Presentation is loading. Please wait.

Presentation is loading. Please wait.

UNMC Cyber Exercise Tabletop Exercise April 13, 2016.

Published byDarrell Randall Modified over 8 years ago

Similar presentations

Presentation on theme: "UNMC Cyber Exercise Tabletop Exercise April 13, 2016."— Presentation transcript:

1 UNMC Cyber Exercise Tabletop Exercise April 13, 2016

2 Agenda  Welcome  Introductions  Objectives  Background  Scope of Exercise  Rules of Engagement  Exercise Scenario  Hotwash  Evaluation and Final Comments

3 Welcome!!  Thank you to the exercise design team for help developing this exercise

4 Exercise Design Team  Keith Hansen, UNMC  Rick Boldt, UNMC  Marc Ferguson, Nebraska Medicine  Sharon Welna, UNMC  Brian Madison, Center for Preparedness Education

5 Introductions  Name  Role in your institution

6 Objectives At the end of this exercise:  Personnel will be able to demonstrate their knowledge and expertise in handling cyber security attacks  Personnel will have a better understanding of how the whole facility is affected  They will have a better understanding of how the event may affect the safety and welfare of staff/students  They will also have a better understanding of business continuity/resilience operations are conducted during downtime procedures/services

7 Background  Personnel rely on electronic records and computers for assistance in research and day-to-day operations with students and staff  Computer issues demonstrate our susceptibility to computer disruptions  Data attacks impact a wide range of people internally and externally  Communication among personnel may enhance earlier detection and resolution of widespread computer issues

8

9 9

10 10

11 Overview -Cyber Attacks - Dose of Reality

12 12 http://www.healthcareitnews.com/news/7-largest-data-breaches-2015

13 13

14 14

15 15

16

17 17

18 18 Dr. Jeffrey Gold Vice President University of NE UNMC Chancellor Ne Med Chairman of the Board Deb Thomas Interim Vice Chancellor Business and Finance Yvette Holly Assistant Vice Chancellor Information Technology Services Sharon Welna Information Security Officer Rosanna Morris Interim CEO Brad Britigan, MD Dean UNMC COM Interim President Michael Ash, M.D. Chief Transformation Officer UNMC/NM Security Executive Council Brian Lancaster Executive Director Information Management Harris Frankel, M.D. Chief Medical Officer UNMC/NM Security Executive Council Privacy Office UNMC/NM Security Executive Council

19 19

20 20

21 Scope of Exercise  Table Top exercise – no actual computing systems will be used Scenario will be presented Groups will discuss questions Groups will report highlights to entire assembly  No particular electronic records system is assumed  Each table will need a recorder (Planning Chiefs) and a reporter

22 Rules of Engagement  No threat, no harm, no foul – open and candid discussions are crucial  Discussions are not policy-building or policy recommendations  Proprietary information need not be released  Communication between groups is encouraged when appropriate  Cell phones, calls, etc – please step out of the room if you take a call  We are learning from each other

23 Module 1  An employee of your facility discovered that another employee had placed some confidential information on social media. He felt he had a responsibility to report the incident & contacted the Human Resource (HR) department.  HR upon getting this report did their internal investigation & determined in fact that the confidential information had been compromised. HR discussed the situation with the IT Director and the Compliance and Information Security Officer for the Family Educational Rights and Privacy Act (FERPA).  They made the determination based on the information that had been placed on social media & due to their internal facility policy that the employee was to be terminated.

24 Module 1 cont.  They met with the employee on a Friday afternoon & he was terminated. At this time the employee’s accessibility has not been properly terminated. The employee had been working with the staff on issues as identified with electronic records for research and Blackboard.  On the weekend after being terminated (which he felt had been unfair) he gained access to the facilities computer system. That weekend the staff that was on duty started having some computer issues – being extremely slow & having difficulty logging into the system. Students have started complaining to their professors that they are having issues logging in on Blackboard.

25 Module 1 cont.  On Monday multiple departments/students are having computer issues & research staff has started noticing that computer access is very slow and there are errors on diagnostic test reports.

26 Module 1 Questions  How is your day-to-day operations for faculty, staff, and students going to be affected?  How is the system slow – down and glitches now communicated between departments?  What is your process for reporting? Who is responsible for reporting? Who do they report to?

27 Module 2 At this time everything has increased in severity. All departments in the facility are now having computer issues & all research areas are getting abnormal & inaccurate diagnostic test results. Blackboard is now experiencing major issues as well. IT is being bombarded with email and questions have come up as to how & when this will be resolved. At this time the decision has been made to shut the computer system down.

