managing enterprise risks in a digital world 2019 ... · 4/16/2019 · powerpoint presentation...
TRANSCRIPT
![Page 1: Managing Enterprise Risks in a Digital World 2019 ... · 4/16/2019 · PowerPoint Presentation Author: Hoffman, Craig A. Created Date: 4/16/2019 3:25:15 PM](https://reader034.vdocuments.us/reader034/viewer/2022042420/5f36e9a335f0ed59d234a4d1/html5/thumbnails/1.jpg)
Managing Enterprise Risks in a Digital World
2019 BakerHostetler Data Security Incident Response Report
April 16, 2019
Lynn Sessions | [email protected] | 713.646.1352Craig Hoffman | [email protected] | 513.929.3491Paul Karlsgodt | [email protected] | 303.764.4013
![Page 2: Managing Enterprise Risks in a Digital World 2019 ... · 4/16/2019 · PowerPoint Presentation Author: Hoffman, Craig A. Created Date: 4/16/2019 3:25:15 PM](https://reader034.vdocuments.us/reader034/viewer/2022042420/5f36e9a335f0ed59d234a4d1/html5/thumbnails/2.jpg)
BakerHostetler
2019 Key Findings• Please enable MFA!• How big is the cloud?• Incidents will not go away• Basic hygiene• Get ahead of the compliance curve• Use “compromise threat intelligence”• Focus on effective cybersecurity• Phishing is remarkably effective• Digital risk management requires an enterprise approach• Do M&A due diligence• GDPR has changed the incident response game• Regulators are working together and on their own• Class actions arising from data breaches or that allege violations of
privacy laws continue
![Page 3: Managing Enterprise Risks in a Digital World 2019 ... · 4/16/2019 · PowerPoint Presentation Author: Hoffman, Craig A. Created Date: 4/16/2019 3:25:15 PM](https://reader034.vdocuments.us/reader034/viewer/2022042420/5f36e9a335f0ed59d234a4d1/html5/thumbnails/3.jpg)
![Page 4: Managing Enterprise Risks in a Digital World 2019 ... · 4/16/2019 · PowerPoint Presentation Author: Hoffman, Craig A. Created Date: 4/16/2019 3:25:15 PM](https://reader034.vdocuments.us/reader034/viewer/2022042420/5f36e9a335f0ed59d234a4d1/html5/thumbnails/4.jpg)
![Page 5: Managing Enterprise Risks in a Digital World 2019 ... · 4/16/2019 · PowerPoint Presentation Author: Hoffman, Craig A. Created Date: 4/16/2019 3:25:15 PM](https://reader034.vdocuments.us/reader034/viewer/2022042420/5f36e9a335f0ed59d234a4d1/html5/thumbnails/5.jpg)
![Page 6: Managing Enterprise Risks in a Digital World 2019 ... · 4/16/2019 · PowerPoint Presentation Author: Hoffman, Craig A. Created Date: 4/16/2019 3:25:15 PM](https://reader034.vdocuments.us/reader034/viewer/2022042420/5f36e9a335f0ed59d234a4d1/html5/thumbnails/6.jpg)
![Page 7: Managing Enterprise Risks in a Digital World 2019 ... · 4/16/2019 · PowerPoint Presentation Author: Hoffman, Craig A. Created Date: 4/16/2019 3:25:15 PM](https://reader034.vdocuments.us/reader034/viewer/2022042420/5f36e9a335f0ed59d234a4d1/html5/thumbnails/7.jpg)
![Page 8: Managing Enterprise Risks in a Digital World 2019 ... · 4/16/2019 · PowerPoint Presentation Author: Hoffman, Craig A. Created Date: 4/16/2019 3:25:15 PM](https://reader034.vdocuments.us/reader034/viewer/2022042420/5f36e9a335f0ed59d234a4d1/html5/thumbnails/8.jpg)
![Page 9: Managing Enterprise Risks in a Digital World 2019 ... · 4/16/2019 · PowerPoint Presentation Author: Hoffman, Craig A. Created Date: 4/16/2019 3:25:15 PM](https://reader034.vdocuments.us/reader034/viewer/2022042420/5f36e9a335f0ed59d234a4d1/html5/thumbnails/9.jpg)
![Page 10: Managing Enterprise Risks in a Digital World 2019 ... · 4/16/2019 · PowerPoint Presentation Author: Hoffman, Craig A. Created Date: 4/16/2019 3:25:15 PM](https://reader034.vdocuments.us/reader034/viewer/2022042420/5f36e9a335f0ed59d234a4d1/html5/thumbnails/10.jpg)
