preparing to fail
play

Preparing to Fail Changing the way we think about cyber threats Oil - PowerPoint PPT Presentation

Apr 06, 2024 •191 likes •388 views

Preparing to Fail Changing the way we think about cyber threats Oil Rig Pic Flaming Oil Rig picture The asymmetric nature of the Internet The current state of cyber underground Our current approach UNCLASSIFIED 7 Software Integrity Denial

  1. Preparing to Fail Changing the way we think about cyber threats

  2. Oil Rig Pic

  3. Flaming Oil Rig picture

  4. The asymmetric nature of the Internet

  5. The current state of cyber underground

  6. Our current approach

  7. UNCLASSIFIED 7

  8. Software Integrity Denial of Service UNCLASSIFIED 8

  9. Specific threats to the Packaging Industry • Ransomware

  10. Ransomware

  11. Business Email Compromise

  12. Primary Schemes Name Scheme Supplier The “supplier” changes receiving bank Swindle accounts CEO Fraud The “CEO” requests an payment for an acquisition or service Shipping The “receiver” requests a change in Switch-up shipping destination 3 rd Party The “3 rd Party” service requests payment for services rendered Data theft Important data is requested for use in tax fraud UNCLASSIFIED 12

  13. BEC examples UNCLASSIFIED 13

  14. We must… • Understand the threats to our company • Design specific mitigation and recovery controls into our business process

  15. Ransomware 1.Implement the technical controls within email 2.Un-flatten our networks – everyone does not need access to everything in your network 3.Back up, virtualize, and TEST recovery 4.Don’t immediately destroy the infected system 5.Explore the payment mechanism

  16. Business email compromise 1. Implement technical controls in email such as [external] tags, webmail auditing 2. Two-factor authentication / Password re-use*** 3. Educate the specific departments that are often targeted – C-Level, Finance, Human Resources, Sales, Shipping 4. Design controls that allow for failure –Processes for shipping, payments, acquisitions, employee information 5. Engage your 3 rd parties, such as banks, consultants, law firms 6. Know who to call when failure happens, have a team in place

  17. Other considerations • Cyber insurance • 3 rd parties –Processes –Communication –Responsibilities • Managed services • Incident Response on retainer • Practice responding to incidents with the entire team UNCLASSIFIED 17

  18. Key Take Aways • If you only remember two things from my presentation, they should be… 1. Failure will happen 2. Failure doesn’t equal disaster, mishandling failure most likely will. • When you get back to your office, the two things you should do are… 1. Design your processes and relationships to mitigate failure 2. Practice your response

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

FOR AS/A2 Fail to prepare Prepare to fail We can learn anything! Walt Disney was afraid of

FOR AS/A2 Fail to prepare Prepare to fail We can learn anything! Walt Disney was afraid of

PREPARING FOR AS/A2 Fail to prepare Prepare to fail We can learn anything! Walt Disney was afraid of mice Turtles breathe through their bottoms Venus is the only planet that rotates clockwise You burn more calories sleeping

724 views • 26 slides
Just for fun: too smart to fail Just for fun: too smart to fail Francesco P. Lovergine

Just for fun: too smart to fail Just for fun: too smart to fail Francesco P. Lovergine

Just for fun: too smart to fail Just for fun: too smart to fail Francesco P. Lovergine <frankie@fsfe.org> Free Software Foundation Europe Fellowship Group Bari http://creativecommons.org/licenses/by-nc-nd/3.0/legalcode 2 7 O t t o

355 views • 17 slides
Too big to fail or Too non-traditional to fail? The determinants of banks systemic

Too big to fail or Too non-traditional to fail? The determinants of banks systemic

Too big to fail or Too non-traditional to fail? The determinants of banks systemic importance Kyle Moore 1 Chen Zhou 2 , 1 1 Erasmus University Rotterdam 2 De Nederlandsche Bank Aug 9, 2013 Moore and Zhou TBTF or TNTTF? Why we

196 views • 17 slides
Calls-to-Action that Fail: The most common causes for why CTAs fail (and how you can achieve

Calls-to-Action that Fail: The most common causes for why CTAs fail (and how you can achieve

Calls-to-Action that Fail: The most common causes for why CTAs fail (and how you can achieve quick wins with small changes) Experiment: Background Experiment ID : TP1785 Record Location : MECLABS Research Library Research Partner : [Protected]

1.19k views • 99 slides
Preparing Your Structure Production Runs Why? Structures from PDB are not perfect Rosetta

Preparing Your Structure Production Runs Why? Structures from PDB are not perfect Rosetta

Preparing Your Structure Production Runs Why? Structures from PDB are not perfect Rosetta may fail Garbage in garbage out Wrong answer Benefits Less time spent on paths spent on re relaxing the same errors of the input

