Presentation is loading. Please wait.

Presentation is loading. Please wait.

Password District Data Breach Exercise [District Name] [Date] [Logo]

Published byBernice Johnston Modified over 9 years ago

Similar presentations

Presentation on theme: "Password District Data Breach Exercise [District Name] [Date] [Logo]"— Presentation transcript:

1

2 Password District Data Breach Exercise [District Name] [Date] [Logo]

3 Presenter Name Organization & Contact Info 2

4 Password District Data Breach Exercise Table top exercise that simulates a data breach within a complex organization. Intended to put you in the shoes of critical decision makers who have just experienced a data breach. 3

5 Password District Data Breach Exercise You will be divided into teams to react and respond to the scenario. Over time, the scenario will be more fully revealed and you will discover more about what happened. 4

6 Be Prepared for the Unexpected! 5

7 Suggestions Think about each of the roles needed in your organization (e.g., public information officer, data system leadership, attorney, auditors, etc.). The full extent or impact of a data breach is rarely known up front. Do your best to anticipate what might happen, but don’t get ahead of yourself. 6

8 Password District Data Breach Exercise Each team will develop two key products: 1.Public and Internal Communications/ Messaging – Develop the message(s) you will deliver to your staff, students, parents, the media, and the public. 7 During the event, you will be asked to participate in press conferences about the scenario. Be prepared to respond to members of the media about what is happening and how your organization is responding.

9 Password District Data Breach Exercise (cont.) 2.Response Plan – Outline how your agency will approach the scenario and what resources you will mobilize. Describe who will compose your response team. Identify goals and a timeline for your response. 8

10 Background Your school district has [insert desired number] students. Your district provides centralized IT services and support for K12 schools as well as access to a centrally managed Student Information System (SIS). 9

11 Background (cont.) The new SIS allows administrators, faculty, and other users to log in through the browser and upload grades, attendance data, and assessment data. The new system has only been implemented in a few test locations in the district. 10

12 Scenario Yesterday, a teacher [personalize for your district] notified the district IT manager that some course grades have been changed in the system. All the students in one course had their grades changed to reflect much better scores than they actually earned. 11

13 Scenario Initial investigation shows that someone logged on using the teacher’s login information and manually changed the grades. Additionally, the logs indicate that several reports were also downloaded from other systems, including some that contained private information (like SSN) about the school’s employees. 12

14 Password District Data Breach Exercise 1.Gather with your team. 2.Go over the scenario carefully. What do you know? What don’t you know? 3.Begin building your response. Elect a team member to take notes. 13

15 Password Data Breach Exercise (cont.) 4.During the scenario, you will receive additional information about the breach. Read each of these updates as the scenario unfolds. 5.We will occasionally pause to discuss where we are, and eventually give a press statement. 14 This exercise works best if approached as a “murder mystery” game. The more you synthesize the information and role play, the more useful the exercise becomes.

16 Questions? 15

17 Password District Data Breach Exercise 16 10 Minutes

18 Where Are We? Have you begun to build a response plan? Can you make any concrete conclusions? Does the fact that the breach includes SSNs change the way you respond? 17

19 Scenario Update Logs indicate that the login occurred from the school’s Wi-Fi network after school hours. 18

20 Scenario Update Logs indicate that the login occurred from the school’s Wi-Fi network after school hours. Reports have surfaced about students offering to change additional grades for money. No names have yet been revealed. 19

21 Password District Data Breach Exercise 20 End 10 Minutes

22 Where Are We? Has the updated information changed your approach to the scenario? Think about what controls you could put in place to avoid a scenario like this. 21

23 Scenario Update Two juniors are rumored to be the culprits. 22

24 Scenario Update Two juniors are rumored to be the culprits. When questioned, they admit that they located a sticky note with a teacher’s username and password, which they used to log in to change the grades. 23

25 Scenario Update Students said that they also accessed some other school systems, including a database of employees that listed names, addresses, SSNs, employee ID numbers, etc. 24

26 Password District Data Breach Exercise 25 10 Minutes

27 Where Are We? How has the updated information changed your approach to the scenario? What other information would be useful? 26

28 Scenario Update The data the students accessed contain personal information for [insert number] students and [insert number] employees. Some of the staff’s personal data have been published to the students’ Facebook pages. News of the breach has leaked out. You are receiving calls from parents asking if their child’s data were accessed and their grades changed. 27

29 Press Conference The news of the breach is out and you must brief the press and the community. Your spokesperson will give a brief press conference to address the issue and take questions. In the audience are reporters from local and national media, as well as parents, privacy advocates, and activists. 28

30 Password District Data Breach Exercise 29 10 Minutes

31 Where Are We? How did it go? Was your message received well? 30

32 Develop Incident Response Plan Use your notes from the scenario discussion. Identify an incident response team (e.g., CIO, Data Coordinator, IT Manager, legal counsel). Outline the steps to identify the source of the breach, catalog the data affected, and identify how it occurred. Should you involve law enforcement? When? What legal requirements exist? What preventative corrective actions should you implement? 31

