Cyber Resilience - Can your organization deliver after a cyber event crisis?
Take your mark. Get set… and go. What do you do if your organization is faced with a crisis, do you have the necessary steps and procedures to recover from a cyber attack?
91% of APT (Advanced Persistent Threats) begin with spear phishing emails. Cyber criminals increasingly target employees within an organization who have administrative rights and access to critical systems. Successfully phishing these individuals could give them the ‘key’ to breaching security in further attacks.
This webinar will cover five domains to assist the organization to maintain a framework with the ability to deliver the outcomes consistently at all times. These domains focus on preventative, detective and reactive controls within the organization, and form part of the process of having the ability to recover in the event of a crisis.
These five domains will follow the process of identifying, protecting, detecting, responding and recovering, giving a holistic view of the full cycle of infrastructure resilience.
RecordedMay 17 201745 mins
Your place is confirmed, we'll send you email reminders
The world has moved in the last 100 years from the first flight into the sky to flights to Mars; there is complete digital control over our lives. Control is by the person or entity who has retrievable custody of our data which can be misused for gains and / or to harm us. What was most prevalent form of societal intimacy during our childhood in 1960s and 1970s, that everything was known about everyone in a neighbourhood; we have come a long way. We are at a stage where we ask - why do you need to know about me? If there is a need with an agreed upon purpose, only sufficient data is provided which satisfies the need with a caveat that the data would not be used for any other purpose.
European Union (EU) has done a commendable job 2 decades back — to protect its citizens from prying eyes, whether harmful or not — through replace the 1995 Data Protection Directive. In parallel, government of India also took commendable steps in this direction through InfoTech Act 2000, which was amended in 2008 with additional safeguards. Though India InfoTech Act is a general purpose all-compassing act, it has sections to protect data privacy strengthened further in 2011. However, both EU GDPR and India InfoTech Act can leverage each other for mutual benefits.
In this Webinar, Pradeep will share various aspects of GDPR and the diversified thoughts looking GDPR as a threat or an opportunity.
Immediately improve your scenarios with a recognized methodology that engages players and reduces the time and effort to create them.
In this webinar, Robert Pratten, transmedia storyteller and CEO of Conducttr explains:
•How to overcome writer’s block and dive right in!
•How to write scenarios that get players excited and achieve learning goals
•How to reduce the time & effort it takes to go from need to finished exercise.
The approach discussed focuses on crisis simulations for tabletop and live exercises.
Robert Pratten is a thought-leader in transmedia storytelling and author of the popular university textbook Getting Started in Transmedia Storytelling: A Practical Guide for Beginners.
His client list includes the UK MoD, the Foreign & Commonwealth Office, VISA, World Bank, Kodansha, Al Jazeera, C-Net Training and Pepsico. He can be found online as @robpratten
Mohan Menon, FBCI, CBCI Consulting Director, Resilient Business Solutions Sdn. Bhd. Chair, Malaysian Forum of the Business
This webinar will introduce participants to the BCI Good Practice Guidelines 2018 Edition, which is the leading global guidance for business continuity and resilience professionals since it was first issued in 2001. Key Objectives: 1.Introducing the Business Continuity Management (BCM) lifecycle that provides a framework to structure the approach to business continuity. 2. An overview of the six professional practices within the BCM lifecycle 3. A review of key changes between the GPG 2013 and the new GPG 2018 Edition. 4. An overview of the BCI CBCI Certification Course based on the GPG 2018 Edition. Who is the webinar for? This webinar is relevant to anyone with a business continuity and resilience related role, which can include, but is not limited to, those working in risk management, information security, physical security, emergency management, facilities management, health and safety, communications and human resources.
Andrew Carvell, One Voice, Yngve Mo, One Voice, and Gianluca Riglietti, BCI
Join BCI partner One Voice to hear how in collaboration with the Norwegian Government, they created the world’s first integrated national incident and crisis management system, using the industry leading software, CIM. Representatives from the London and Norwegian offices will explain how a variety of software modules are used to help coordinate the response to major events from the top to the bottom of the government structure.
