Information is both a risk and a critical resource when it comes to thinking about Business Continuity Management. A number of high profile data breaches have taken place recently that have hit the world’s media. They have occurred in many regions of the world and impacted millions of people. They involved public and private sector organisations and they resulted from accidents and losses as well as cyber attacks and security breaches. Less publicised and more numerous events seem to take place with regularity. They can involve information sources as diverse as hard copy files, electronic files, old hard discs, emails, text messages, x-rays, filing cabinets full of material and even the drives in photocopiers. In Europe organisations can be fined for such breaches and their names published on official websites, adding an additional cost of reputational damage to the pain felt. Also without accurate and up to date information it is nearly impossible to recover systems and processes quickly enough, something organisation and their customers have experienced in the recent past. Ask anyone in the UK and Ireland who couldn’t access their bank account a year or so ago how that impacted them and you will get an indication of the issue. These and other concerns surrounding the management of information related risks, including mitigation, and the use of information in recovery planning will be discussed at this webinar.
RecordedMay 27 201457 mins
Your place is confirmed, we'll send you email reminders
Privacy laws regulate the collection, storage and use of data by organisations in many countries globally. Following the proclamation of the Protection of Personal Information Act (POPI) Act into law in 2014, so too will these laws become applicable to South African organisations.
In this digital age, technology plays a pivotal role in shaping the way in which business is done. The objective of this topic is to explore the Cyber Security and Resilience requirements placed on organisations by privacy regulations, and the impact of Cyber Security and Resilience on Business Continuity.
This webinar will touch on the reliance placed on effective Information Security and Cyber Security solutions to ensure compliance, and explore how a breach or failure of Information Security Controls needs to be managed.
Cyber crime has been around for as long as we’ve been connected to the Internet, but in recent times, the criminals behind it are excelling in their creativity and ingenuity with consequences that are more damaging than ever before. Furthermore, the organisations that invest in cyber crime preparedness seem to forever be one step behind as they only get to guess what might be coming.
The price tags of these data thefts, DDoS attacks, ransoms to unblock operating systems, etc. are going through the roof. Therefore, when faced with a cyber crisis, it is critical to demonstrate strong leadership and communicate effectively with all stakeholders to avoid spiralling down to a reputation meltdown.
In today’s global village everyone is connected. The internet has brought billions of people together, allowing sharing of data, communication and commerce at a scale never imagined before. The value of the internet is clear for everyone to see. Unfortunately, the same internet also allows for cyber hackers and attackers to fight a new war, Cyber terrorism, theft of data and extortion. The attackers hide in plain sight. Working from homes or offices. Sometimes alone, often in syndicates. Even state sponsored cyber terrorism is on the increase.
Large cyber security companies such as firewall providers and anti-virus vendors are spending millions of US dollars in a constant battle to stay ahead of the cyber threat. Unfortunately, these measures are not always successful in preventing cyber-attacks from occurring as can be seen from recent attack against Primera Blue Cross.
The company, a health insurer based in Washington State, said up to 11 million customers could have been affected by a cyber attack last year. Hackers gained access to its computers on 5 May 2016 and the breach was not discovered until 29 Jan 2017. The breach probably exposed members' names, dates of birth, Social Security numbers, mailing and email addresses, phone numbers and bank account information. The company is currently working with the FBI and a cyber security firm to investigate.
So, given that no matter what you do to protect yourself against the cyber threat, you will probably be attacked or have already been attacked. You therefore need a plan B to allow your business to continue with crucial day-to-day activities after the event.
Cyber threats. Compliance. Ease of use. These are among the growing challenges to resiliency for all organizations, but they often are at odds with another. Clients and their customers are driving a need for ease of use, customization and empowerment, which can result in a more complex, at-risk infrastructure. How can organizations manage risk and compliance - maintaining expected transparency, accountability and interconnectedness amongst all of this complexity?
Join our discussion on the impacts of increased regulatory supervision and the effects of standards, using industry examples - and learn key strategies you can use today to manage resiliency across all levels of the enterprise to protect your business in the age of digitization and IT modernization.
Lyn Webb, Senior Manager, Regester Larkin by Deloitte
The first defence against cyber attacks is often to impose technical barriers, but how can an organisation’s culture help mitigate the cyber risk? This session will look at the cultural aspects of security, measuring cyber security culture and suggest how behaviour can make us more resilient.
There is a growing demand for organizations to extend their operations out of a secure, controlled domain into an unpredictable ecosystem, for reasons such as cost reduction, increases in productivity, profitability requirements and regulatory pressures, to name a few. This expansion into hybrid environments exposes businesses into unforeseen risks, requiring a more formidable capability relative to the resiliency measures that need to be in place. A strong cyber resiliency framework that includes a combination of security, business continuity and a resilient control system can help to mitigate disruptions of critical business functions and enable confidence across the entire enterprise in the event of a cyber breach.
