Managing Customer Communications in a Cybersecurity
Transcription
Managing Customer Communications in a Cybersecurity
Managing Customer Communications in a Cybersecurity Crisis March 2, 2016 Nicole Miller, WE Communications Senior Vice President, Cybersecurity & Issues Management Conflict of Interest Nicole Miller Has no real or apparent conflicts of interest to report. Agenda • • • • Introduction The Media News Cycle Creating a Playbook Questions Learning Objectives Construct a cybersecurity incident response playbook Identify how to engage cybersecurity media to better influence positive outcomes Prepare for a cybersecurity breach by developing a communications plan Distinguish where your organization is at in the cybersecurity news cycle and execute your plan accordingly Distinguish your technical, legal and executive platforms so you can properly activate them STEPS: Electronic Secure Data Attacks & Media Coverage 10-fold increase in cybersecurity-focused stories in the last four years Perception 12% decrease in customer trust after a breach Two-factor authentication oversight led to JPMorgan breach, inve Hackers Break Into Server for Obamacare ‘Cyber Caliphate’ hacks Malaysia Airlines website S attacks at random IP addresses JPMorgan Chase due to miss Health insurer Anthem hithack by ha Flash Patch Targets Zero-Day Exploit Microsoft Fixes Dangerous Sandworm Zero-Days Used in APT Thieves ATMs With ‘Black Attack Anthem of Box’ E-mail Scam InAttacks Wake Of Data Bre Hackers Steal Up To $1Jackpot BillionWarns From Banks se Hackers Hijack Forbes Website to Spread Malware: Report tor authentication oversight ledSony to JPMorgan breach, investigators reportedly found Researcher blames vulnerable code re-use for zero-day in Help Android’s HackersOracle Reportedly Used A169 Zero Day Vulnerability How PCI DSS 3.0 Can S issues critical patch update: new security fixes JPMorgan Chase hack due to missing 2-factor authentication on one server Health insurer Anthem hit by hackers, up to 80 million rec XSS Vulnerability in s iCloud Passwords JPMorgan Hack Exposed Data of 83 Million, Among Biggest Breaches in His ‘Cyber Caliphate’ hacks Malaysia Airlines website Chinese Hackers Hijack Forbes Website to Spread Malware 19,000 French websites hit by DDoS, defaced in wake of terror attack tch Zero-Day ThievesTargets Jackpot ATMs With ‘Black Box’ Attack Exploit se cannon admits DDoSing social services and housing websites Al Jazeera Wrests Back Its Web Si Anarchist hackers start cyber war with IS lames vulnerable code re-use for zero-day in Android’s CyanogenMod Apple Blocks Tool That Brute-forces iCloud Passwords ackers Reportedly Used A Zero Day Vulnerability How PCI DSS 3.0 Can Help Stop Data Breaches Oracle issues critical patch update: 169 new security fixes Bugzilla zero-day can reveal zero-day vulnerabilities in top open-source projects 19,000 Fr patch update: 169 new security fixes tgan Fixes Dangerous Sandworm Zero-Days Used in APT Attacks XSS Vulnerability in IE could lead to phishing attacks Hackers Steal Up To $1Data Billion From Banks Anthem Warns of E-mail Scam In Wake Of Breach Newsweek Twitter account hacked by ‘CyberCaliphate’ Anonymous loose cannon admits DDoSing Hack Exposed Data of 83 Million, Among Biggest Breaches in History XSS Vulnerability in IE could lead to phishing attacksvulnerabilities Day Vulnerability Bugzilla zero-day can reveal zero-day in topAirlines open-s issues critical patch update: 169 new security fixes ‘Cyber Caliphate’ hacks Malaysia website nother Flash Patch Fixes Zero-Day Flaw k Into Server for Obamacare Website: U.S. Of Jobs’s revenge: Flash piles up the zero-day e Chinese Hackers Forbes Website to Spread Malware: Report4.found ion oversight led to JPMorgan breach, investigators reportedly HackHijack of Community Health Systems Affects Million Patients Anonymous targets ISIS social media, recruitment drives Flaw in MacBookH E Uses Forbes.comWrests As Watering Hole Al Jazeera Back Its Web Sites From Pro-Assad JPMorgan Chase hack due to missing 2-factor authentication on one server alth insurer hit by hackers, up to 80 million records expo o-day can reveal zero-day vulnerabilities in top open-source projects Apple BlocksAnthem Tool That Brute-forces iCloud Passwords Newsweek Twitter acc Carbanak Hackers Target Banksvia19,000 in $1bn Attack Campaign BankFrom Hackers Steal Millions Malware ail ticalScams “Ghost”Back allowing code execution affects mostMalaysia Linux systems French websites hit by DDoS, Hackers defaced in wake oflinked terror attack to spy too ‘Cyber Caliphate’ hacks Airlines website ests Its Web Sites Pro-Assad Infamous Regin malware ero-Day Exploit ‘Black Box’ Attack Anonymous loose cannon admits DDoSing social services and housing web Chinese Hacking Group Team Uses Forbes.com As Waterin Major Data Breach at Staples Stems FromCodoso POS ble code re-use zero-day in Help Android’s CyanogenMod lash piles up the exploits Cybersecurity concerns fuel M y Used A Zero Day for Vulnerability w PCI DSS 3.0 Can Stop Data Breaches FBI:zero-day Businesses $215M Email boot Scams Flaw in Lost MacBook EFIto allows ROM malware Community Health Systems Affects 4. Million Patients Anonymous targets ISIS social media, recruitment drives in #OpISIS campaign Yet Another Flash erbolt devices can infect MacBooks with p Staples confirms 