maintaining customer loyalty through business …...maintaining customer loyalty through business...
TRANSCRIPT
MAINTAINING CUSTOMER LOYALTY THROUGH BUSINESS RESILIENCE
Thomas E. Williams Business Continuity/Cyber Security Strategy Manager
Gladiator - A Division of Jack Henry & AssociatesNorthville, Michigan
[email protected] 313-318-3839
August 8 & 9, 2019
© 2017 Jack Henry & Associates, Inc.®1© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Maintaining Customer Loyalty Through Business Resilience
Tom WilliamsBusiness Continuity/Cyber Security Strategy Manager
Jack Henry & Associates, Inc.®
Presented byGladiator - A Division of Jack Henry & Associates &
The Graduate School of BankingAugust 9-10, 2019
© 2017 Jack Henry & Associates, Inc.®2© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Tom Williams
Jack Henry & Associates
(Gladiator Division)Business Continuity-Cyber Security Strategy Manager
313-318-3839
© 2017 Jack Henry & Associates, Inc.®3© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Agenda
Information Security Program Components
Executing the Business Continuity / Cyber Incident Response Plan
Gladiator Cyber-Attack Mock Drill
Key Cyber Threats Facing Financial Institutions Today
The FFIEC Guidelines on Business Continuity and Cyber Security
© 2017 Jack Henry & Associates, Inc.®4© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Jack Henry & AssociatesThree Successful Brands
• Community and Multi-Billion Dollar Banks
• Core Processing Systems• Integrated Complementary
Products• In-House or Outsourced
Services
• Credit Unions of All Sizes• Core Processing Systems• Integrated Complementary
Products• In-House or Outsourced
Services
• Financial Institutions of All Sizes
• Corporate Entities and Strategic Partnerships
• Core Processor Agnostic• Best-of-Breed Niche Solutions
© 2017 Jack Henry & Associates, Inc.®5© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Brief Introduction to Gladiator Services
Gladiator®
CoreDEFENSEManaged Security
Services™
Gladiator® IT Regulatory Compliance/Policy
Products™
Centurion Business Continuity
Planning™/ Centurion Disaster
Recovery®
Gladiator® Hosted Network Solutions™
Gladiator® Managed IT Services™
© 2017 Jack Henry & Associates, Inc.®6© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
© 2017 Jack Henry & Associates, Inc.®7© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
In the News
CNN Headline - March 23rd
The FBI is investigating a ransomware attack on the city of Atlanta
© 2017 Jack Henry & Associates, Inc.®8© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Every business is at risk from …Natural Disasters, Accidents, & Environmental Events
Cyber Attacks and Terrorism
Power & Energy Disruptions
Internal / External Fraud
Physical Security
Human Error
© 2017 Jack Henry & Associates, Inc.®9© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
The Information Security Program Components
© 2017 Jack Henry & Associates, Inc.®10© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Information Security Defined
• The processes and methodologies involved with keeping information Confidential, Available, and assuring its Integrity.
• Includes the following:– Access controls: Unauthorized access.– Protecting information: In transit, storage or idle state.– Resolution: Detection and remediation of breaches.
© 2017 Jack Henry & Associates, Inc.®11© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Three Principles of Information Security
• Confidentiality• Integrity• Availability
© 2017 Jack Henry & Associates, Inc.®12© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Information Security Program Components
© 2017 Jack Henry & Associates, Inc.®13© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Information Security Program Components
Compliance/ Risk
Committee
© 2017 Jack Henry & Associates, Inc.®14© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Compliance / Risk Committee
• Board Representation• Executive Management• Information Technology• Compliance / BSA / Information
Security Officers• Human Resources• Business Unit Managers /
Representatives
© 2017 Jack Henry & Associates, Inc.®15© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Information Security Program Components
PoliciesCompliance/
RiskCommittee
© 2017 Jack Henry & Associates, Inc.®16© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Policies
• Information Security – Cyber-Security– Assignment of Responsibilities– Data Classification– Risk Management & Control – Vendor Oversight– Training– Incident Response– Program Review & Testing
© 2017 Jack Henry & Associates, Inc.®17© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.© 2018 Jack Henry & Associates, Inc.