341 views • 6 slides
mndag 13 maj 13 OVERVIEW Fail-recovery Precedence (1,N) Logged register Byzantine (1,N)

mndag 13 maj 13 OVERVIEW Fail-recovery Precedence (1,N) Logged register Byzantine (1,N)

FAIL-RECOVERY & BYZANTINE REGISTERS mndag 13 maj 13 OVERVIEW Fail-recovery Precedence (1,N) Logged register Byzantine (1,N) Safe (1,N) Regular x2 (1,N) Atomic mndag 13 maj 13 FAIL-RECOVERY Process can fail before completion. o

554 views • 23 slides
Why bids fail? Why bids fail? Research by McIlhiney & Goldring 2010 For Pathways 21 [ UK]

Why bids fail? Why bids fail? Research by McIlhiney & Goldring 2010 For Pathways 21 [ UK]

Why bids fail? Why bids fail? Research by McIlhiney & Goldring 2010 For Pathways 21 [ UK] Ltd How has the current economic climate affected your funding levels? y g Has that affected your preference for smaller or larger contracts?

456 views • 23 slides
Non-Instagrammable Urbanism Tactical Urbanism Wins + Fails place creative. FAIL 1 FAIL 2

Non-Instagrammable Urbanism Tactical Urbanism Wins + Fails place creative. FAIL 1 FAIL 2

Non-Instagrammable Urbanism Tactical Urbanism Wins + Fails place creative. FAIL 1 FAIL 2 SUCCESS 1 SUCCESS 2 Process Over People Ponsonby Park Auckland Council. - Waitemat Local Board - 254 Ponsonby Road Volunteer CLD Group Dr. Amanda

620 views • 21 slides
Cut Not and Fail Cut, Not, and Fail York University CSE 3401 Vida Movahedi 1 York University

Cut Not and Fail Cut, Not, and Fail York University CSE 3401 Vida Movahedi 1 York University

Cut Not and Fail Cut, Not, and Fail York University CSE 3401 Vida Movahedi 1 York University CSE 3401 V. Movahedi 07_CutNotFail Overview Overview Multiple solutions p Cut Examples p 3 reasons to use Not Fail

601 views • 27 slides
WHY MOST ONLINE COMMUNITIES FAIL ...and how you can help them succeed Most online communities

WHY MOST ONLINE COMMUNITIES FAIL ...and how you can help them succeed Most online communities

WHY MOST ONLINE COMMUNITIES FAIL ...and how you can help them succeed Most online communities fail GENERATION BENZ MetroTwin British Airways Virgin Media Pioneers Walmart Sainsburys What do these examples tell us? What do these

514 views • 24 slides
Fail to Plan, Plan to Fail: Zoning and Land Use Case Review Koontz v. St. Johns River Water Mgmt.

Fail to Plan, Plan to Fail: Zoning and Land Use Case Review Koontz v. St. Johns River Water Mgmt.

12/7/2015 SC Municipal Attorneys Association Annual Meeting and Continuing Legal Education Seminar Fail to Plan, Plan to Fail: Zoning and Land Use Case Review Koontz v. St. Johns River Water Mgmt. Dist . (2013) 5-4 Decision In Favor of

167 views • 4 slides
Nearness Gone Wrong: When Leaders Fail Steve Midgley When leaders fail... An imaginary

Nearness Gone Wrong: When Leaders Fail Steve Midgley When leaders fail... An imaginary

Nearness Gone Wrong: When Leaders Fail Steve Midgley When leaders fail... An imaginary example? The past three years... A pastor and his affairs Discipleship and pastoral beatings Discipleship and bullying Pastoral

318 views • 31 slides
Registers Shared Memory Fail-crash, fail-silent BJRN A. JOHNSSON Introduction Analogy

Registers Shared Memory Fail-crash, fail-silent BJRN A. JOHNSSON Introduction Analogy

Registers Shared Memory Fail-crash, fail-silent BJRN A. JOHNSSON Introduction Analogy from multi-CPU computers. Over network: emulation of shared-memory . Benefit: use shared-memory where there really is none. Considered

626 views • 35 slides
BUDGETING & SAVING Schell Stubbs, MBA, LLM 21 th March, 2019 Budgeting If you fail

BUDGETING & SAVING Schell Stubbs, MBA, LLM 21 th March, 2019 Budgeting If you fail

FINANCIAL SERVICES LITERACY PROGRAM BUDGETING & SAVING Schell Stubbs, MBA, LLM 21 th March, 2019 Budgeting If you fail to plan, you are planning to fail. Benjamin Franklin www.cfasociety.org/bahamas Why is Budgeting

339 views • 17 slides
TOO BIG TO FAIL BANKS: CAN THEY BE RESOLVED? Prepared for the Brookings Conference on dealing

TOO BIG TO FAIL BANKS: CAN THEY BE RESOLVED? Prepared for the Brookings Conference on dealing

