ky dgs 15 presentation - breach- when bad things happen to good people - jack mortimer
DESCRIPTION
KY DGS 15 Presentation -Breach! When Bad Things Happen to Good People (And Their Organizations)- Jack MortimerTRANSCRIPT
-
When Bad Things Happento Good Governments
-
The Year of the Breach The Cases: 2 You Know, 2 You Dont What Have We Learned? The 1 Thing You Must Do
Our Time Together
-
Cyber Security
BreachHackDDoS
MalwarePhishingMalwareSpywareRansom-ware
VirusesWormsBotnets
Information Security
-
Source: Center for Digital Government, Digital States, Counties, Cities, 2014.
Public IT Priorities
1. Cybersecurity2. Shared Services3. Cloud4. Mobility5. Staffing
1. Cybersecurity2. Staffing3. Shared Services4. Mobility5. Cost Control
1. Open Gov/Data2. Mobility3. Cybersecurity4. Staffing/Portal5. DR/ COOP
STATE CIOs COUNTY CIOs CITY CIOs
-
Elected + Appointed Officials
What Respondents Want in a Network
0% 20% 40% 60% 80% 100%
Redundancy
Ease of Maintenance
Availability
Security
Network
Source: Center for Digital Government, 2015.
-
How Did We Get Here?
-
Sources: ABC | KRON TV | WCPO TV | WWLP TV | WOCH TV |WTNH TV | KOIN TV | WSJ | AP | Sony | WH.gov
Ripped from the Headlines
-
The Rise of Hacking CrewsVikingdom2015: From Russia with Malice
-
Dr. Strangelove or: How I Learned to Stop Worrying and Love the BombSource: Universal Studios (1964)
Dj vu All Over AgainHere we are again, 50 years later
-
How I Learned to Stop Worrying and Love Cybersecurity
Our Panel
-
Career Defining Breaches
-
Managing the News Cycle
-
Managing the News Cycle
-
Michael Brown
August 9, 2014
-
Dateline: Ferguson
Flickr: Chuck Jines
-
August 9, 2014 January 7, 2015Sources: Operation Ferguson/ Al Jazeera America
Global-Local Hacktivism
-
Meanwhile in the Capitol 125 miles away...
Google Maps
-
War Room 24/7
colorofchange.org
-
Can Anyone Be 100% Ready?
Flickr: Steve Warren
The one unfinished part of the states cybersecurity program and plan when the crisis hit: DDoS
-
Dateline: Jefferson City
Flickr: Steve Warren
DAYS AS WORLDWIDE
Hacktivist Target: 123
-
Target: Governor Nixon
Flickr: Steve Warren
-
Target: Governor Nixon
colorofchange.org
-
The Grand Jury Decision
Scott Olson/ Getty Images
November 24, 2014
Attacks ramp up.And fall short.
-
Key Learnings: Jefferson City
Flickr: Steve Warren
1 Understand Hacktivist Motives and Methods2 Understand DDoS Attacks3 Assess Your Network and Infrastructure4 Prioritize Assets5 Develop a Plan6 Integrate Ops Centers (Network & Security) 7 Engage Partners Early (Public & Private)8 Establish and Exercise a War Room9 Monitor Social Media10 Remain Nimble and Adaptable
-
Flickr: Steve Warren
[Someone elses] crisis is a
terrible thing to waste!
-
From the War Room
There is Something for Everyone to Do
-
Cybersecurity = risk management. Incidents are inevitable. Prepare. Fund and support. Plan for PR.
Elected and Appointed Officials
What Have We Learned?The Little Red Breach Book
-
What Have We Learned?The Little Red Breach Book
Chief Information/ Technology Officers
Own the plan.Keep stakeholders informed. No
surprises. Champion a strong security
culture.
-
Identify best practices. Evaluate strategies, programs and
tools. Monitor critical systems and
infrastructure.
Chief Information Security Officers
What Have We Learned?The Little Red Breach Book
-
Take it seriously! Scrutinize the delivery systems. Rally agency resources.
Agency or Line of Business Managers
What Have We Learned?The Little Red Breach Book
-
Understand the importance of their own roles.
Train. See something, say something.Dont click on it.
Front Line Employees
What Have We Learned?The Little Red Breach Book
-
Adopt best practices. Adhere to requirements. Share timely information.
Service Delivery Partners PrivateNon Profit
What Have We Learned?The Little Red Breach Book
-
Encouraged through awareness campaigns to:
Do the basics. Stay alert for common tricks. Be a cybercrime-fighter.
General Public - Netizens
What Have We Learned?The Little Red Breach Book
-
Thing
The Exit Question
-
DOWNLOAD THE PRESENTATION AT
govtech.com/security
http://bit.ly/1D7wPuD