Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.
Business	Continuity	&	Crisis	Management	
in	the	Cyberbreach Age
Bryan	Strawser,	MBCP,	MBCI,	CISSP,	CEM
Principal	Consultan...
4
5
Data	Breaches
Company Impacted People
Sony	Pictures 6,000
Sally	Beauty 25,000
Neiman	Marcus 1,100,000
Michaels Stores 3,00...
9
10
11
12
Today
• Continuity	of	Operations
• Crisis	/	Emergency	Management
• Crisis	Communications
• Where	to	learn	more…
• Q&A
13
K...
Continuity	of	Operations
The	ability	to	continue	performance	
of	mission	essential	functions	under	a	
broad	range	of	circu...
Continuity	of	Operations
• Mission	Essential	Functions	(MEFs)
– Critical	functions	performed	by	your	agency
– Determined	t...
Global	Standards
US	Government
• FEMA	Federal	Continuity	Directives	(FCD	1	/	FCD	2)
• FEMA	Continuity	Guidance	Circulars	(...
• Federal	guidance	for	non-
Federal	governmental	
entities
• Contents:
– Planning	and	implementing	
a	COOP	program
– Conti...
• Federal	guidance	for	non-
Federal	governmental	
entities
• Contents:
– Identification	and	
prioritization	of	Mission	
Es...
Business	Continuity	Regulations
United	States
• Federal	Financial	Institutions	Examination	Council	(FFIEC)
• Securities	an...
20
Continuity	of	Operations	Lifecycle
FEMA	Continuity	Guidance	Circular	1	(CGC	1)
Plans and	
Procedures
Test, Training,	&	...
Business	Impact	Analysis	&	Risk	Assessment
Identifying	critical	business	functions	&	their	risks
Business	Impact	Analysis
...
Specific	actions	to	manage	
your	risks	and	address	your	
opportunities
• Prepare	your	agency	for	
disruption
• Develop	COO...
Core	Components	of	a	COOP	Plan
• Roles	&	Responsibilities
• Activation	process
• Managing	the	immediate	
consequences
• Co...
• People
– Who	will	do	the	work?
• Technologies
– What,	if	any,	technologies	will	
enable	the	work?
• Facilities
– Where	w...
25
Establish	&	Implement	BC	Procedures
What	processes	will	I	follow	in	a	disruption?
Specific		defined	processes	for	
Busi...
• “Disaster	Recovery”	
generally	pertains	to	the	
recoverability	of	IT	systems
– Applications
– Infrastructure
• Must	be	c...
• All	plans	should	be	exercised	
at	least	annually:
– Notification
– Table	Top
– Recovery
– Fully	integrated
• Disaster	Re...
• Defined	process	for	
capturing	lessons	learned	
and	applying	to	plans	and	
strategies
• Action	items	tracked	and	
report...
29
Continuity	of	Operations	Lifecycle
FEMA	Continuity	Guidance	Circular	1	(CGC	1)
Plans and	
Procedures
Test, Training,	&	...
30
Continuity	Plan	Operational	Phases
What	happens	when	things	go	bad?
Copyright	©	2015	by	Bryghtpath LLC	|	bryghtpath.com...
Roles	and	Responsibilities
3
Who	does	what?
Copyright	©	2015	by	Bryghtpath	LLC	|	bryghtpath.com |	+1-612-235-6435	|	bryan@...
32
Drip,	Drip…
When	a	drip	becomes	a	flood…
Copyright	©	2015	by	Bryghtpath LLC	|	bryghtpath.com |	+1-612-235-6435	|	bryan@...
• 2013	Target	
Corporation	HQ	Flood
• Read	PDF	Case	Study	
at	bryghtpath.com
33
Case	Study
When	a	drip	becomes	a	flood…
Co...
3
Copyright	©	2015	by	Bryghtpath	LLC	|	bryghtpath.com |	+1-612-235-6435	|	bryan@bryghtpath.com
Crisis	Management
The	active	management	of	a	disruption	or	escalating	situation
Items	to	consider:
• Clear	roles	and	respo...
Crisis	Leadership
3
Characteristics	of	a	strong	crisis	leader
Copyright	©	2015	by	Bryghtpath	LLC	|	bryghtpath.com |	+1-612...
Private	Sector	Crisis	Management	Framework
3
Situational	Awareness
Copyright	©	2015	by	Bryghtpath	LLC	|	bryghtpath.com |	+...
Planning	&	Preparedness
3
Routine	v.	Novel
Copyright	©	2015	by	Bryghtpath	LLC	|	bryghtpath.com |	+1-612-235-6435	|	bryan@b...
39
Case	Study:	Earthquake	&	Tsunami	– Sendai,	Japan	(2011)
Crisis	Management	Framework
4
Situational	Awareness
Copyright	©	2015	by	Bryghtpath	LLC	|	bryghtpath.com |	+1-612-235-6435	...
Crisis	Leadership
4
Situational	Awareness
Copyright	©	2015	by	Bryghtpath	LLC	|	bryghtpath.com |	+1-612-235-6435	|	bryan@br...
42
43
Practical	Advice
4
The	Simple	Things
Copyright	©	2015	by	Bryghtpath	LLC	|	bryghtpath.com |	+1-612-235-6435	|	bryan@bryghtp...
45
46
Reputation	Impact
Hurricane	Sandy	- 2012
Copyright	©	2015	by	Bryghtpath	LLC	|	bryghtpath.com |	+1-612-235-6435	|	bryan@bry...
Crisis	Communications
4
Sending	out	a	press	release	isn’t	going	to	cut	it
Copyright	©	2015	by	Bryghtpath	LLC	|	bryghtpath....
49
50
How	to	Lead	during	a	crisis
5
Eric	McNulty,	Harvard	Business	Review,	December	2013
Copyright	©	2015	by	Bryghtpath	LLC	|	br...
52
Continuity	of	Operations	Training
53
FEMA	Emergency	Management	Institute
Copyright	©	2015	by	Bryghtpath LLC	|	bryghtpath.c...
Continuity	of	Operations	Certifications
54
FEMA	Emergency	Management	Institute
Copyright	©	2015	by	Bryghtpath LLC	|	bryght...
Industry	Professional	Certifications
Business	Continuity
• Disaster	Recovery	Institute	International
– Associate	Business	...
Contact	Information
Contact	Bryan:
Bryan	Strawser
Principal	Consultant	&	CEO
Phone: +1-612-235-6435
E-Mail: bryan@bryghtpa...
Business Continuity & Crisis Management in the Cyberbreach Age
Business Continuity & Crisis Management in the Cyberbreach Age
Business Continuity & Crisis Management in the Cyberbreach Age
Business Continuity & Crisis Management in the Cyberbreach Age
Prochain SlideShare
Chargement dans…5
×

