march 10 cyber presentation
TRANSCRIPT
![Page 1: March 10 Cyber Presentation](https://reader034.vdocuments.us/reader034/viewer/2022051520/589e91ad1a28ab9f728b465b/html5/thumbnails/1.jpg)
© 2016 Tressler LLP
Presented by:
Cyber Security: Concerns for Your Agency
March 10, 2016
Todd M. Rowe, Tressler LLP
Kevin Mahoney, Tressler LLP
Chandler Howell, Nexum Inc.
![Page 2: March 10 Cyber Presentation](https://reader034.vdocuments.us/reader034/viewer/2022051520/589e91ad1a28ab9f728b465b/html5/thumbnails/2.jpg)
© 2016 Tressler LLP
» Who Is Our Audience Today?
» Current trends in Data Breaches
» Concerns for Municipal Bodies
» The State of Data Breach
Litigation
Pre-Breach Considerations
2
![Page 3: March 10 Cyber Presentation](https://reader034.vdocuments.us/reader034/viewer/2022051520/589e91ad1a28ab9f728b465b/html5/thumbnails/3.jpg)
© 2016 Tressler LLP
» Determining Areas of Vulnerability › What information do we keep?
› What information do we need to keep?
› How is information accessed by employees or third parties?
› Is that access narrowly tailored to what’s necessary?
» Developing a plan › Who is responsible for implementing the
plan?
› Is the plan feasible with our systems and capabilities
› Can one plan address every situation?
Pre-Breach Considerations
3
![Page 4: March 10 Cyber Presentation](https://reader034.vdocuments.us/reader034/viewer/2022051520/589e91ad1a28ab9f728b465b/html5/thumbnails/4.jpg)
© 2016 Tressler LLP
» Can we be sued for this? » Are there statutory
requirements for what we need to do next?
» Can we get someone else
to pay for this? » What we can we do to
lower our potential liability?
Pre-Breach Considerations: The Lawyers
4
![Page 5: March 10 Cyber Presentation](https://reader034.vdocuments.us/reader034/viewer/2022051520/589e91ad1a28ab9f728b465b/html5/thumbnails/5.jpg)
© 2016 Tressler LLP
» Identifying Threats
» Devices Provided To Employees
» Vendors
» Malware
» Non-Traditional Sources
Pre-Breach Considerations:
The Technology Concerns
5
![Page 6: March 10 Cyber Presentation](https://reader034.vdocuments.us/reader034/viewer/2022051520/589e91ad1a28ab9f728b465b/html5/thumbnails/6.jpg)
© 2016 Tressler LLP
» Identify decisionmaking authority. › IT personnel? Consultant? Director? Create a
defined Breach Response Team with clearly outlined responsibilities.
» Determine what data is at risk and how to secure it as quickly as possible.
› Different contingencies for financial, medical, and personal identifying information.
» Decide whether and how to restrict access to systems.
› Differs depending on type of data breach.
› Is it feasible for your organization to be without access for a period of time? What systems will be affected?
» Information Disposal › Do certain elements of your system need to
be changed or deleted immediately?
The Response Plan
6
![Page 7: March 10 Cyber Presentation](https://reader034.vdocuments.us/reader034/viewer/2022051520/589e91ad1a28ab9f728b465b/html5/thumbnails/7.jpg)
© 2016 Tressler LLP
» Determine the source of the breach. › External? Employee? Consider
different contingency plans for each.
» If you need outside help, have them in place beforehand. › Don’t wait until a breach to have to
educate a vendor on your system.
» Determine who will handle contact from potentially affected individuals, and what they are permitted to say.
The Response Plan (Cont.)
7
![Page 8: March 10 Cyber Presentation](https://reader034.vdocuments.us/reader034/viewer/2022051520/589e91ad1a28ab9f728b465b/html5/thumbnails/8.jpg)
© 2016 Tressler LLP
» Begin the process of notification. › Law enforcement. Other governmental bodies. Potential data
breach victims. Special concerns for governmental bodies. Time to bring in the lawyers for the notification letter itself.
» Insurance notification. › Determine who is responsible for putting a carrier on notice and
when to do so.
» Preservation of evidence. › Have a written policy regarding data deletion or alteration in case
of potential discovery issues. › Documenting efforts during the incident response period.
» Debriefing after the breach. › What steps should be taken to lower future risks?
The Response Plan (Cont.)
8
![Page 9: March 10 Cyber Presentation](https://reader034.vdocuments.us/reader034/viewer/2022051520/589e91ad1a28ab9f728b465b/html5/thumbnails/9.jpg)
© 2016 Tressler LLP
» Inadvertent disclosures in response to FOIA requests
» Employees/Employee Information » Patron Information » Medical Information » Vendors » Special reporting
requirements » Open meeting
requirements
Response Plan Considerations for
Governmental Bodies
9
![Page 10: March 10 Cyber Presentation](https://reader034.vdocuments.us/reader034/viewer/2022051520/589e91ad1a28ab9f728b465b/html5/thumbnails/10.jpg)
© 2016 Tressler LLP
The Response Plan (Cont.)
10
» TRAIN!
› Staff members
› Vendors
› Attorneys
› Document regular training.
![Page 11: March 10 Cyber Presentation](https://reader034.vdocuments.us/reader034/viewer/2022051520/589e91ad1a28ab9f728b465b/html5/thumbnails/11.jpg)
© 2016 Tressler LLP
Technology Considerations
11
» Information stored on the cloud.
» The rise of ransomware.
![Page 12: March 10 Cyber Presentation](https://reader034.vdocuments.us/reader034/viewer/2022051520/589e91ad1a28ab9f728b465b/html5/thumbnails/12.jpg)
© 2016 Tressler LLP
» Insurance Issues
» Breaches continue through the “Internet of Things”
» Coming changes to Illinois State Law.
Observations for 2016
12