33 Password District Data Breach Exercise 32 10 Minutes

34 Unveil Your Response Plan Take us through your response plan. Include the who, what, when, and how of your activities. What were the driving factors in your decision- making process? Did your plan evolve as the scenario became more clear? How? How should you prepare to enable a prompt reaction to a potential breach? 33

35 Wrap-up Lessons learned from press conference. Incident Response Plans – what might work for us? What have you learned? Will it affect your behavior? How could this exercise be more useful to you? 34

Download ppt "Password District Data Breach Exercise [District Name] [Date] [Logo]"

Similar presentations

After Action Report & Improvement Plan (AAR/IP) Elizabeth Jane Tangwall Office of Emergency Preparedness.

After Action Report & Improvement Plan (AAR/IP) Elizabeth Jane Tangwall Office of Emergency Preparedness.
TRUMANSBURG CENTRAL SCHOOL DISTRICT SUPERINTENDENT’S ENTRY PLAN

TRUMANSBURG CENTRAL SCHOOL DISTRICT SUPERINTENDENT’S ENTRY PLAN
Master Scenario Events List (MSEL) Conference DATE

Master Scenario Events List (MSEL) Conference DATE
Crisis Communications for Security Issues: A Nightmare You Can Manage Marilu Goodyear Donna Liss Allison Rose Lopez Jenny Mehmedovic The University of.

Crisis Communications for Security Issues: A Nightmare You Can Manage Marilu Goodyear Donna Liss Allison Rose Lopez Jenny Mehmedovic The University of.
Session 2.3: Skills for Supportive Supervision

Session 2.3: Skills for Supportive Supervision
Semonti Basu PBS Technical Assistance Facilitator Grace Martino-Brewster PBS Specialist Austin Independent School District Connecting Data Dots Using data-based.

Semonti Basu PBS Technical Assistance Facilitator Grace Martino-Brewster PBS Specialist Austin Independent School District Connecting Data Dots Using data-based.
Marketing Webinar 1 Welcome!. Crisis Preparation 2.

Marketing Webinar 1 Welcome!. Crisis Preparation 2.
{ Preparing Your Bomb Squad “By the time you hear the thunder, it’s too late to build the ark.” ~ Anonymous An Introduction to Crisis Planning.

{ Preparing Your Bomb Squad “By the time you hear the thunder, it’s too late to build the ark.” ~ Anonymous An Introduction to Crisis Planning.
Data Breach Notification Toolkit Mary Ann Blair Director of Information Security Carnegie Mellon University September 2005 CSG Sponsored by the EDUCAUSE.

Data Breach Notification Toolkit Mary Ann Blair Director of Information Security Carnegie Mellon University September 2005 CSG Sponsored by the EDUCAUSE.
The Massachusetts Model System for Educator Evaluation Training Module 5: Gathering Evidence August 2012 1.

The Massachusetts Model System for Educator Evaluation Training Module 5: Gathering Evidence August
1 CFSR STATEWIDE ASSESSMENT LESSONS LEARNED (State) CFSR Kick Off (Date)

1 CFSR STATEWIDE ASSESSMENT LESSONS LEARNED (State) CFSR Kick Off (Date)
The general structure of the facilitation notes will be:

The general structure of the facilitation notes will be:
Presented by Michelle Scharf, Transfer Center Director.

Presented by Michelle Scharf, Transfer Center Director.
Student Assessment Inventory for School Districts Inventory Planning Training.

Student Assessment Inventory for School Districts Inventory Planning Training.
Business Continuity Check List PageOne. - Why Does Your Business Need A Continuity Checklist? Should the unexpected occur, your business will be able.

Business Continuity Check List PageOne. - Why Does Your Business Need A Continuity Checklist? Should the unexpected occur, your business will be able.
EPR-Public Communications L-05

EPR-Public Communications L-05
Presented by Margaret Shandorf

Presented by Margaret Shandorf
Washington State Teacher and Principal Evaluation Project Preparing and Applying Formative Multiple Measures of Performance Conducting High-Quality Self-Assessments.

Washington State Teacher and Principal Evaluation Project Preparing and Applying Formative Multiple Measures of Performance Conducting High-Quality Self-Assessments.
Involving Parents 1. DeAnn Lechtenberger — Principle Investigator Nora Griffin-Shirley — Project Coordinator Doug Hamman — Project Evaluator Tonya Hettler—Business.

Involving Parents 1. DeAnn Lechtenberger — Principle Investigator Nora Griffin-Shirley — Project Coordinator Doug Hamman — Project Evaluator Tonya Hettler—Business.
Preventing and Managing a Crisis. Overview This session will cover how to: Develop a crisis communications plan Prevent crises Prepare for crises Implement.

Preventing and Managing a Crisis. Overview This session will cover how to: Develop a crisis communications plan Prevent crises Prepare for crises Implement.

Similar presentations

Ads by Google