Business Continuity & Crisis Management in the Cyberbreach Age

429 vues

Publié le

In this presentation, Minnesota Counties Intergovernmental Trust membership in October 2015, Bryghtpath LLC Principal Consultant & CEO Bryan Strawser provides an overview of business continuity and crisis management in the cyber breach age.

Topics discussed include emergency management, crisis management, crisis communications, project management, program management, business continuity, crisis leadership, and how to prepare your business for a disruption.

Publié dans : Direction et management
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

Business Continuity & Crisis Management in the Cyberbreach Age

  1. 1. Business Continuity & Crisis Management in the Cyberbreach Age Bryan Strawser, MBCP, MBCI, CISSP, CEM Principal Consultant & CEO
  2. 2. 4
  3. 3. 5
  4. 4. Data Breaches Company Impacted People Sony Pictures 6,000 Sally Beauty 25,000 Neiman Marcus 1,100,000 Michaels Stores 3,000,000 Community Health Systems 4,500,000 PF Chang’s 7,000,000 Home Depot 56,000,000 Target 70,000,000 JP Morgan 76,000,000 Anthem 80,000,000 eBay 145,000,000 7 The Last 36 Months Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com
  5. 5. 9
  6. 6. 10
  7. 7. 11
  8. 8. 12
  9. 9. Today • Continuity of Operations • Crisis / Emergency Management • Crisis Communications • Where to learn more… • Q&A 13 Key Topics
  10. 10. Continuity of Operations The ability to continue performance of mission essential functions under a broad range of circumstances 14 An Overview
  11. 11. Continuity of Operations • Mission Essential Functions (MEFs) – Critical functions performed by your agency – Determined through a methodology – Plans are in place to recover from a disruption • Broad Range of Circumstances – “All-Hazards” approach – Plans (Annexes) for specific circumstances 15 What it means
  12. 12. Global Standards US Government • FEMA Federal Continuity Directives (FCD 1 / FCD 2) • FEMA Continuity Guidance Circulars (CGC 1 / CGC 2) • NIST 800-34, Contingency Planning Guide for Federal Information Systems Business Continuity • ISO 22301 (formerly BS25999) • NFPA 1600 • ASIS Business Continuity Management Standard • ASIS SPC.1: Organizational Resilience Professional Practices • Disaster Recovery Institute International BC/DR Professional Practices • Business Continuity Institute Good Practice Guide 16 Business Continuity and Emergency Management
  13. 13. • Federal guidance for non- Federal governmental entities • Contents: – Planning and implementing a COOP program – Continuity planning for mission essential functions 17 FEMA Continuity Guidance Circular 1 (CGC 1) Continuity of Operations Program for State / Local / Tribal Government Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com
  14. 14. • Federal guidance for non- Federal governmental entities • Contents: – Identification and prioritization of Mission Essential Functions (MEF) – Business Process Analysis – Business Impact Analysis – Risk Assessment 18 FEMA Continuity Guidance Circular 2 (CGC 2) Continuity of Operations Program for State / Local / Tribal Government Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com
  15. 15. Business Continuity Regulations United States • Federal Financial Institutions Examination Council (FFIEC) • Securities and Exchange Commission (SEC) • Financial Industry Regulatory Authority (FINRA) • Payment Card Industry Standard (PCI) 19 We’re from the government, we’re here to help… Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com
  16. 16. 20 Continuity of Operations Lifecycle FEMA Continuity Guidance Circular 1 (CGC 1) Plans and Procedures Test, Training, & Exercises Evaluations, After- Action Reports, and Lessons Learned Develop Corrective Action Plans Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com
  17. 17. Business Impact Analysis & Risk Assessment Identifying critical business functions & their risks Business Impact Analysis • What are the mission essential functions at my agency? • How long can they be disrupted? • How quickly can they be recovered today? • What is the impact from that disruption to my agency? • BIA Methods Risk Assessment • What are the risks to these functions? • What are our top enterprise risks? • Risk Assessment Methods Third Parties • Don’t forget about them… Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com
  18. 18. Specific actions to manage your risks and address your opportunities • Prepare your agency for disruption • Develop COOP Plans • Implement COOP Solutions 22 Plans and Procedures How can I recover my mission essential functions in the time period needed? Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com