In this webinar, you will learn tactical approaches for implementing cyber resilience, including evolving industry practices for enhanced cyber resiliency, benefits to be realized beyond mitigation of threats and risk reduction, and technological advancements that support successful cyber resiliency.
Charlotte Thompson, Senior Manager, and Charles Barlow, Manager, Regester Larkin by Deloitte
Business continuity planning has long helped organisations prepare for, respond to and recover from all types of disruption. Sophisticated and enduring cyber incidents, however, can challenge the planning assumptions many organisations rely on, including recovery time and recovery point objectives. This session will look at how organisations can go beyond traditional business continuity planning to enhance cyber incident readiness.
Take your mark. Get set… and go. What do you do if your organization is faced with a crisis, do you have the necessary steps and procedures to recover from a cyber attack?
91% of APT (Advanced Persistent Threats) begin with spear phishing emails. Cyber criminals increasingly target employees within an organization who have administrative rights and access to critical systems. Successfully phishing these individuals could give them the ‘key’ to breaching security in further attacks.
This webinar will cover five domains to assist the organization to maintain a framework with the ability to deliver the outcomes consistently at all times. These domains focus on preventative, detective and reactive controls within the organization, and form part of the process of having the ability to recover in the event of a crisis.
These five domains will follow the process of identifying, protecting, detecting, responding and recovering, giving a holistic view of the full cycle of infrastructure resilience.
Matt Thomas and Lee Glendon (Ultima Risk Management)
Today’s digitised value chains have a very high dependency on third parties. This exposure is not lost on potential attackers, who will invest resources in researching, identifying and selecting targets among value chain partners. It would be an uneven contest were firms not to take steps to understand these vulnerabilities and ‘value at risk’ themselves. This webinar will set out clear steps that can be taken to understand potential vulnerabilities among third parties and will introduce a lifecycle approach to support robust third party risk management from the start of the relationship through to exit.
Sonny Sehgal (Transputec) and Adam Blake (ThreatSpike Labs)
The greatest threat to the corporate security perimeter now comes not from the outside, but the inside. Social engineering threats such as phishing, malware and ransomware target the weakest link, the human factor. This webinar will expose the techniques of the hackers and offer advice on how these can be combatted to make your business more resilient in the face of the cyber threat.
Roberta Ramsden-Knowles, Director and Charlotte Thompson, Senior Manager, Regester Larkin by Deloitte
This session will focus on how organisations can build senior executive level readiness to respond and recover from sophisticated cyber incidents. It will provide an overview of the threat landscape and consider the differences cyber crises present for senior executives. Participants will learn about some of the challenges faced when responding to a cyber incident and how to overcome them by building readiness in people, structures, processes and plans.
Are you confident in your IT recovery program? In today’s hybrid IT environment, interconnected, mission-critical applications run across diverse platforms and geographies. The manual disaster recovery process traditionally followed, requires huge time, resource and efforts to scale up DR management for all critical IT assets. This leads to critical IT resources being excluded from DR programs. As per a recent survey, IBM found that 78% of enterprises face unacceptable risk for core enterprise IT resources.
With growing threat of cyber breaches, assured resiliency to support business objectives requires a new approach, including constant, intelligent monitoring and proactive action to achieve DR SLAs.
In this webinar you will learn how resiliency orchestration is transforming resiliency, explore the complexity of hybrid environments and the roadblocks behind DR and business continuity, and understand the benefits of Resiliency Orchestration and how it can enhance confidence in your cyber resilience program
Deepak Singh, President & CEO of Gorisco Solutions
Software Asset Management and compliance is gaining more importance day by day due to the outburst of Information technology and increasing dependency of businesses on IT. Many software licenses are purchased by IT or businesses out of necessity and then forgotten due to its intangible form. Even freeware and open source software are downloaded and used by employees. As Software Asset Management (SAM) involves a lot of complexities, an objective based implementation and management of software assets is very critical. This session will give more insights into SAM and recommended best practices to ensure businesses do not end up getting into legal issues and losing revenues due to ignorance and poor management of software assets.
What are the threats facing your organization? The Business Continuity Institute's annual Horizon Scan Report, in collaboration with BSI, outlines what the main threats are according to business continuity and resilience professionals worldwide, segmented by region, sector and size of organization. Read the report, and if you have questions or want a better understanding of what it means, then makes sure you tune into this webinar.