TOO BIG TO FAIL BANKS: CAN THEY BE RESOLVED? Prepared for the Brookings Conference on dealing with too important to fail banks June 14, 2013 Martin Neil Baily(mbaily@brookings.edu) The Brookings Institution 1 Resolving Large Institutions and

126 views • 11 slides
Preparing for Cascadia 9.0 Preparing for Cascadia 9.0 Individual, Household, and Community

Preparing for Cascadia 9.0 Preparing for Cascadia 9.0 Individual, Household, and Community

Preparing for Cascadia 9.0 Preparing for Cascadia 9.0 Individual, Household, and Community Preparedness Bill Hasan Hillsdale Neighborhood Emergency Team members hillsdaleornet@gmail.com March 10, 2019 | Portland Bureau of Emergency

352 views • 31 slides
MARYLAND ELECTRONIC CRIMES TASK FORCE A Look at Fraud, Counterfeiting, and Cyber Crimes United

MARYLAND ELECTRONIC CRIMES TASK FORCE A Look at Fraud, Counterfeiting, and Cyber Crimes United

MARYLAND ELECTRONIC CRIMES TASK FORCE A Look at Fraud, Counterfeiting, and Cyber Crimes United States Secret Service History Legislation passed on April 14, 1865 to create Secret Service to suppress counterfeiting (was formed under the

420 views • 27 slides
Investor presentation May 2015 DIRECTION DE LA COMMUNICATION 1 Disclaimer This document has

Investor presentation May 2015 DIRECTION DE LA COMMUNICATION 1 Disclaimer This document has

Investor presentation May 2015 DIRECTION DE LA COMMUNICATION 1 Disclaimer This document has been prepared by La Poste solely for use for general investor presentations. This document is not to be reproduced by any person, nor be distributed

1.01k views • 46 slides
Greenville County and Open Office, Beginning Stages... Currently Running Microsoft Office 2003

Greenville County and Open Office, Beginning Stages... Currently Running Microsoft Office 2003

Greenville County and Open Office, Beginning Stages... Currently Running Microsoft Office 2003 on all County PC's. Began preparing for Office 2010 upgrade. Review of Budget prompted search for even more ways to cut costs. Soon

360 views • 13 slides
Stimulus Equivalence Joshua K. Pritchard, PhD In todays workshop Im going to try and

Stimulus Equivalence Joshua K. Pritchard, PhD In todays workshop Im going to try and

Stimulus Equivalence Joshua K. Pritchard, PhD In todays workshop Im going to try and convince you of the richness of humanity and language Im going to try to give you a brief primer on stimulus equivalence Im going to

984 views • 79 slides
MobiDesk: Mobile Virtual Desktop Computing Ricardo A. Baratto, Shaya Potter, Gong Su, Jason Nieh

MobiDesk: Mobile Virtual Desktop Computing Ricardo A. Baratto, Shaya Potter, Gong Su, Jason Nieh

MobiDesk: Mobile Virtual Desktop Computing Ricardo A. Baratto, Shaya Potter, Gong Su, Jason Nieh Network Computing Laboratory Columbia University September 28, 2004 Problem: Growing PC management complexity Solution: MobiDesk Issue:

392 views • 35 slides
Cyber Security and Michigan Businesses February 7, 2019 Agenda US Secret Service Jordan

Cyber Security and Michigan Businesses February 7, 2019 Agenda US Secret Service Jordan

Cyber Security and Michigan Businesses February 7, 2019 Agenda US Secret Service Jordan Johnston Special Agent with Detroit Field Office Fraud & Cybercrimes Division Member of Electronic Crimes Taskforce Member of Dark

949 views • 68 slides
The Federal Circuit Last month at PRE-CRITICAL DATE COMMERCIALIZATION DEEMED NOT A Month at a

The Federal Circuit Last month at PRE-CRITICAL DATE COMMERCIALIZATION DEEMED NOT A Month at a

J A N U A R Y 2 0 0 2 The Federal Circuit Last month at PRE-CRITICAL DATE COMMERCIALIZATION DEEMED NOT A Month at a Glance COMMERCIAL OFFER FOR SALE An offer is the manifestation of willingness to enter into a bargain, so made as to justify

208 views • 8 slides
T18 September 30, 2004 11:30 AM R EFINING R EQUIREMENTS WITH T EST C ASES Tanya Martin-McClellan

T18 September 30, 2004 11:30 AM R EFINING R EQUIREMENTS WITH T EST C ASES Tanya Martin-McClellan

BIO PRESENTATION PAPER T18 September 30, 2004 11:30 AM R EFINING R EQUIREMENTS WITH T EST C ASES Tanya Martin-McClellan Texas Mutual Insurance Company Better Software Conference & EXPO September 27-30, 2004 San Jose, CA USA Tanya

454 views • 33 slides

More recommend