28 Module 2 Questions  What policies/procedures are in place to allow students to continue coursework or get extensions from faculty?  If downtime procedures are used, what are the issues involved?  What are departments doing now with personnel?  Have any legal/liability issues surfaced?

29 Module 3  Social media has picked up on the event & numerous tweets have been going out. Most are negative about the handling of the event.  TV channels are contacting the PIO for interviews as well as the written news departments from the area & surrounding counties. Talk show hosts are getting people to call in – their comments have not been accurate on the handling of the issue.

30 Module 3 Questions  What is your organization’s internal social media policy?  What is the role of your PIO at this time?  What is your facility’s procedure for handling news media personnel?  What legal/liability issues can UNMC anticipate?  What is your Business Continuity Plan & what issues do you anticipate?

31 Hotwash

32 Evaluation

33 Final Comments  Thank You for your attendance and participation!  Please leave your evaluation forms with the exercise design team.  Have a great day!!

Download ppt "UNMC Cyber Exercise Tabletop Exercise April 13, 2016."

Similar presentations

SITUATION RESPONSE FLOW CHART SUPERVISORS’S ACTIONS SITUATION OCCURS Direct observation, complainant reports, third party reports Document initial knowledge.

SITUATION RESPONSE FLOW CHART SUPERVISORS’S ACTIONS SITUATION OCCURS Direct observation, complainant reports, third party reports Document initial knowledge.
Tabletop Exercise Meningitis Outbreak

Tabletop Exercise Meningitis Outbreak
EMERGENCY LEGAL PREPAREDNESS EXERCISE BILL SCHUETTE ATTORNEY GENERAL STATE OF MICHIGAN.

EMERGENCY LEGAL PREPAREDNESS EXERCISE BILL SCHUETTE ATTORNEY GENERAL STATE OF MICHIGAN.
Florida State University New Faculty Orientation Presented by: Vicki Dobiyanski, Dean of Students David L. Perry, FSUPD Assistant Vice President & Chief.

Florida State University New Faculty Orientation Presented by: Vicki Dobiyanski, Dean of Students David L. Perry, FSUPD Assistant Vice President & Chief.
[Exercise Name] Full Scale Exercise Player Briefing [Location] [Date] [Logo Here]

[Exercise Name] Full Scale Exercise Player Briefing [Location] [Date] [Logo Here]
Training for Medication Assistants Module One What is delegation? What is Medication Assistant Training?

Training for Medication Assistants Module One What is delegation? What is Medication Assistant Training?
1 Crisis Management and Communication Dr. Joy Smith and Ms. Robin Denny.

1 Crisis Management and Communication Dr. Joy Smith and Ms. Robin Denny.
Emergency Management Assistance Compact Public Health and Medical Tabletop Exercise Introduction.

Emergency Management Assistance Compact Public Health and Medical Tabletop Exercise Introduction.
“Operation Pine Cone” Pierce County Auditor’s Office Tabletop Earthquake Exercise June 1, 2012.

“Operation Pine Cone” Pierce County Auditor’s Office Tabletop Earthquake Exercise June 1, 2012.
Strategic Communications Training Crisis Communications X State MDA 1.

Strategic Communications Training Crisis Communications X State MDA 1.
1 March 22, 2016 UMass System-Wide Active Threat Tabletop Exercise April 20, 2016 F&A Meeting Anne-Marie McLaughlin.

1 March 22, 2016 UMass System-Wide Active Threat Tabletop Exercise April 20, 2016 F&A Meeting Anne-Marie McLaughlin.
DaSy Conference Data Breach Exercise August 2016 [Logo]

DaSy Conference Data Breach Exercise August 2016 [Logo]
Refuah Community Health Collaborative (RCHC) PPS

Refuah Community Health Collaborative (RCHC) PPS
Strategic Program Subgroup Meeting December 8, 2016

Strategic Program Subgroup Meeting December 8, 2016
OEISD Employee handbook

OEISD Employee handbook
Reduced Workforce Tabletop Exercise [facilitator/moderator name]

Reduced Workforce Tabletop Exercise [facilitator/moderator name]
XYZ Port Facility Maritime Security Exercise

XYZ Port Facility Maritime Security Exercise
Threat Assessment Team Florida State University

Threat Assessment Team Florida State University
XYZ Port Facility Maritime Security Exercise

XYZ Port Facility Maritime Security Exercise
XYZ Port Facility Maritime Security Drill

XYZ Port Facility Maritime Security Drill

Similar presentations

Ads by Google