BCI partner Everbridge presents the webinar "How to avoid sending false alarms"
The ballistic missile False Alarm alert that occurred in Hawaii recently has underscored the critical role that these systems play in keeping the public informed. To help you understand the risks, we have organized a team of experts who will host a webinar today outlining best practices to help you avoid this type of incident.
The incident had lead many organisations to ask:
•Could a false alarm happen to us?
•What precautions should I take?
Businesses are increasingly becoming more reliant on third parties for critical products and services. The factors are multi-fold : increased customer demand, time criticality, stringent service levels, evolving regulatory landscapes, technological advancements, mergers and acquisitions, diversification of risks, etc. With increasing dependencies on third parties, organizations become susceptible to major service disruptions owing to lack of supplier resilience; thus, running into risks such as loss of revenues, regulatory breaches, service level misses and eventually, loss of customer confidence. Supply Chain Resiliency is the key to sustained business model and must be integrated within the resilience or business continuity framework of organizations.
This session will reflect upon a few key trends, levers, risks, regulatory requirements and overview of building third party business continuity assessment process.
Marie-Hélène Primeau, CPA, CA, MBCI, ISO 22301 Lead Auditor – Vice President, Premier Continuum
This webinar will introduce participants to the BCI Good Practice Guidelines 2018 Edition, which is the leading global guidance for business continuity and resilience professionals since it was first issued in 2001.
1.Introducing the Business Continuity Management (BCM) lifecycle that provides a framework to structure the approach to business continuity.
2. An overview of the six professional practices within the BCM lifecycle
3. A review of key changes between the GPG 2013 and the new GPG 2018 Edition.
4. An overview of the BCI CBCI Certification Course based on the GPG 2018 Edition.
Who is the webinar for?
This webinar is relevant to anyone with a business continuity and resilience related role, which can include, but is not limited to, those working in risk management, information security, physical security, emergency management, facilities management, health and safety, communications and human resources.
John DiMaria AMBCI, BSI’s new Global Product Champion & Gianluca Riglietti CBCI BCI Research & Insight Manager
Discover the results of the Horizon Scan report 2018. This live webinar is your opportunity to discover the results.
Join BSI Global Product Champion, John DiMaria, and the BCI report author Gianluca Riglietti, who will reveal:
okey findings from the 2018 report
othe perceived short and long-term business threats
ohow continuity professionals prepare for disruptions
oour thoughts on the increasing importance and role of business continuity in developing a resilient organization
Plus you’ll have the opportunity to ask questions to the hosts and share your views on the report.
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). The session is an introduction to what are some of the key regulations that are being introduced.
Business Continuity Management in an international travel group: when holiday paradise turns into a disaster site.
Business Continuity Management (BCM) protects organizations from the impacts of business disruptions. Threats may originate from various origins and may hit an organization without their fault. Effective protection is achieved by following established methodologies such as the BCI Good Practice Guidelines and/or international standards – providing a predetermined level of operation during a crisis.
Within the tourism industry, much higher requirements prevail: on top of the classic requirement to protect the organization, it has the responsibility to care for the wellbeing of their travelling customers. The focus in on those travelers who already being on their journey. These requirements dictate that two intertwined projects need to be realized, significantly increasing the complexity of the BCM approach.
You cannot see in total light or total darkness; there will always be shades of grey. This webinar will explore the relationship between business continuity and organisational resilience by addressing key issues such as:
-At what level of authority and influence in the organisation (if any) is there oversight of all the resilience activities so that synergies can be exploited, unnecessary redundancies eliminated and duplication avoided?
-How and how often do the managers of these disciplines talk to each other about the combined contribution of their separate programmes that support organisational resilience?
-How is the personal resilience of individuals being developed so they will be able to perform their roles and responsibilities in the event of a disruption?
-What value does the validation phase (exercising and audit) add to resilience programmes?
This webinar will provide an overview of the business continuity life cycle and suggest the needs to integrate this capability with wider organisation resilience activities. This supports a cyclical and ongoing discipline consistent with our understanding of organisational resilience as an evolution, not a “fix”.
What does the future hold for the BCI?