Policies
• Tech Mgt & Responsibilities• Physical / Logical Security• Core Processing Services &
Security• Data Classification• Audit & Review• Education• Change Management
• Data Storage & Backup• Technology Usage (Wireless-
Email-VoIP-Remote Access-Mobile)
• Technology Management (Hardware/Software Inventory & Licensing-Patch Management-Lifecycle Management)
• Monitoring & Reporting
© 2017 Jack Henry & Associates, Inc.®18© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Information Security Program Components
Policies
Compliance/ Risk
CommitteeRisk/Vulnerability
Assessments
© 2017 Jack Henry & Associates, Inc.®19© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Risk/Vulnerability Assessments• Information Security• IT Risk Assessment• E-banking
– Internet Banking – Authentication – Wires/ACH Origination – Remote Deposit Capture/Mobile Deposit Capture
• ID Theft Prevention– Fraud Alerts – Close Compromised Accounts
• External Penetration Testing• Internal Vulnerability Testing• Social Engineering Testing
© 2017 Jack Henry & Associates, Inc.®20© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Information Security Program Components
Risk/VulnAssessmentsPolicies
Compliance/ Risk
Committee
Business Continuity &
Incident Response
Plan
© 2017 Jack Henry & Associates, Inc.®21© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.© 2018 Jack Henry & Associates, Inc.
Business Continuity / Incident Response Plan TOCBusiness Continuity Plan TOC1. Team Information
1. BU Recovery Team - Recovery Organization Charts
2. Workspace & Equip. Summary - Facilities & Locations
2. Notifications1. Personnel Notification Script - Business
Unit Call List2. Call List Team Leaders – External/Internal
Notifications3. Recovery Tasks
1. Recovery Phases – Recovery Tasks for Rec. Team
4. Business Impact Analysis Reports5. Process & Resources Reports6. Recovery Forms7. Appendix
Incident Response Plan TOC
© 2017 Jack Henry & Associates, Inc.®22© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Information Security Program Components
Risk/VulnAssessmentsPolicies
Compliance/ Risk
Committee
Incident Handling & Reporting
Business Continuity &
Incident Response
Plan
© 2017 Jack Henry & Associates, Inc.®23© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Incident Handling & Reporting
• Identify Roles & Responsibilities• Recognize & Identify Event• Inform Appropriate Personnel• Initiate Documentation Process• Assign Incident Severity Level• Contain & Eradicate Event• Implement Preventative
Measures
• Recover• Notify Law Enforcement /
Customers / Regulators• Establish Media Communications• Perform Forensic Follow-up
Analysis• Create Executive Report• Store Documentation & Evidence• Post Mortem Review
© 2017 Jack Henry & Associates, Inc.®24© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Information Security Program Components
Risk/VulnAssessmentsPolicies
Compliance/ Risk
Committee
Incident Handling & Reporting
Vendor Management
Business Continuity &
Incident Response
Plan
© 2017 Jack Henry & Associates, Inc.®25© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Vendor Management
• Vendor Evaluation and Selection • Contract Negotiations• Service Level Agreements (SLA)• Risk Management• Ongoing Due Diligence• Contingency Planning / Termination
© 2017 Jack Henry & Associates, Inc.®26© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Information Security Program Components
Risk/VulnAssessmentsPolicies
Compliance/ Risk
Committee
Incident Handling & Reporting
Vendor Management
Security Awareness
Training
Business Continuity &
Incident Response
Plan
© 2017 Jack Henry & Associates, Inc.®27© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Security Awareness Training
• For Employees, Board & Management & Customers– Social Engineering (Pre-text calling – Phishing)– Acceptable Use– Incident Response– BCP – ID Theft Prevention / Handling
© 2017 Jack Henry & Associates, Inc.®28© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Information Security Program Components
Risk/VulnAssessmentsPolicies
Compliance/ Risk
Committee
Business Continuity &
Incident Response
Plan
Incident Handling & Reporting
Vendor Management
IncidentReporting
