SURVEY ON THE FINANCIAL CRISIS EFFECT ON BUSINESS CONTINUITY a year later.
Business Continuity & Crisis Management in the Cyberbreach Age
-
Upload
bryghtpath-llc -
Category
Leadership & Management
-
view
370 -
download
2
Transcript of Business Continuity & Crisis Management in the Cyberbreach Age
BusinessContinuity&CrisisManagementintheCyberbreach Age
BryanStrawser,MBCP,MBCI,CISSP,CEMPrincipalConsultant&CEO
DataBreaches
Company Impacted People
SonyPictures 6,000
SallyBeauty 25,000
NeimanMarcus 1,100,000
Michaels Stores 3,000,000
Community HealthSystems 4,500,000
PFChang’s 7,000,000
HomeDepot 56,000,000
Target 70,000,000
JPMorgan 76,000,000
Anthem 80,000,000
eBay 145,000,000
7
TheLast36Months
Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]
Today
• ContinuityofOperations
• Crisis/EmergencyManagement
• CrisisCommunications
• Wheretolearnmore…
• Q&A
13
KeyTopics
ContinuityofOperations
Theabilitytocontinueperformanceofmissionessentialfunctionsundera
broadrangeofcircumstances
14
AnOverview
ContinuityofOperations
• MissionEssentialFunctions(MEFs)– Criticalfunctionsperformedbyyouragency– Determinedthroughamethodology– Plansareinplacetorecoverfromadisruption
• BroadRangeofCircumstances– “All-Hazards”approach– Plans(Annexes)forspecificcircumstances
15
Whatitmeans
GlobalStandards
USGovernment• FEMAFederalContinuityDirectives(FCD1/FCD2)• FEMAContinuityGuidanceCirculars(CGC1/CGC2)• NIST800-34,ContingencyPlanningGuideforFederalInformationSystems
BusinessContinuity• ISO22301(formerlyBS25999)• NFPA1600• ASISBusinessContinuityManagementStandard• ASISSPC.1:OrganizationalResilience
ProfessionalPractices• DisasterRecoveryInstituteInternationalBC/DRProfessionalPractices• BusinessContinuity InstituteGoodPracticeGuide
16
BusinessContinuityandEmergencyManagement
• Federalguidancefornon-Federalgovernmentalentities
• Contents:– PlanningandimplementingaCOOPprogram
– Continuityplanningformissionessentialfunctions
17
FEMAContinuityGuidanceCircular1(CGC1)ContinuityofOperationsProgramforState/Local/TribalGovernment
Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]
• Federalguidancefornon-Federalgovernmentalentities
• Contents:– IdentificationandprioritizationofMissionEssentialFunctions(MEF)
– BusinessProcessAnalysis– BusinessImpactAnalysis– RiskAssessment
18
FEMAContinuityGuidanceCircular2(CGC2)ContinuityofOperationsProgramforState/Local/TribalGovernment
Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]
BusinessContinuityRegulations
UnitedStates• FederalFinancialInstitutionsExaminationCouncil(FFIEC)• SecuritiesandExchangeCommission(SEC)• FinancialIndustryRegulatoryAuthority(FINRA)• PaymentCardIndustryStandard(PCI)
19
We’refromthegovernment,we’reheretohelp…
Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]
20
ContinuityofOperationsLifecycleFEMAContinuityGuidanceCircular1(CGC1)
Plans andProcedures
Test, Training,&Exercises
Evaluations,After-ActionReports,andLessonsLearned
DevelopCorrectiveActionPlans
Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]
BusinessImpactAnalysis&RiskAssessmentIdentifyingcriticalbusinessfunctions&theirrisks
BusinessImpactAnalysis• Whatarethemissionessential functionsat
myagency?• Howlongcantheybedisrupted?• Howquicklycantheyberecovered today?• Whatistheimpactfromthatdisruptionto
myagency?• BIAMethods
RiskAssessment• Whataretheriskstothesefunctions?• Whatareourtopenterprise risks?• RiskAssessmentMethods
ThirdParties• Don’tforgetaboutthem…
Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]
Specificactionstomanageyourrisksandaddressyour
opportunities
• Prepareyouragencyfordisruption
• DevelopCOOPPlans• ImplementCOOPSolutions
22
PlansandProceduresHowcanIrecovermymissionessentialfunctionsinthetimeperiodneeded?
Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]
CoreComponentsofaCOOPPlan
• Roles&Responsibilities• Activationprocess• Managingtheimmediate
consequences• Communicationplan• Recoverprioritizedactivities• Mediaresponse• Processforstandingdown
23
PlansandProceduresContinuityofOperationsPlanning
Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]
• People– Whowilldothework?