  19. 19. Core Components of a COOP Plan • Roles & Responsibilities • Activation process • Managing the immediate consequences • Communication plan • Recover prioritized activities • Media response • Process for standing down 23 Plans and Procedures Continuity of Operations Planning Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com
  20. 20. • People – Who will do the work? • Technologies – What, if any, technologies will enable the work? • Facilities – Where will the work be done? • Communications – How do we share this information? 24 Core Plan Elements Recovering Operations Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com
  21. 21. 25 Establish & Implement BC Procedures What processes will I follow in a disruption? Specific defined processes for Business Continuity Examples: • Emergency preparedness • Governance • Activation Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com
  22. 22. • “Disaster Recovery” generally pertains to the recoverability of IT systems – Applications – Infrastructure • Must be closely linked to business continuity capability • Should heavily utilize the BIA findings to influence a tiered recovery strategy 26 Disaster Recovery Business Continuity for IT Systems Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com
  23. 23. • All plans should be exercised at least annually: – Notification – Table Top – Recovery – Fully integrated • Disaster Recovery – Testing DR plans and strategies • Government Guidance: – Homeland Security Exercise & Evaluation Program (HSEEP) 27 Tests, Training, and Exercises How will I exercise and test my plans? Based on those results, how will I improve? Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com
  24. 24. • Defined process for capturing lessons learned and applying to plans and strategies • Action items tracked and reported upon to key stakeholders and leaders 28 Develop Corrective Action Plans Improving plans and procedures following a test or exercise Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com
  25. 25. 29 Continuity of Operations Lifecycle FEMA Continuity Guidance Circular 1 (CGC 1) Plans and Procedures Test, Training, & Exercises Evaluations, After-Action Reports, and Lessons Learned Develop Corrective Action Plans Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com
  26. 26. 30 Continuity Plan Operational Phases What happens when things go bad? Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com Readiness & Preparedness Activation Continuity Operations Reconstitution
  27. 27. Roles and Responsibilities 3 Who does what? Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com • Elected Officials – Ultimately responsible for continuity of essential functions during a disruption or emergency • Senior Leadership – Designates Continuity Manager and Planning Team – Approves plans • Continuity Manager – Responsible for coordinating all continuity activities within an agency • Continuity Planning Team – Cross functional group that coordinates all plans within an agency
  28. 28. 32 Drip, Drip… When a drip becomes a flood… Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com
  29. 29. • 2013 Target Corporation HQ Flood • Read PDF Case Study at bryghtpath.com 33 Case Study When a drip becomes a flood… Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com
  30. 30. 3 Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com
  31. 31. Crisis Management The active management of a disruption or escalating situation Items to consider: • Clear roles and responsibilities • Decision making rights pre-defined • Single source of truth communication • Communication products / messages • Cross-functional coordination A Component of Business Continuity Management Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com
  32. 32. Crisis Leadership 3 Characteristics of a strong crisis leader Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com • Cross-Functional Leadership – Lead up (vertically) – Lead across (horizontally) • Be both strategic and tactical – Strategic: See the entire organization and external influences – Tactical: Be willing to work on really simple processes where needed • Understands that success never happens within a silo • Doesn’t try to get “fancy” • Can pivot in a moment • Possesses extraordinary situational awareness
  33. 33. Private Sector Crisis Management Framework 3 Situational Awareness Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com Executive Crisis Team (Elected Leaders / Senior Leader) Cross-Functional Crisis Team (Mission Essential Leaders) Crisis Management Team Strategic Decision Making Day to day operations Recommendations to Executives Horizontal Communication Subject matter experts Situational awareness upstream Full-time / volunteer