Audits & Testing
© 2017 Jack Henry & Associates, Inc.®29© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Audits & Testing
Risk AssessmentsDefine ScopeControl Design and Operational Effectiveness TestingReportingRemediation Tracking
© 2017 Jack Henry & Associates, Inc.®30© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Risk/VulnAssessmentsPolicies
Compliance/ Risk
Committee
Incident Reporting &
Handling
Vendor Management
Security Awareness
Training
Audits & Testing
Regulatory Exams
Information Security Program Components
Business Continuity &
Incident Response Plan
© 2017 Jack Henry & Associates, Inc.®31© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Regulatory Exams
• FFIEC (Federal Financial Institution Examination Council)– OCC (Office of Comptroller Currency)– FRB (Federal Reserve Bank)– FDIC (Federal Deposit Insurance Corporation)– NCUA (National Credit Union Administration)– CFPB (Consumer Financial Protection Bureau)
© 2017 Jack Henry & Associates, Inc.®32© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Risk/VulnAssessmentsPolicies
Compliance/ Risk
Committee
Incident Reporting Vendor
Management
Security Awareness
Training
Audits Regulatory Exams
Information Security Program Components
Business Continuity &
Incident Response Plan
Today’s Focus
© 2017 Jack Henry & Associates, Inc.®33© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Detailed Status of InfoSec tasks
IS Ongoing Compliance Management – Status Report – Security Monitoring
© 2017 Jack Henry & Associates, Inc.®34© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Detailed Status of InfoSec tasks
IS Ongoing Compliance Management – Status Report – BCP/Disaster Recovery
© 2017 Jack Henry & Associates, Inc.®35© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Detailed Status of InfoSec tasks
IS Ongoing Compliance Management – Status Report – Vendor Management
© 2017 Jack Henry & Associates, Inc.®36© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Detailed Status of InfoSec tasks
IS Ongoing Compliance Management – Status Report – Policies
© 2017 Jack Henry & Associates, Inc.®37© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Remediation tracking
IS Ongoing Compliance Management – Status Report – Remediation Activities
© 2017 Jack Henry & Associates, Inc.®38© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Information Security Officer Responsibilities
Responsible for the Administration and Execution of the Information Security Program
Audits & Exams
© 2017 Jack Henry & Associates, Inc.®39© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Maximizing Effectiveness
© 2017 Jack Henry & Associates, Inc.®40© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Structure of Accountability
Skills and Expertise
Time Allocation
Governance Risk & Compliance
Effective Information
Security Program
© 2017 Jack Henry & Associates, Inc.®41© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Examiners position on Information Security Officer (ISO)
Independent ISO or Committee
Sufficient knowledge and training
Separate InfoSec oversight from IT
Rightsized InfoSec program
Source: FFIEC Guidelines, 2006
© 2017 Jack Henry & Associates, Inc.®42© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Examiners ISO methodologies
• Hire an ISO
• Appoint ISO Committee
• Outsource ISOAccepted by FFIEC
© 2017 Jack Henry & Associates, Inc.®43© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Information Security
Program Position
© 2017 Jack Henry & Associates, Inc.®44© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
What is your Bank’s Information Security Program Position?
Limited Information Security Program
Effective Information Security Program
Moderate Risk
Each organization should continually strive to move toward the Low Risk area
Semi-High
Semi-Low
Low Risk
High Risk
© 2017 Jack Henry & Associates, Inc.®45© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
What is Business Continuity Planning?
© 2017 Jack Henry & Associates, Inc.®46© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Business Continuity Planning is a proactive planning process that ensures critical services or products are delivered during a disruption.