• Technologies– What,ifany,technologieswill
enablethework?
• Facilities– Wherewilltheworkbedone?
• Communications– Howdowesharethis
information?
24
CorePlanElementsRecoveringOperations
Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]
25
Establish&ImplementBCProceduresWhatprocesseswillIfollowinadisruption?
SpecificdefinedprocessesforBusinessContinuity
Examples:• Emergencypreparedness• Governance• Activation
Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]
• “DisasterRecovery”generallypertainstotherecoverabilityofITsystems– Applications– Infrastructure
• Mustbecloselylinkedtobusinesscontinuitycapability
• ShouldheavilyutilizetheBIAfindingstoinfluenceatieredrecoverystrategy
26
DisasterRecoveryBusinessContinuityforITSystems
Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]
• Allplansshouldbeexercisedatleastannually:– Notification– TableTop– Recovery– Fullyintegrated
• DisasterRecovery– TestingDRplansandstrategies
• GovernmentGuidance:– HomelandSecurityExercise&
EvaluationProgram(HSEEP)
27
Tests,Training,andExercisesHowwillIexerciseandtestmyplans? Basedonthoseresults,howwillIimprove?
Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]
• Definedprocessforcapturinglessonslearnedandapplyingtoplansandstrategies
• Actionitemstrackedandreportedupontokeystakeholdersandleaders
28
DevelopCorrectiveActionPlansImprovingplansandproceduresfollowingatestorexercise
Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]
29
ContinuityofOperationsLifecycleFEMAContinuityGuidanceCircular1(CGC1)
Plans andProcedures
Test, Training,&Exercises
Evaluations,After-ActionReports,and
Lessons Learned
DevelopCorrectiveAction
Plans
Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]
30
ContinuityPlanOperationalPhasesWhathappenswhenthingsgobad?
Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]
Readiness&Preparedness Activation Continuity
Operations Reconstitution
RolesandResponsibilities
31
Whodoeswhat?
Copyright©2015byBryghtpathLLC|bryghtpath.com |+1-612-235-6435|[email protected]
• ElectedOfficials– Ultimatelyresponsibleforcontinuityofessentialfunctionsduringa
disruptionoremergency
• SeniorLeadership– DesignatesContinuityManagerandPlanningTeam– Approvesplans
• ContinuityManager– Responsibleforcoordinatingallcontinuityactivitieswithinanagency
• ContinuityPlanningTeam– Crossfunctionalgroupthatcoordinatesallplanswithinanagency
32
Drip,Drip…Whenadripbecomesaflood…
Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]
• 2013TargetCorporationHQFlood
• ReadPDFCaseStudyatbryghtpath.com
33
CaseStudyWhenadripbecomesaflood…
Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]
CrisisManagement
Theactivemanagementofadisruptionorescalatingsituation
Itemstoconsider:• Clearrolesandresponsibilities• Decisionmakingrightspre-defined• Singlesourceoftruthcommunication• Communicationproducts/messages• Cross-functionalcoordination
AComponentofBusinessContinuityManagement
Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]
CrisisLeadership
36
Characteristicsofastrongcrisisleader
Copyright©2015byBryghtpathLLC|bryghtpath.com |+1-612-235-6435|[email protected]
• Cross-FunctionalLeadership– Leadup(vertically)– Leadacross(horizontally)
• Bebothstrategicandtactical– Strategic:Seetheentireorganizationandexternalinfluences– Tactical:Bewillingtoworkonreallysimpleprocesseswhere
needed• Understandsthatsuccessneverhappenswithinasilo• Doesn’ttrytoget“fancy”• Canpivotinamoment• Possessesextraordinarysituationalawareness
PrivateSectorCrisisManagementFramework
37
SituationalAwareness
Copyright©2015byBryghtpathLLC|bryghtpath.com |+1-612-235-6435|[email protected]
ExecutiveCrisisTeam(ElectedLeaders/SeniorLeader)
Cross-FunctionalCrisisTeam(MissionEssentialLeaders)
CrisisManagementTeam
StrategicDecisionMaking
DaytodayoperationsRecommendations toExecutives
HorizontalCommunication
SubjectmatterexpertsSituationalawarenessupstream
Full-time/volunteer
Planning&Preparedness
38
Routinev.Novel
Copyright©2015byBryghtpathLLC|bryghtpath.com |+1-612-235-6435|[email protected]
• Don’tgetfancyatfirst– Howwilltheteam“activate”andsharethattheyareactivelymanagingasituation?
– Howwilltheyprovideupdates?– Whatdecisionswillbeescalatedtoexecutives?