  34. 34. Planning & Preparedness 3 Routine v. Novel Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com • Don’t get fancy at first – How will the team “activate” and share that they are actively managing a situation? – How will they provide updates? – What decisions will be escalated to executives? • Then get fancy – What could disrupt our business? – Prioritize these risks with executives – Plan for key risks • REMEMBER: You cannot plan for everything • Having a framework is more important than having a plan for every single possibility
  35. 35. 39 Case Study: Earthquake & Tsunami – Sendai, Japan (2011)
  36. 36. Crisis Management Framework 4 Situational Awareness Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com Routine Incident HOLY S$@! What just happened?! Protocols & Processes Incident Specific Plans Preparedness Steps Situational Awareness Collaborative cross- functional discussion Strategic view Framework for collaborative decision making & communication
  37. 37. Crisis Leadership 4 Situational Awareness Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com • What’s happening? • What do we know about it? • What impact is it having on our organization? • What don’t we know what we need to know?
  38. 38. 42
  39. 39. 43
  40. 40. Practical Advice 4 The Simple Things Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com • Work / Organization – Clear roles & responsibilities – Establish decision making rights – How will you communicate? – Situational Awareness • Personal – Be Informed – Make a Plan – Build a Kit – Visit ready.gov for more practical advice
  41. 41. 45
  42. 42. 46
  43. 43. Reputation Impact Hurricane Sandy - 2012 Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com International Business Times –11/3
  44. 44. Crisis Communications 4 Sending out a press release isn’t going to cut it Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com • You’ll only get one chance to message things with your version of the story – don’t pass up this opportunity! • Slow, methodical PR planning will not suffice – communications must be nimble. • Speed, accuracy, clarity will be critical in a data breach • Honesty – spin is ok, but be honest. • Cultural context is critical.
  45. 45. 49
  46. 46. 50
  47. 47. How to Lead during a crisis 5 Eric McNulty, Harvard Business Review, December 2013 Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com • Ensure certainty about decision making and strategic messaging • Understand Stakeholders – Map out your stakeholders – Understand each has unique needs for information and reassurance – Develop story arcs for each • Understand that the crisis will evolve over time
  48. 48. 52
  49. 49. Continuity of Operations Training 53 FEMA Emergency Management Institute Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com • Free FEMA Independent Study courses online • http://training.fema.gov/EMI
  50. 50. Continuity of Operations Certifications 54 FEMA Emergency Management Institute Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com • FEMA Continuity of Operations (COOP) Certifications • Level 1: Professional Continuity Practitioner • Series of 13 independent study or in-person courses • Many in-person courses can be taken through MN Homeland Security & Emergency Management for free • Level 2: Master Continuity Practitioner • Complete Level 1 certification • Complete 5 additional independent study and in-person courses • Instruct one continuity course as an instructor • Complete and pass comprehensive written examination • Learn more at http://training.fema.gov/programs/COOP
  51. 51. Industry Professional Certifications Business Continuity • Disaster Recovery Institute International – Associate Business Continuity Professional (ABCP) – Certified Business Continuity Professional (CBCP) – Master Business Continuity Professional (MBCP) • Business Continuity Institute – Member, Business Continuity Institute (MBCI) – Fellow, Business Continuity Institute (FBCI) Emergency Management • International Association of Emergency Managers – Associate Emergency Manager (AEM) – Certified Emergency Manager (CEM) 55 Business Continuity and Emergency Management Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com
  52. 52. Contact Information Contact Bryan: Bryan Strawser Principal Consultant & CEO Phone: +1-612-235-6435 E-Mail: bryan@bryghtpath.com Twitter: @bryanstrawser Learn more about Bryghtpath LLC Website: www.bryghtpath.com Twitter: @bryghtpath Facebook: /bryghtpathllc 56 Bryghtpath LLC Copyright © 2015 by Bryghtpath LLC | bryghtpath.com | +1-612-235-6435 | bryan@bryghtpath.com Our Consulting Services Include: Business Continuity Crisis / Emergency Management Enterprise Risk Management Exercise Design & Facilitation Global Intelligence & Security ISO Training & Certification Project & Program Management Travel Risk & Security

×