© 2017 Jack Henry & Associates, Inc.®47© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Business ContinuityBusiness Unit Plans to
restore Critical Business Functions / Processes that the Business Units
are responsible for
Incident Response Plan used by the
Incident Response Team to prevent,
mitigate and recover from a cyber incident
Business Continuity Planning
encompasses Incident Response
Planning
© 2017 Jack Henry & Associates, Inc.®48© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
People/ProcessesEmployeesMembersProcessesVendorsFire / PoliceUtilitiesRegulatorsPlans / ProceduresDocumentation
FacilitiesAlternate work areasRepaired facilitiesRecovery centersHospitalsShelter areasMobile Recovery UnitsOff-site storage facilities
TechnologySystemsServersApplicationsDataTelecommunications
© 2017 Jack Henry & Associates, Inc.®49© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
People/Processes Facilities Technology
Lend
ing
Ret
ail
Ban
king
Ope
ratio
ns
© 2017 Jack Henry & Associates, Inc.®50© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
RISK MONITORING
BU
SINESS
IMPAC
T AN
ALYSISRISK
ASSESSMENT
RIS
K
MAN
AGEM
ENT
BCP Lifecycle
Business Functions-Recovery Window-Resources-Contingency StrategiesDi-Impact
Threats-Natural -Human-Technical-Cyber Attacks
Documentation-Emergency Management Plans
-Crisis Management Plans-Business Unit Plans-Incident Response Plan
Plan Maintenance-Phased approach-Tabletop exercises-Mock drills-Functional testing
FFIEC BCP Guidelines
© 2017 Jack Henry & Associates, Inc.®51© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
© 2017 Jack Henry & Associates, Inc.®52© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Process for Recovering from a Disaster Event
© 2017 Jack Henry & Associates, Inc.®53© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Recovery Phases & Plan Execution
RECOVERY TIMELINE
© 2017 Jack Henry & Associates, Inc.®54© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Recovery Phases & Plan Execution
CRISIS MANAGEMENT• Evacuation &
safety• Liaison• Stabilize• Incident
Response• Damage
assessment• Communications• Disaster
declaration
1
© 2017 Jack Henry & Associates, Inc.®55© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Recovery Phases & Plan Execution
2CRISIS MANAGEMENT1
RELOCATE & RESTORE
• Notifications• Salvage• Establish
Command Centers
• Determine alternate workspaces
• Acquire resources
• Restore resources
© 2017 Jack Henry & Associates, Inc.®56© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Recovery Phases & Plan Execution
2CRISIS MANAGEMENT1
RELOCATE & RESTORE
RECOVER BUSINESS FUNCTIONS3
• Recreate lost work
• Implement contingency strategies
• Resume business functions
© 2017 Jack Henry & Associates, Inc.®57© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Recovery Phases & Plan Execution
2CRISIS MANAGEMENT1
RELOCATE & RESTORE
RECOVER BUSINESS FUNCTIONS3
REBUILD & RETURN4
• Repair or replace damaged equipment an/or facilities
• Formulate a plan for returning to normal operations
• Execute the plan
• Perform a debrief session
© 2017 Jack Henry & Associates, Inc.®58© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Locations, Personnel,
Recovery Teams, Departments
Business Functions, Process, Resources
Vendors, External Contacts
IT & Application Recovery Procedures
Custom Documentation
Testing
BCP Maintenance/
TestingProcess
© 2017 Jack Henry & Associates, Inc.®59© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Documentation
Emergency Management Plans• Evacuation procedures• Scenarios
Crisis Management Team Plan
Business Unit Recovery Team Plans
© 2017 Jack Henry & Associates, Inc.®60© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Team Responsibilities
MANAGEMENT ADMINISTRATIVE DAMAGE ASSESSMENT
INFORMATION SYSTEMS
BUSINESS UNITS
CRISIS MANAGEMENT
BUSINESS UNIT RECOVERY
Business Units• Recover business functions
- Relocate to assigned workspaces- Acquire and restore resources - Recreate lost work- Implement Contingency Strategies
© 2017 Jack Henry & Associates, Inc.®61© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
© 2017 Jack Henry & Associates, Inc.®62© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Cyber-Attack Recovery Process
