TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
IGPC Data Breach Planning braindump
1.
2. YOUR SPEAKER
•JAMES MCKINLAY IS CURRENTLY THE HEAD OF INFORMATION SECURITY AT ATOS WORLDLINE.
•HE SITS ON THE GLOBAL DATA PROTECTION OFFICERS COMMITTEE AND THE GLOBAL SECURITY STEERING COMMITTEE, CONTRIBUTING TO THE GLOBAL SECURITY KPI PROGRAM AS WELL AS DATA PROTECTION TRAINING, AWARENESS AND COMMUNICATIONS.
•HE IS RESPONSIBLE FOR THE DEVELOPMENT OF INFORMATION SECURITY STRATEGY ACROSS ALL UK PRODUCTS, PLATFORMS AND SERVICES WHILST SUPPORTING THE GLOBAL 27001 INITIATIVE.
•JAMES WAS PREVIOUSLY RESPONSIBLE FOR CISO LEVEL INCIDENT RESPONSE CONSULTANCY WHERE HE ADVISED ON SOC, CIRT AND SIEM PROJECTS AND FOR MANAGING THE INFORMATION SECURITY MONITORING TEAMS AT A NUMBER OF HOUSEHOLDS NAMES SUCH AS ASDA, MANCHESTER AIRPORTS GROUP AND NETFLIGHTS.COM
3. AGENDA
HOW DATA BREACH PLANNING CAN BUILD IMPORTANT BRIDGES ACROSS YOUR ORGANISATION
•BACKGROUND,
•INFORMATION SYSTEMS VIEW,
•& BUSINESS VIEW
4. DEFINITIONS
CSIRT
Computer Security Incident Response Team
SOC
Security Operations Centre
PCIDSS
Payment Card Industry Data Security Standard
DFIR
Digital Forensics Incident Response
LEA
Law Enforcement Agency
SIEM
Security Information Event Management
SANS
System Administrator Network Security Institute
NSM
Network Security Monitoring
Others
JDI JIT SEP NMP TARFUN
5. DATA BREACHES IN THE NEWS
•NOVEMBER 14TH – WESTLAW
•NOVEMBER 14TH – TURKISH POWER ADMINISTRATION
•NOVEMBER 13TH – PARASOLE RESTAURANT HOLDINGS
•NOVEMBER 13TH – THOMAS COOK BELGIUM
•NOVEMBER 13TH – FINALEASE CAR CREDIT
•NOVEMBER 13TH - MENSURA
•NOVEMBER 13TH – HSBC TURKEY
•NOVEMBER 12TH – ONSIGHT HEALTH DIAGNOSTICS
•NOVEMBER 12TH – EASTERN IOWA AIRPORT
•NOVEMBER 10TH – GRAND CASINO MILLE LACS
10. TOP 20 CRITICAL CONTROLS
CSC 18: Incident Response and Management
Protect the organization’s information, as well as its reputation, by developing and
implementing an incident response infrastructure (e.g., plans, defined roles,
training, communications, management oversight) for quickly discovering an attack
and then effectively containing the damage, eradicating the attacker’s presence,
and restoring the integrity of the network and systems.
http://www.counciloncybersecurity.org/critical-controls/
16. OTA DATA BREACH READINESS GUIDE
•HTTPS://OTALLIANCE.ORG/RESOURCES/2014-DATA-PROTECTION-BREACH-READINESS-GUIDE-OVERVIEW
17. PEOPLE YOU NEED TO MAKE FRIENDS WITH
•DPO ( AS REGISTERED WITH ICO) OR AS CHOSEN WITHIN THE ORG
•CONTRACTS MANAGER (LEGAL) (SECURITY IN SUPPLY CHAIN REVIEW)
•PRIVACY EXPERT (LEGAL) (COMPOSING LETTERS, PRESS RELEASES, MEETING REGULATORY TIMELINES)
•HEAD OF RISK – GET DATA LOSS ON THE CORPORATE RISK REGISTER
•HEAD OF INTERNAL AUDIT – GET DATA PROTECTION AUDITS ON THEIR AGENDA
•SERVICEDESK MANAGER – AN ITIL INCIDENT IS NOT ALWAYS A CSIRT INCIDENT
•BCM – PANDEMIC PLAN, BIA, BC PLAN, MAJOR INCIDENT PLAN, MODEL FOR DATA BREACH PLAN
•INTERNAL COMMS TEAM - (PREVENT RUMOURS, GET QUICK AND ACCURATE MESSAGE OUT INTERNALLY)
•EXTERNAL COMMS TEAM – (LAW ENFORCEMENT AS WELL AS MEDIA AND CUSTOMER)
•LEARNING AND DEVELOPMENT – (MANDATORY TRAINING)
•INSURANCE BROKER