Owen Miles (Everbridge) & Patrick Alcantara DBCI (BCI)
The Business Continuity Institute (BCI) has just published its latest research project, The Emergency Communications Report. The annual report surveyed over 600 industry professionals, reviewing emergency communications and security incident response plans for organizations around the world. This year’s findings revealed that global businesses are increasingly aware that true business resiliency is a company-wide initiative that involves taking accountability for the safety of all staff—whether they are located in the office, at home or on the road. Respondents indicated that a diversity of departments, including business continuity, IT, security, facilities, HR and more had a stake in the management, planning and enforcement of their organization’s emergency communications plans, but that an opportunity exists to optimize these processes to account for a global, mobile workforce, as well as the increased complexity and frequency of critical events and physical security incidents.
Join Owen Miles, Managing Consultant from Everbridge, and Patrick Alcantara DBCI, Senior Research Associate at the BCI and the author of the report, for an engaging webinar that will discuss the research findings and share additional best practices for critical communications.
Despite many business and technology innovations, business frictions still exist. Key business frictions drive delays, costs and risks.
In this presentation, we examine the dimensions of business friction and attributes of blockchains that can break the status quo. Blockchains can vaporize business frictions, redefining the structure of future business networks and creating new opportunities for business transformation
As this transformation unfolds, three things will change: a new science of organizational management, the tightening of trust and a new nexus for value exchange will emerge
And finally, as companies seize the opportunity available to them, businesses can take few steps to best extract value from blockchains. And as the risk of doing business reduces, as the risk of formal financial reporting reduces, Business Continuity and Resilience is assured. Disaster Recovery becomes key to ensuring Blockchain delivers on its promise.
Join Veteran Commander Pradeep Prasad, Chairman of BCI Bengaluru Forum for an engaging webinar that will demystify Blockchain for the audience.
Nick Wildgoose and Tim Astley (Zurich Insurance Group)
In this session, Nick Wildgoose Global Supply Chain Product Leader and Tim Astley Regional Practice Leader Strategic Risk & Business Resilience will summarise the key points from the latest BCI Supply Chain Resilience Survey and talk about a number of key actions that can be taken improve the risk picture. These will include:
- How do you approach getting Executive support for a supply chain risk program
- The importance of having a comprehensive approach to supply chain risk management
- The increasing role of technology and big data in understanding supply chain risk
There has always been change in our profession. We originally started by implementing disaster recovery programmes. Soon after that, the businesses realized that the people aspect of recovery was needed as well. The results were the beginning of business continuity programmes. DR and BC have worked together almost two decades now with great success. We are now at a major transformation point again. Business continuity is now sharing more information and interacting more with security and compliance groups.
This session will go over what most of us already have in place, what we will need to add, and how all three groups interface together to provide a new resilience program for your environment. The goal of this session is to show the interactions between risk management, business continuity, security and compliance that form the components of a resilience programme.
Business continuity can be a high pressured role at times, with many decisions having to be made under that pressure. It is important to be able to manage it effectively and so ensure the right decision is taken, whatever the circumstances. In this webinar, Paul Breed MCBI presents a decision making model which includes:
Information - (Fact, Assumption, Gaps - urgency)
Threat and Risk Assessment - based on Identity, Capability, Intention
Development of a Working Strategy - that dovetails the Threat and Risk Assessment
Options - ideally from a predetermined tactical menu that reduces time critical decision making
Action - based on the agreed option together with contingencies
Review - constantly review the decision especially when new information comes to light
The frequency of cyber-attacks continues to increase at an unparalleled pace. By attacking the most vulnerable value chains of organizations, they result in information confidentiality & integrity breaches, discontinuity of business activities and huge damages. Once considered predominantly as a technological issue, the risks related to the information systems are now evaluated within the Enterprise Risk Management scope. On the other hand, traditionally, Business Continuity Management (BCM) is mostly treated as a domain separate from Information System Security Management (ISSM). With the rapid explosion of cyber threats, the alignment between BCM and ISSM is now becoming a must, in order to provide management with a holistic view and enabling them to implement organizations where the teams closely interact with each other.
It goes without saying that the organizational part of security and BCM is the key for a successful implementation, yet the information system (IS) part needs to also be addressed in an efficient way. Various standards and frameworks exist to help organizations implementing a BCM, but they lack a strong link with the governance, architecture and security of the IS. In this webinar we will introduce very briefly an innovative approach and describe the first steps for the linkage between the two worlds, enabling an efficient implementation of BC based on an architectured and secured IS.
The Business Continuity Institute (BCI) is the world’s leading institute for business continuity. Established in 1994, the BCI has established itself as the leading membership and certifying organization for Business Continuity (BC) professionals worldwide. The BCI currently has over 8,000 members in more than 120 countries.