© 2017 Jack Henry & Associates, Inc.®63© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
• Identify• Protect • Detect• Respond• Recover
Beyond Cybersecurity: Cyber Resilience
NIST Framework
© 2017 Jack Henry & Associates, Inc.®64© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
• People – Board awareness, Educate all stakeholders, Trusted Advisor Partnerships
• Processes – Cyber Risk Appetite Statement, Test Incident Response Plan with DR/BCP; Succession Plan
• Technology – Monitor transactions and layer services to prevent, detect and respond to attacks; partner with trusted TSPs
Defense in Depth
© 2017 Jack Henry & Associates, Inc.®65© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Defense in Depth - TechnologyCore
Provider
WAN
© 2017 Jack Henry & Associates, Inc.®66© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Gladiator Research
Threat Intelligence Process
US-CERT
FBI FS-ISAC
iSIGHT
NCFTA
PlatformVendorsJHA
3rd Party
OtherPartners
Identify current methods attackers are using to infiltrate networks and infect systems
Locate and track hostile domains, botnets, and hosts on the Internet
Reverse engineer malware to learn new behaviors and infection methods
Assess current financial fraud methods
© 2017 Jack Henry & Associates, Inc.®67© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Incident Response Process
Cyber Incident
1.Report Incident
• Technical Support / Help Desk
2.Incident
Classification• Validation and Severity
of Incident
3.Notification/Escalation
• Who to contact, internal-external
4.Assessment
• Entry point of virus• Systems affected• Time to close incident• Regulatory - Law agencies
5.Documentation
• Phone conversations• System logs• Meeting minutes• Screen shots
6.Containment
• Shut down system• Disconnect from network• Monitor system/network• Set traps• Disable functions, etc.
© 2017 Jack Henry & Associates, Inc.®68© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Incident Response Process7.
Protecting Evidence
• Preserving hard drives• Documenting incidents
8.Eradication &
Recovery• Anti-virus software• System rebuilds
9.Follow-up Analysis
• System monitoring• Sequence of events• Method of discovery• Lessons learned
10.Incident
Prevention• Technology• Policies, procedures• Training on security awareness• Technical configurations• Access permissions, logs, etc.
11Vendor
Management• Tier 1 vendors must report all Incidents• T1 vendors must have Incident Response Plans• T1 Vendors must have Business Continuity Plans
© 2017 Jack Henry & Associates, Inc.®69© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Top Cyber Threats facing Financial Institutions
© 2017 Jack Henry & Associates, Inc.®70© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Top Cyber Threats
Social Engineering
Encrypted Traffic
Malicious Code
Variants
Supply Chain
Infections
Patches/ Vulnerabilities Ransomware
© 2017 Jack Henry & Associates, Inc.®71© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Honorable Mention
Internal Threats
Internet of Things(IOT)
Wireless/ Mobile
© 2017 Jack Henry & Associates, Inc.®72© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Evaluating Your Business Continuity Program
© 2017 Jack Henry & Associates, Inc.®73© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Evaluate your Business Continuity Program
© 2017 Jack Henry & Associates, Inc.®74© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Evaluate your Business Continuity Program
© 2017 Jack Henry & Associates, Inc.®75© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Gladiator Risk Mitigation Services
• Business Continuity
• Disaster Avoidance – Disaster Recovery
• Multilayered security to mitigate cybersecurity risk
• 24/7 security monitoring
• Provide visibility into security and controls
• Certified security and compliance staff
• Empower management oversight
• Protect your reputation
RISK Mitigation
Centurion -BC/DR
CoreDEFENSE
IT Regulatory Compliance Managed IT
Hosted Network Solutions
© 2017 Jack Henry & Associates, Inc.®76© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.© 2018 Jack Henry & Associates, Inc.
