has fallen 13% in the past 3 months Statement from CEO stating Malware has been eradicated
- 8. freegoogleslidestemplates.com Malware discovered on Wendy’s POS system Similar POS systems from the same vendor were found to have the same Malware Evidence and Handling Bring on EY since they specialize in forensic evidence recovery and documentation Evidence Handling
- 9. freegoogleslidestemplates.com Incident Response Team Board of Directors Chief Information Security Officer or Senior Risk Manager Data Breach Response Team Lead Human Resources Communications and Public Relations Physical Security Information Technology Legal & Compliance Customer Service Chief Executive Officer Law Enforcement Forensics Investigation Firm External Cyber Law Firm & Compliance Insurance/Risk Management Brokerage Firm Credit Monitoring Identity Protection Services Breach Notification & Call Center Services
- 10. freegoogleslidestemplates.com Seeking Legal Counsel During Wendy’s crisis, Federal Credit Union filed a class action lawsuit claiming that Wendy’s was completely negligent in handling the situation from the beginning. Between the lawsuit and the crisis itself, Wendy’s needed a legal counsel for consultation Wendy’s Internal Investigation should notify the FBI so they are aware of the breach, scope of the breach, and how the breach occurred.
- 11. freegoogleslidestemplates.com Steps to Fix Security Breach Source a New Vendor for POS system hosting. Verify New Vendor utilizes Direct 1 approvals for changes to systems. Initiate corporate communications to employees about the importance of security hygiene Implement security policies that ensure POS terminal are in “slave” mode and that usb hub settings are deactivated Step 1 Step 2 Step 3 Step 4 Perform yearly internal audit testing of these new policies to ensure a repeat of this style attack cannot happen in the future. Day-to-day monitoring will be continuous from second line.
- 12. freegoogleslidestemplates.com Reputational Damages ● Consumer trust is broken ● Creates brand “Stigma” ● Majority of reputational damage is now directly influenced by cyber security breaches (46%)
- 13. freegoogleslidestemplates.com Financial Damages Settlement Fees Estimations Credit Union reports that Wendy’s breach might be 5-10 times worse than breaches at Home Depot and Target. Home Depot agreed to pay at least $19.5 million to compensate U.S. consumers in 2015 Target incurred over $39 million in breach expenses in 2013 Declining Stock Price Wendy's stock were down 1.14% to $9.52 in midday trade after the company announced that it had learned more about recent "malicious cyber activity" at various locations in June.
- 14. freegoogleslidestemplates.com Steps to Repair Reputation Message from the CEO explaining that Wendy’s was taking the security breach seriously. Provide credit monitoring up to a $1 million per customer Secure a consultancy firm that specializes in crisis management to provide consumers assurance. Step 1 Step 2 Step 3 Step 4 Public release of milestones as they continue to remedy cyber failures, side by side comparison to Target and Home Depot showing effective methods.
- 15. freegoogleslidestemplates.com Initially Wendy’s was careless about the security breach and took no evasive action. This negligence exposed them to more breaches and caused the media to scrutinize the company's stand on cyber security. The effect was the Federal Credit Union suing Wendy’s for such careless acts. Also, customers questioned how much Wendy's valued them if they did not take the breach seriously What have we learned? - When a crisis hits your company: - Spring into action and assure customers that you are taking all the proper steps in mitigating damage - Waiting to take action will only harm the company more - Show customers the company cares about them and their personal information Lessons
Notes de l'éditeur
- Picture of us at Wendy’s will be taken Sunday
- https://www.thestreet.com/story/13632421/1/wendy-rsquo-s-wen-stock-falls-after-security-breach-update.html