Master Class Incident Response Management Why You Need to Prepare

Master Class Incident Response Management Why You Need to Prepare

AGENDA / CONTENT 01 02 03 04 What could happen? A short example of what a “normal” working day could be Challenges in cybersecurity The top five challenges in cybersecurity that KuppingerCole sees for 2020 Mitigate risks What to do to mitigate the five cybersecurity challenges The problem The percentage of attacks vs. how well companies are prepared

What could happen if you go to work Maybe it is atomorrow? normal working day – or maybe not! Starting the day with coffee and mails Sitting at home and enjoying the news app while trying to download your mails from work. But again there is the same issue as last week: the mails are not loading

Going to work Fighting through the heavy traffic in New York is always challenging. But you already started to answer calls. Mr. Miller asked for the information about Customer KC, that you promised him yesterday. "Did I forget to send it?" Immediately after arriving the office you turn on your computer. This takes hours today time for another coffee! Try to open your customer management You try to open the browser to access the CRM tool, hoping to send the information about KC to Mr. Miller again. Outlook didn’t open so maybe it can work with the share function? Getting nervous you ask your colleague what’s going on with the IT today: “Yeah, I think there is some database issue we just should wait like last month maybe they patched something again?”

Call the helpdesk Two more coffees later you try to reach the helpdesk, but the hotline is always busy. You tried to use the portal but there is still an issue with your browser and Outlook isn’t working either. Crisis meeting The IT department isn’t relaxed, early this morning they received several alerts from various systems about uncommon behavior. When the admins arrived at work it became clear that the company is victim of a cyber attack. Many administrative computers are locked and the message, “You need to pay 25.000.000 in Bitcoin to get the access to your IT back” is shown on the screens. What to do next? Who informs the C-Levels?

No, it’s not a normal working day! This is not a normal day for you or the rest of the company. Someone is trying to paralyze the company and the press has been starting to ask questions. How should we proceed further? How should the company position itself internally, and what should be done in what sequence? Will someone call the police?

Just a “few” data breaches in 2019 7.5 million Adobe Creative Cloud user records were compromised, including email addresses, account information, and which Adobe products they use From First American Corporation, 885 million records were exposed online: bank transactions, social security numbers, and more 100 million Capital One customers' accounts and credit card applications were leaked Zynga’s Words With Friends popular social mobile game gained access to a database of information on more than 218 million users Health Sciences Authority was breached, and the personal data of 808 million blood donors compromised for nine weeks Facebook says it 'unintentionally uploaded' 1.5 billion people's email contacts without their consent Microsoft accidently exposed 250 million customer service records

The 5 biggest challenges in cybersecurity in 2020 Protecting data and data access in a heterogenous, connected world Data Breaches Ransomware Passwords Complex Security of Projects IoT/OT Unsecured APIs or less Ransomware is a type Modern authentication The complexity of Connected devices pose protected systems in of software which methods or enhanced cybersecurity projects, a great challenge from general are often the blocks you from security by using UBEA especially in global a security standpoint. reason for a data accessing your and strong companies, is enormous. Every connection opens breach. External computer or data, and authentication improve Which also means there a potential backdoor for attackers can attack sometimes encrypts security, but the are a lot of stakeholders attackers to slip inside those systems to gain your data. The business password is still the and barriers with the your network. Handling access to sensitive model is to blackmail main key to open the implementation and roll- this is quite challenging data. the victim to pay money door to all personal and out of new services. and difficult. in order to unlock the organizational data.

Challenges vs. mitigating measures What impact do trending technologies have? Data Breaches Artificial Intelligence in Cybersecurity API Security Privileged Access Management Incident Response Management x x x x Business Continuity Management Information Protection Lifecycle x Ransomware Passwords Complex Projects Security of IoT/OT x x x x x x x x x x x x x x Various trends cover these challenges Incident Response Management is the one topic which affects almost all the challenges that KuppingerCole sees for 2020. Others, like Privileged Access Management and Business Continuity Management also have high impact.

1 The problem 2 More than 2 out of 5 were victims 43 % of UK businesses experienced a cyber security breach in the last 12 months 3 out of 4 see cybersecurity as important 74% UK businesses say that cyber security has a high priority 3 Only 1 out of 3 is prepared But – only 27% of UK businesses had a formal cyber incident management process You need to be prepared are you?

Why your organization needs a cyber Planning and incident preparation prevents plan problems and penalties Damage to your customers and business by failing to respond On the average it takes organizations 197 days to identify a data breach and 69 days to recover Loss of revenue and financial penalties The cost of the data breach that affected TalkTalk in 2015 is estimated to have cost the company between 90M and 100M Internal confusion and poor communication Internal staff are unsure about what action to take. There is no clear communications plan – who can you ask for help?

KuppingerCole Analysts AG Wilhelmstr. 20 - 22 65185 Wiesbaden GERMANY P: 49 211 - 23 70 77 - 0 F: 49 211 - 23 70 77 – 11 E: [email protected] www.kuppingercole.com