Discover with David Thorp, Executive Director of the BCI, how the leading institute for business continuity and resilience plans to contribute towards shaping the future of the business continuity and resilience industry.
How will it widen its international network of professionals and organizations, and further develop thought leadership, research, and resources for the benefit of the business continuity and resilience community.
This webinar will allow you to ask the questions that are most important to you, and have a first look of the BCI’s upcoming changes.
One would think that catastrophic incidents of global proportions would cause organizations globally to exercise extra vigilance in ensuring that these events do not recur, particularly in their proverbial back yards!
Surprisingly, as we continue to analyze events which have caused untold damage and disruption to organizations, we have to ask ourselves; are they becoming less frequent and why do we seem to see history repeating itself?
The BCI Cyber Resilience Report is an analysis of cyber security incidents experienced by organizations across the world, and how they respond to them. These types of incidents are not rare occurrences with two-thirds of organizations experiencing at least one disruption during the previous year, while 15% report at least ten. Furthermore, one third of respondents report cumulative losses in excess of €50,000, while 13% put this figure in excess of €250,000.
Chris Rhodes (Senior Consultant, PlanB Consulting) and Gordon Brown (Senior Consultant, PlanB Consulting)
Chris and Gordon argue that a lasting tendency to focus on outdated or improbable threats, risks alienating millennials and may even de-value the BC profession in the future. Take, for example, loss of staff due to a winning lottery syndicate, or even the ever-prominent focus on loss of premises. Whilst we cannot rule out any eventuality, is this really the kind of subject matter that will excite prospective millennial BC professionals?
Talking from their own experience and looking at the 2017 BCI Horizon Scan Report, they discuss the current threat landscape, arguing that with growing digitalisation and increased cyber risks, never before has there been such exciting prospects for young people in BC.
This webinar will enter the current “BIA Controversy” with a description of what works….and what doesn’t.
I learned in 1991 what makes a BIA “not work” when my team and I had to deal with a BIA report that had covered all sites of a global firm.. Key characteristics: it took over 2 years to complete and had cost nearly half a million dollars, did not provide a basis for building a plan, and much of the information was out of date. So I made a few common-sense process changes that made all the difference in going forward to complete useful plans in a reasonable time-frame.
This session is about thinking and planning outside your own organization boundaries as well as inside.
I will use the ‘Great semolina disaster of Yarmouth’ as a case study, looking at what you might reasonably be expected to foresee, and why sharing plans is a good thing. I will also look at some case studies that changed the focus of regulators, who have become increasingly concerned about interdependencies between organizations.
I will then look at what needs to be done to make sure you are working in the right way with the right third parties.
This webinar discusses how to leverage auditing skills, particularly IT auditing, to improve BC and DR programs. We will discuss how to design BC/DR controls, examine and analyze them in existing BC/DR programs, and prepare work papers that summarize the audit results. One of the key components of the ISO BC and DR standards is reviewing and auditing BC management systems and DR programs to ensure they are compliant with standards and good practice. We will refer to ISO 22301:2012 and ISO 27031:2011, as well as the BCI’s Good Practice Guidelines, in the course of the presentation.
We live in a world of uncertainty. The BCI Horizon Scan Report 2017 provides clear confirmation that organisations are being disrupted and there are a range of threats that are of great concern.
Cyber-attack is the top concern and while considerable effort goes into reducing cyber threat, an actual attack is not a security issue.
This presentation will help you understand the difference between Business Continuity and Information Security and their role before and after an attack.
The BCI Horizon Scan has become a vital resource to those working in the fields of business continuity, risk or resilience, and as such it is getting a greater number of respondents from a wider range of countries and industries. The 2017 Horizon Scan Report showed that once again it was cyber attack that was the number one threat, with data breaches remaining in second place and network outages third. Adverse weather moved up three places to enter the top five along with security incident.
The Business Continuity Institute (BCI) is the world’s leading institute for business continuity. Established in 1994, the BCI has established itself as the leading membership and certifying organization for Business Continuity (BC) professionals worldwide. The BCI currently has over 8,000 members in more than 120 countries.