Centurion BCP Services
• Enterprise-Wide BCP– Deluxe Engagement– Remote Engagement– Plan Maintenance Service
• BCP Software– COPE (Centurion’s Online Planning Expert)– SQL Database
• BC / DR Plan Reviews– DR Testing Assistance i.e., Replication Testing
• Mock Disaster Drills– Natural and Manmade Disasters– Cyber Attack
© 2017 Jack Henry & Associates, Inc.®77© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Gladiator Risk Mitigation Services
• Business Continuity
• Disaster Avoidance – Disaster Recovery
• Multilayered security to mitigate cybersecurity risk
• 24/7 security monitoring
• Provide visibility into security and controls
• Certified security and compliance staff
• Empower management oversight
• Protect your reputation
RISK Mitigation
Centurion -BC/DR
CoreDEFENSE
IT Regulatory Compliance Managed IT
Hosted Network Solutions
© 2017 Jack Henry & Associates, Inc.®78© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
BCP/DR Support Organizations Websites• www.centuriondr.com
– Centurion Disaster Recovery • www.ready.gov
– US Department of Homeland Security• www.drj.com
– Disaster Recovery Journal (free magazine)• www.ffiec.gov
– Federal Financial Institutions Examination Council’s site• www.redcross.org
– American Red Cross• www.fema.gov
– Federal Emergency Management Agency• www.citizenscorps.gov/cert/
– Community Emergency Response Team• http://www.operationhope.org/effak/effak_english.pdf• Emergency Financial First Aid Kit – Supported by Operation Hope & FEMA
© 2017 Jack Henry & Associates, Inc.®79© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Gladiator Cyber-Attack Mock Drill
© 2017 Jack Henry & Associates, Inc.®80© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
• Provide an interactive experience based on decisions associated with a cyber incident.
• Better understand your financial institution’s vulnerability toward cyber incidents.
• Assess your financial institution’s Incident Response Plan (IRP).
• Identify the major milestones associated with a cyber incident.
• Collaborate with your peers to share approaches to dealing with cyber incidents.
Cyber Incident Response Drill Objectives
© 2017 Jack Henry & Associates, Inc.®81© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
• This is a test exercise, based on the probability of a real-world scenario.
• Treat scenario details as fact.
• Think about how your bank’s cyber program would measure up to a similar, but real incident.
• Consider what improvements may be required to your IRP resulting from the drill.
Cyber-Attack Drill Information
© 2017 Jack Henry & Associates, Inc.®82© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
• You will be assigned to the Incident Response Team (IRT) of The Financial Institution of Madison.
• Your team will be given a scenario resulting in a cyber incident to The Financial Institution of Madison.
• Please assume the role that you are assigned to as an Incident Response Team Member.
• As the IRT your team must adhere to the appropriate steps required to navigate through the cyber incident.
Cyber-Attack Drill Information
© 2017 Jack Henry & Associates, Inc.®83© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Incident Response Drill Challenges
Situational events that your IRT has to make decisions on
Share ideas and learn from your peers
Challenges are derived from real-world situations
Poll Everywhere will display team challenge results
Creates group discussion and collaboration
© 2017 Jack Henry & Associates, Inc.®84© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
• $757 million in assets
• Main office is located in downtown Madison, WI
• 9 additional branch office locations throughout Madison
• 211 employees and 511,000 customers
Financial Institution of Madison Bank Profile
© 2017 Jack Henry & Associates, Inc.®85© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
• Core processing – Outsourced• Windows® infrastructure runs at main office• VMware Snapshots taken once per day and replicated off-
site at another branch twenty-five miles away• Uses a MPLS common network between branches• Thirty days of historical backups
Financial Institution of Madison Technology Profile
© 2017 Jack Henry & Associates, Inc.®86© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
• More information will be provided during the class section to maintain the overall integrity of the exercise
• Be prepared to play an active role on the Incident Response Team that you are assigned to
• Regardless of your current role at your bank, the drill will provide insight to the fact that cyber-security is the responsibility of all employees
Gladiator Cyber-Attack Mock Drill
© 2017 Jack Henry & Associates, Inc.®87© 2017 Jack Henry & Associates, Inc.®© 2018 Jack Henry & Associates, Inc.
Tom Williams
Jack Henry & Associates
(Gladiator Division)Business Continuity-Cyber Security Strategy Manager
313-318-3839