Ransomware
• Commodity
• More problematicTrickbot to Emotet to RyukAccess, lateral movement, delete backupfiles, deploy Ryuk, wait to be contacted,and then demand large ransom
![Page 11: Managing Enterprise Risks in a Digital World 2019 ... · 4/16/2019 · PowerPoint Presentation Author: Hoffman, Craig A. Created Date: 4/16/2019 3:25:15 PM](https://reader034.vdocuments.us/reader034/viewer/2022042420/5f36e9a335f0ed59d234a4d1/html5/thumbnails/11.jpg)
95 Days 10 Days 36 Days 50 Days
Network Intrusion Timeline
![Page 12: Managing Enterprise Risks in a Digital World 2019 ... · 4/16/2019 · PowerPoint Presentation Author: Hoffman, Craig A. Created Date: 4/16/2019 3:25:15 PM](https://reader034.vdocuments.us/reader034/viewer/2022042420/5f36e9a335f0ed59d234a4d1/html5/thumbnails/12.jpg)
![Page 13: Managing Enterprise Risks in a Digital World 2019 ... · 4/16/2019 · PowerPoint Presentation Author: Hoffman, Craig A. Created Date: 4/16/2019 3:25:15 PM](https://reader034.vdocuments.us/reader034/viewer/2022042420/5f36e9a335f0ed59d234a4d1/html5/thumbnails/13.jpg)
Forensic Investigations
BakerHostetler
![Page 14: Managing Enterprise Risks in a Digital World 2019 ... · 4/16/2019 · PowerPoint Presentation Author: Hoffman, Craig A. Created Date: 4/16/2019 3:25:15 PM](https://reader034.vdocuments.us/reader034/viewer/2022042420/5f36e9a335f0ed59d234a4d1/html5/thumbnails/14.jpg)
Regulatory Enforcement Trends• Timing• Risk assessments• Security practices• Remedial measures
![Page 15: Managing Enterprise Risks in a Digital World 2019 ... · 4/16/2019 · PowerPoint Presentation Author: Hoffman, Craig A. Created Date: 4/16/2019 3:25:15 PM](https://reader034.vdocuments.us/reader034/viewer/2022042420/5f36e9a335f0ed59d234a4d1/html5/thumbnails/15.jpg)
Litigation
Data Breach Litigation• Lost/stolen device litigation ending, network
intrusions now predominant underlying issue• No decisions on class certification in 2018, one early
in 2019• Increase in shareholder derivative actions
Privacy Statute Litigation• BIPA• Impact of CCPA?
![Page 16: Managing Enterprise Risks in a Digital World 2019 ... · 4/16/2019 · PowerPoint Presentation Author: Hoffman, Craig A. Created Date: 4/16/2019 3:25:15 PM](https://reader034.vdocuments.us/reader034/viewer/2022042420/5f36e9a335f0ed59d234a4d1/html5/thumbnails/16.jpg)
Compromise ReadyKnow your environmentThreat information gatheringTechnology – preventative & detectivePersonnel – awareness & trainingSecurity assessments
Identify assets and sensitive dataImplement reasonable safeguardsIncrease detection capabilities
Vendor managementRegulatory complianceGet involved in acquisitionsConduct tabletop exercises Cyber liability insuranceOngoing diligence and oversight
BakerHostetler
“Compromise Response Intelligence”• Look at incidents that affected similar
entities and the outcomes• Do you face the same risk?
![Page 17: Managing Enterprise Risks in a Digital World 2019 ... · 4/16/2019 · PowerPoint Presentation Author: Hoffman, Craig A. Created Date: 4/16/2019 3:25:15 PM](https://reader034.vdocuments.us/reader034/viewer/2022042420/5f36e9a335f0ed59d234a4d1/html5/thumbnails/17.jpg)
Post-Incident
• Conduct lessons-learned session to evaluate IR approach – start with in-person meeting
• Evaluate containment action items and determine if any short-term or longer-term enhancements are warranted based on what occurred
• Leverage the “window”• Work to move security from technical silo to an enterprise
risk addressed by the enterprise – integration of disciplines to address “digital risks”