• Thengetfancy– Whatcoulddisruptourbusiness?– Prioritizetheseriskswithexecutives– Planforkeyrisks
• REMEMBER:Youcannotplanforeverything• Havingaframeworkismoreimportantthanhavingaplanforeverysinglepossibility
CrisisManagementFramework
40
SituationalAwareness
Copyright©2015byBryghtpathLLC|bryghtpath.com |+1-612-235-6435|[email protected]
RoutineIncidentHOLYS$@!
Whatjusthappened?!
Protocols&ProcessesIncidentSpecificPlansPreparednessSteps
SituationalAwarenessCollaborativecross-functionaldiscussion
StrategicviewFrameworkfor
collaborativedecisionmaking&communication
CrisisLeadership
41
SituationalAwareness
Copyright©2015byBryghtpathLLC|bryghtpath.com |+1-612-235-6435|[email protected]
• What’shappening?• Whatdoweknowaboutit?• Whatimpactisithavingonourorganization?• Whatdon’tweknowwhatweneedtoknow?
PracticalAdvice
44
TheSimpleThings
Copyright©2015byBryghtpathLLC|bryghtpath.com |+1-612-235-6435|[email protected]
• Work/Organization– Clearroles&responsibilities– Establishdecisionmakingrights– Howwillyoucommunicate?– SituationalAwareness
• Personal– BeInformed– MakeaPlan– BuildaKit– Visitready.gov formorepracticaladvice
ReputationImpactHurricaneSandy- 2012
Copyright©2015byBryghtpathLLC|bryghtpath.com |+1-612-235-6435|[email protected]
InternationalBusinessTimes–11/3
CrisisCommunications
48
Sendingoutapressreleaseisn’tgoingtocutit
Copyright©2015byBryghtpathLLC|bryghtpath.com |+1-612-235-6435|[email protected]
• You’llonlygetonechancetomessagethingswithyourversionofthestory– don’tpassupthisopportunity!
• Slow,methodicalPRplanningwillnotsuffice–communicationsmustbenimble.
• Speed,accuracy,claritywillbecriticalinadatabreach
• Honesty– spinisok,butbehonest.
• Culturalcontextiscritical.
HowtoLeadduringacrisis
51
EricMcNulty,HarvardBusinessReview,December2013
Copyright©2015byBryghtpathLLC|bryghtpath.com |+1-612-235-6435|[email protected]
• Ensurecertaintyaboutdecisionmakingandstrategicmessaging
• UnderstandStakeholders– Mapoutyourstakeholders– Understandeachhasuniqueneedsforinformationandreassurance
– Developstoryarcsforeach
• Understandthatthecrisiswillevolveovertime
ContinuityofOperationsTraining
53
FEMAEmergencyManagementInstitute
Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]
• FreeFEMAIndependentStudycoursesonline
• http://training.fema.gov/EMI
ContinuityofOperationsCertifications
54
FEMAEmergencyManagementInstitute
Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]
• FEMAContinuityofOperations(COOP)Certifications
• Level1:ProfessionalContinuityPractitioner• Seriesof13independentstudyorin-personcourses• Manyin-personcoursescanbetakenthroughMNHomelandSecurity&
EmergencyManagementforfree
• Level2:MasterContinuityPractitioner• CompleteLevel1certification• Complete5additionalindependentstudyandin-personcourses• Instructonecontinuitycourseasaninstructor• Completeandpasscomprehensivewrittenexamination
• Learnmoreathttp://training.fema.gov/programs/COOP
IndustryProfessionalCertifications
BusinessContinuity• DisasterRecoveryInstituteInternational
– AssociateBusiness ContinuityProfessional(ABCP)– CertifiedBusiness ContinuityProfessional(CBCP)– MasterBusiness ContinuityProfessional(MBCP)
• BusinessContinuityInstitute– Member,Business ContinuityInstitute(MBCI)– Fellow,BusinessContinuity Institute(FBCI)
EmergencyManagement• InternationalAssociationofEmergencyManagers
– AssociateEmergencyManager(AEM)– CertifiedEmergencyManager(CEM)
55
BusinessContinuityandEmergencyManagement
Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]
ContactInformation
ContactBryan:BryanStrawserPrincipalConsultant&CEOPhone: +1-612-235-6435E-Mail: [email protected]: @bryanstrawser
LearnmoreaboutBryghtpathLLCWebsite: www.bryghtpath.comTwitter: @bryghtpathFacebook: /bryghtpathllc
56
Bryghtpath LLC
Copyright©2015byBryghtpath LLC|bryghtpath.com |+1-612-235-6435|[email protected]
OurConsultingServicesInclude:BusinessContinuity
Crisis/EmergencyManagementEnterpriseRiskManagementExerciseDesign&FacilitationGlobalIntelligence&SecurityISOTraining&Certification
Project&ProgramManagementTravelRisk&Security