Presentation is loading. Please wait.

Presentation is loading. Please wait.

Strengthen Your County’s Security Posture Cyber Incident Scenario Joe Frohlich State of Montana – Enterprise Security Manager.

Published byRichard Sanders Modified over 8 years ago

Similar presentations

Presentation on theme: "Strengthen Your County’s Security Posture Cyber Incident Scenario Joe Frohlich State of Montana – Enterprise Security Manager."— Presentation transcript:

1 Strengthen Your County’s Security Posture Cyber Incident Scenario Joe Frohlich State of Montana – Enterprise Security Manager

2 Accept that this scenario is possible Together we will discuss possible responses No right or wrong answers Use ideas to create or improve incident response plans Cyber Incident Scenario

3 An employee in your County Clerk’s Office received an email in his work account which contained a malicious link. The employee clicked on the link and moments later a pop-up message appeared on his screen telling him all of his files had been encrypted. He has 72 hours to pay $50,000 or the files will be permanently encrypted. The message also warns that any attempt to remove the encryption without the proper key will result in the files being destroyed. Cyber Incident Scenario

4 A short time later county employees start reporting that they are unable to access the county’s recording software. It appears likely that all county records from the Clerk and Recorders system are encrypted. Soon after you receive a phone from a reporter asking about the county systems all being down.

5 What are you going to do first? Who are you going to contact? Who is going to manage the response? Who is going to communicate with the media? Would you pay the ransom?

6 Strengthen Your County’s Security Posture Incident Response Plans Lisa Vasa State of Montana – Security Analyst

7 Create a plan BEFORE you need it Applicable to any type of incident FEMA ICS forms, checklists, and training SITSD Incident Response manual

8 Identify an Incident Commander and backup Identity spokesperson Key staff knows their roles Exercise the plan with tabletop exercises

9 Strengthen Your County’s Security Posture Security Awareness Training Lisa Vasa State of Montana – Security Analyst

10 95% of incidents are human caused Ransomware & other malware Phishing Poor password management Patch & configuration management Malicious insiders Human errors

11 Training is your best defense Formal training SANS Securing the Human PhishMe CBFree FedVTE

12 Training is your best defense Informal training Posters Newsletters & email Handouts Security minute

13 Strengthen Your County’s Security Posture Questions / Open Forum

14 Dawn Temple: DaTemple@mt.gov Sean Higginbotham: SHigginbotham@cascadecountymt.gov Joe Frohlich: JFrohlich@mt.gov Lisa Vasa: LVasa@mt.gov

Download ppt "Strengthen Your County’s Security Posture Cyber Incident Scenario Joe Frohlich State of Montana – Enterprise Security Manager."

Similar presentations

1 Identity Theft and Phishing: What You Need to Know.

1 Identity Theft and Phishing: What You Need to Know.
Your NEW Social Services Verification Tool

Your NEW Social Services Verification Tool
The Most Critical Risk Control: Human Behavior Lynn Goodendorf Director, Information Security Atlanta ISACA Chapter Meeting June 20, 2014.

The Most Critical Risk Control: Human Behavior Lynn Goodendorf Director, Information Security Atlanta ISACA Chapter Meeting June 20, 2014.
1 Identity Theft: What You Need to Know. 2 Identity Theft Identity theft is a crime of stealing key pieces of someone’s identifying information, such.

1 Identity Theft: What You Need to Know. 2 Identity Theft Identity theft is a crime of stealing key pieces of someone’s identifying information, such.
James Sees Senior Network Administrator Management Analyst Cyber Protection Strategies White Hall Business Association - Cyber Security & Awareness Conference.

James Sees Senior Network Administrator Management Analyst Cyber Protection Strategies White Hall Business Association - Cyber Security & Awareness Conference.
Defense Travel Management Office Office of the Under Secretary of Defense (Personnel and Readiness) Defense Travel Management Office Office of the Under.

Defense Travel Management Office Office of the Under Secretary of Defense (Personnel and Readiness) Defense Travel Management Office Office of the Under.
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
Free Business Card Website www.asiafree.net Dr. K. F. Lee, ARPS IT&C (HK) Ltd.

Free Business Card Website Dr. K. F. Lee, ARPS IT&C (HK) Ltd.
HIPAA Privacy & Security EVMS Health Services 2004 Training.

HIPAA Privacy & Security EVMS Health Services 2004 Training.
Continuity of Operations Planning COOP Overview for Leadership (Date)

Continuity of Operations Planning COOP Overview for Leadership (Date)
Your Trusted Partner In All Things IT. 20 Years of IT Experience University Automotive Food Service Banking Insurance Legal Medical Dental Software Development.

Your Trusted Partner In All Things IT. 20 Years of IT Experience University Automotive Food Service Banking Insurance Legal Medical Dental Software Development.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
TELEPHONE ENGLISH.

TELEPHONE ENGLISH.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Have Fun, Be Safe Strategies for Internet and Social Media Safety.

Have Fun, Be Safe Strategies for Internet and Social Media Safety.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.

How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Training PowerPoint.  Just plug into the USB port on your computer. You will find USB ports on the front or back of your computer.  If you have a laptop.

Training PowerPoint.  Just plug into the USB port on your computer. You will find USB ports on the front or back of your computer.  If you have a laptop.
General Awareness Training Security Awareness Module 3 Take Action! Where To Go for Help.

General Awareness Training Security Awareness Module 3 Take Action! Where To Go for Help.
Data Security: Steps to Improved Information Security September 22, 2015 Presented by: Alex Henderson General Counsel and Chief Administrative Officer.

Data Security: Steps to Improved Information Security September 22, 2015 Presented by: Alex Henderson General Counsel and Chief Administrative Officer.

Similar presentations

Ads by Google