deeper security, broader privacy - how firms use the latest co3 features to automate incident...
DESCRIPTION
We've recently added quite a few new features to the Co3 platform, both in the Security module and the Privacy module. Since some of you have asked us to review these, we decided to run a webinar that highlights the new capabilities. New Privacy Modules features: Co3 recently expanded its Privacy module to include breach notification requirements and guidelines from various countries in the EU. Adding the EU to our product was quite an interesting challenge for our team, primarily because of the difference in how Personally Identifiable Information is defined in Europe vs. the US, as well as the scope of applicability. New Security Module features: The Security module has also been upgraded with some great new features targeting the needs of both the security incident manager as well as the incident responder. Improvements include everything from CISO dashboards to threat intelligence correlation. This webinar will review the recent updates we've made to our product and show how firms are leveraging them to automate the breach response process. Features like these have helped Co3 customer USA Funds manage incidents in one tenth of the time that it took previously. Our featured speakers for this timely webinar will be: -Gant Redmon, Esq. CIPP/US, General Counsel, Co3 Systems -Allen Rogers, VP of Engineering, Co3 SystemsTRANSCRIPT
Deeper Security, Broader Privacy
How firms use the latest Co3 features to automate incident response
Page 2
Agenda
• Introductions
• Security module updates
• Privacy module updates
Page 3
Introductions: Today’s Speakers
• Ted Julian, Chief Marketing Officer
• Gant Redmon, Esq. CIPP/US, General Counsel, Co3 Systems
• Allen Rogers, VP Engineering
Page 4
IR opportunities / challenges
• Dramatically improve response times• “Socialize” IR workflow and collaboration• Ensure privacy breach compliance in a fraction of the time• Document best practices / IR procedure with a click• Establish buy-in with compelling reports / dashboards• Do more and do it better, with the team you already have• Replace static binder with actionable, repeatable platform
1 Gartner Security Summit, Keynote Address - June 20132 “Seven Habits of Highly Effective Incident Response Teams” - April 2013
“If you are going to invest in one thing, it should be incident response”
GARTNER – JUNE 2013
1
“You can’t afford ineffective incident response”
FORRESTER RESEARCH – APRIL 2013
2
Page 5
The complete process – based on E.R. standards
PREPARE
Improve Organizational Readiness• Appoint team members• Fine-tune response SOPs • Escalate from existing systems• Run simulations (firedrills / table
tops)
MITIGATE
Document Results & Improve Performance• Generate reports for management,
auditors, and authorities • Conduct post-mortem• Update SOPs• Track evidence• Evaluate historical performance• Educate the organization
ASSESS
Identify and Evaluate Incidents• Assign appropriate team members• Evaluate precursors and indicators• Correlate threat intelligence• Track incidents, maintain logbook• Prioritize activities based on criticality• Generate assessment summaries
MANAGE
Contain, Eradicate, and Recover• Generate real-time IR plan• Coordinate team response• Choose appropriate containment
strategy• Isolate and remediate cause• Instruct evidence gathering and
handling• Log evidence
Page 6
System overview
Dashboards and Reporting
SSAE-16 SOC2
certified hosting facility
Trouble Ticketing
SIM
Web Form
Entry Wizar
d
AutoAnalysis
IR - Engine
Threat Intel
Auto-Correlation
IT
Marketing
Legal/Compliance
HR
Trouble Ticketing
SIM
GRC
POLLIs updating your IR process a current priority?
SECURITY MODULE
New Features
Page 9
What’s New in Co3’s Security Module
• Incident Timeline and Milestones• Artifacts and Threat Intel integrations• Related incidents• Configurable Dashboards• System task overrides and task reordering• IP address limiting
Coming Soon• Configurable Reports• Chart Drill-downs
DEMO
Page 11
Coming Soon: Custom Reports
Page 12
Coming Soon: Chart Drill-Down
POLL
What aspect(s) of your IR process do you struggle with?
PRIVACY MODULE
New Features
Page 15
What’s New in Co3’s Privacy Module
• EU Jurisdictions• PII in the EU
Coming Soon• Asia-Pacific
Page 16
Jurisdiction: US & Canadian
• US• Federal (industry based) – HIPAA and GLB• State (residency based) – “doing business in”
• Canada• PIPEDA – national (though no notification obligation)• Provincial - (residency based)
Page 17
Jurisdiction: EU
• The EU generally looks at where the controller of information is based and where the information is being processed.
• Location based rather than industry or residency based• Comprehensive Notification: If you are a UK company
processing personal information in UK and you lose that info, you then have to notify everyone whose information went out the door. It doesn’t matter where they live.
Page 18
Jurisdiction: EU
• Not all EU countries have adopted the EU Privacy Directive (Directive 95/46/EC)
• Austria, Denmark, Germany, Ireland, Norway, Spain, and UK• Telcos are a different story: Directive 2002/58 on Privacy
and Electronic Communications, otherwise known as E-Privacy Directive, is an EU mandate to notify officials and affected individuals of data breaches affecting person information.
Page 19
Jurisdiction: EU
Page 20
What is PII in Canada and the EU
• California, USA: personal information is a person’s name plus SSN or driver’s license number, financial number, or medical information.
• Alberta, Canada: personal information is information about an identifiable individual.
• UK: personal information is any information concerning the personal or material circumstances of an identified or identifiable natural person.
Page 21
What is PII in Canada and the EU
Page 22
What is PII in Canada and the EU
Page 23
Coming Soon: Privacy Module Updates
• Asia-Pac Privacy Breach Regulations
QUESTIONS
The information and images contained in this document are of a proprietary and confidential nature. The disclosure, duplication, use in whole, or use in part, of the document for any purposes other than client evaluation without the written permission of Co3 Systems, Inc. is strictly prohibited.
© Co3 Systems Inc. 2013 All Rights Reserved.
One Alewife Center, Suite 450
Cambridge, MA 02140
PHONE 617.206.3900
WWW.CO3SYS.COM
“Co3 Systems makes the process of planning for a nightmare scenario as painless as possible, making it an Editors’ Choice.”
PC MAGAZINE, EDITOR’S CHOICE
“Co3…defines what software packages for privacy look like.”
GARTNER
“Platform is comprehensive, user friendly, and very well designed.”
PONEMON INSTITUTE
“One of the most important startups in security…”
BUSINESS INSIDER – JANUARY 2013
“One of the hottest products at RSA…”
NETWORK WORLD – FEBRUARY 2013
“an invaluable weapon when responding to security incidents.”
GOVERNMENT COMPUTER NEWS “Adding the Security Module... to this otherwise fine suite of services, Co3 has done better than a home-run...it has knocked one out of the park.”
SC MAGAZINE