1.2 million cards lost in breach Java Patch Plugs 19 Se nymous loose cannon admits DDoSing social services and housing websites Yet Another Flash Patch Fixes Zer Dutch Government Website Outage Caused by C wall of China blasts DDoS attacks at random IP addresses es up the zero-day exploits Anarchist hackers start cy an infect MacBooks with persistent rootkits Microsoft Fixes Dangerous Sandworm Zero-D sconfirms in $1bn Attack Campaign million cards lost in breach Infamous1.2 Regin malware linked to spy toolshacking used by NSA, Fivesteal Eyes intelligence Carbanak group $1 billion from banks Highly critical “Ghost” allowing code execution affects most patch update: 169 new security fixes XSS Vulnerability in IE toFrom phishing attacks Hackers Steal Uplead To $1 Billion Banks Newsweek Twitter account hacked by ‘CyberCaliphate’ Target Banks in $1bnBiggest Attack Campaign dsBank Data of 83 Among Breaches in History Hackers StealMillion, Millions via Malware Great Firewall ofcould China blasts DDoS attacks at random IP aM Infamous Regin malware linked to spy tools used by NSA, Five Eyes intelligence Chinese Hackers Hijack Forbes Website to Spread Malware: Report acking Group Codoso Team Uses Forbes.com As Watering Hole ishing Cybersecurity concerns fuel MSSPs, managed security market cks Tool ThatScams Brute-forces iCloud Passwords Businesses Lost $215M toHighly Email criticalScams “Ghost” allowing most Linux 19,000code Frenchexecution websites hitaffects by DDoS, defaced in systems wake of terror attack Major Data Breach at Staples Stems From POS Hacked Hotel Phones Fueled tems Affects 4. Million Patients Anonymous targets ISIS social media, recruitment drives in #OpISIS campaign Bank Phishing Scams Flaw in MacBook EFI allows boot ROM malware Newsweek Twitter account hacked by ‘CyberCaliphate’ ia Malware Codoso Team Uses Forbes.com AsOutage WateringCaused Hole Dutch Government Website by Cyber Attack Hotel Phones Fueled Bank Phishing Scams Cybersecurity concerns fuel MSSPs, managed security market $215M toHighly Email criticalScams “Ghost” allowing code execution affects most Linux systems va Patch Plugs 19 Website: Security to Server for Obamacare U.S.Holes Officia Anarchist hackers start cyber war with ISIS Sony hackers exploited a zero-d Microsoft Fixes Dangerous Sandworm Zero-Days Used in APT Attacks Yet Another Flash Patch Fixes Zero-Day atch Plugs 19 hackers Security Holes Anarchist start cyber war with ISIS Major Data Breach at Staples Stems From POS aanak blasts DDoS attacks at random IP addresses hacking group steal $1 billion from banks worldwide Microsoft Fixes Dangerous Sandworm Zero-Days Used in APT Attacks vernment Website Outage Caused by Cyber Attack otel Phones Fueled Bank Phishing Scams Today’s Cybersecurity News Cycle TECHNOLOGY BUSINESS CONSUMER POLICY Key insights Tips and tricks News doesn’t wait for chain of command – time is critical Centralized communications You likely don’t have all the information others on the outside do Although lacking information, you still need to communicate. If you don’t insert your message here, credibility is hard to get back. Deep technical situational awareness Manage internal information flow Spokesperson identification 32% More negative coverage when a company is not quoted in articles about their own security event. -3.00 -2.00 -1.00 Coverage Sentiment DISMISSIVE 0.00 Key insights Tips and tricks No participation = 32% lower sentiment Trust the maturity of your audience Use a spokesperson = 40% more shares Focus on technical messages and deliver credible attribution Attribution is the best message you can deliver Maintain landscape awareness – refresh browser often! Prepare to manage multiple audiences VENDOR Ryan Naraine Kaspersky Labs David DeWalt FireEye CORPORATE Feng Xue David Litchfield RESEARCHER Wolfgang Kandek Qualys Dan Kaminsky Whiteops GOVERNMENT Andy Ozment Department of Homeland Security (DHS) Timothy Wallach Federal Bureau of Investigation (FBI) Key insights Tips and tricks Analysis phase is the longest and skews most negative for you Stay invested in the cycle Security experts and industry of fear drops sentiment by 11% Don’t spin but find experts to support you and provide balance Have a proportional response Expert opinion = 200% more shares Key insights Tips and tricks News needs to have an ending Be bold about taking care of your customers Resolution = most positive Customers need closure long after the media have moved on Fight the instinct to close the door on the crisis Assist law enforcement to find attackers Key insights Tips and tricks Stories never die, they just go to sleep Reiterate your resolution story Tell the ending of your own story. If not, long tail coverage will focus on what broke, not how you fixed it When dictated by circumstances, take leadership Remind your customers that you are better than before Today’s Cybersecurity News Cycle We are often faced with the choice of whether we parachute in a number of reporters to cover a breach like we did with . A company’s initial response helps to determine the route we take.” STEPS: Electronic Secure Data Attacks & Media Coverage 10-fold increase in cybersecurity-focused stories in the last four years Perception 12% decrease in customer trust after a breach Thank you. Nicole Miller [email protected] @nicolecmiller