WEBINAR

WEBINAR

Slide 3

Agenda

• Introductions

• Who Are We

• 2014: Year of the Breach

• Going Viral

• Facing the Crisis

• Questions

Slide 4

Introductions

• Ted Julian, CMO, Co3 Systems

• Melanie Dougherty Thomas, Managing Director, Inform

Slide 5

About Co3 – Incident Response Management

MITIGATE

Document Results &

Improve Performance

• Generate reports for management,

auditors, and authorities

• Conduct post-mortem

• Update SOPs

• Track evidence

• Evaluate historical performance

• Educate the organization

ASSESS

Identify and Evaluate Incidents

• Assign appropriate team members

• Evaluate precursors and indicators

• Correlate threat intelligence

• Track incidents, maintain logbook

• Prioritize activities based on criticality

• Generate assessment summaries

PREPARE

Improve Organizational Readiness

• Appoint team members

• Fine-tune response SOPs

• Escalate from existing systems

• Run simulations (firedrills / table tops)

MANAGE

Contain, Eradicate, and

Recover

• Generate real-time IR plan

• Coordinate team response

• Choose appropriate containment strategy

• Isolate and remediate cause

• Instruct evidence gathering and handling

• Log evidence

Slide 6

About Inform

• INFORM is a leader in Integrated Communications (IC).

• Inform provides high-level strategy and execution incorporating public relations, marketing, innovative digital and graphic design, video production, ad placement, social and new media deployment, and crisis management to meet your goals.

• The principles of the firm are leaders in the industry, with nearly 20 years experience working in the communications field. They have been employed by Fortune 500 companies, been at the start-up table with new ventures, and worked for agencies both large and small.

Slide 7

2014: The Year of the Breach

“There are two kinds of companies in

America: those who’ve been breached and

those who don’t know they’ve been

breached.”

FBI Director James Comey

60 Minutes Interview

October 5, 2014

POLL

Slide 9

Attack of the Titans

• 43% of all companies in America have experienced a data breach, USA Today, 9/24/14

• 80% of breaches root cause is employee negligence, USA Today, 9/24/14

• 31.4 million people have had their protected health information compromised following a breach, HHS, 10/26/14

Slide 10

Going Viral: Why a Data Breach Takes Flight

• Record setting loss

• Sensitive community affected

• Competitive media market

• Concentration of affected parties

• Delay in notification

• Customer complaints unanswered

• Failure to respond to social media

• Ignoring the media

• Mixed messages

Slide 11

Case Study: A leading consumer brand breach blunder

1. Responding before a thorough assessment

2. Providing too much information too soon

3. Mixed messages=confusion

4. Retraction=uncertainty in messaging

5. Insensitivity to your market

6. Record-setting investment in brand rehabilitation

7. CIO & CEO lose positions, multiple class action suits in the $100M, breach cost over $150M to date

8. Board of Directors target of lawsuits

POLL

Slide 13

Facing the Crisis: 9 Steps to Crisis Communications Management – Active Incident

1. Internal planning happens before the crisis

2. Holding statement while forensics assessment is conducted

3. Coordination with crisis team

4. Social media monitoring begins

5. Public statement-thoughtful, showing earnest commitment to problem

6. Rapid notification/remediation, if required

7. Coordination across multiple communication mediums

8. Respond to every customer question in rapid fashion

9. Engage the press if approached

Slide 14

Collaboration is key

Risk &

Compliance

Legal-GC

& FirmForensics

Resolution

Provider

PR/

Crisis Communications

Client

POLL

Slide 16

The Path Forward: Specialist Required

Your Game Plan requires a crisis comms specialist who can stay abreast of industry, legal & regulatory developments, & the court of public opinion.

Issue

Advertising

Community Relations

Campaign

Slide 17

Takeaways

• You can’t market your way out of a crisis & brand damage

• Your in-house team is likely not equipped to handle breach or cybersecurity attack response (no matter how good they may be)

• Coordination & planning is key

• Make the CEO the spokesperson, not legal or PR

• Public statement~ thoughtful, showing earnest commitment to problem

• Regular crisis drills ensures response will be optimum

• Changing legal & regulatory landscape make data breach a priority for the C-suite & Board of Directors

• Media & consumer awareness is growing rapidly~ they’re informed & increasingly unforgiving

• Be prepared!

■

Slide 19

Upcoming Co3 Events

• You’ve Been Breached: How to Mitigate the Incident Jan. 21, 2015, 12-1 pm EST

– Featuring Ted Julian, CMO, Co3 Systems and Stephen Brennan, Global Technical Consulting Lead - Managing Partner, CSC

One Alewife Center, Suite 450

Cambridge, MA 02140

PHONE 617.206.3900

WWW.CO3SYS.COM

“Co3 Systems makes the process of planning for a

nightmare scenario as painless as possible,

making it an Editors’ Choice.”

PC MAGAZINE, EDITOR’S CHOICE

“One of the hottest products at RSA…”

NETWORK WORLD – FEBRUARY 2013

“Co3…defines what software packages for

privacy look like.”

GARTNER

“Platform is comprehensive, user friendly, and

very well designed.”

PONEMON INSTITUTE

Melanie Dougherty Thomas

Managing Director

Inform

http://informtheagency.com/

For a free consultation visit:

info.co3sys.com/free-consultation

Slide 21

“Co3 makes the process of planning for a nightmare scenario as painless as possible, making it an Editors’ Choice.”

– PC Magazine, Editor’s Choice

“Platform is comprehensive, user friendly, and very well designed.”

– Ponemon Institute

“One of the most important startups in security…”

– Business Insider

“One of the hottest products at RSA…”

– Network World

“...an invaluable weapon when responding to security incidents.”

– Government Computer News

“Co3 has done better than a home-run...it has knocked one out of the park.”

– SC Magazine

Most Innovative Product