project risk management and response planning … · 2018. 7. 28. · project continuity two...
TRANSCRIPT
![Page 1: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/1.jpg)
PROJECT RISK MANAGEMENT AND RESPONSE PLANNING (INCLUDING
CYBER SECURITY)JILL ALMAGUER, PE, MBA, PMP
PMI HOUSTON CHAPTER LUNCH N LEARN
TCH MEDICAL CENTER
JULY 23, 2018
![Page 2: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/2.jpg)
AGENDA
• Introduction to Risk Management Processes
• Risk Happens
• Risk Assessment
• Risk Response Planning
• Cyber Security Project Risk
• Tools to Minimize Theft Risk
• Q&A
• Next Steps
![Page 3: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/3.jpg)
INTRODUCTION
• Jill B. Almaguer, PE, MBA, PMP
• Passed PMP exam in 2011after attending a prep course provided by PMI Houston at DeVry University
• Taught Project Management as adjunct faculty at DeVry University
• Now teaching PMP exam prep courses
• Project Manager for NSG system integrator with projects in healthcare and higher education
• Attended recent FBI Infraguard presentations on Cyber Security threat landscape
• Presentation based on PMI Registered Education Provider materials for PMP Exam Prep Course
• PMP Course Risk Management Module Learning Objectives:
• Define risk
• Identify key terms related to risk
• Calculate risk
• Identify different categories of risk
• Describe Project Risk Management processes
![Page 4: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/4.jpg)
PROJECT MANAGEMENT BODY OF KNOWLEDGE (PMBOK GUIDE) 5TH EDITION
PMI’s SIX PROJECT RISK MANAGEMENT PROCESSES:
• PLAN RISK MANAGEMENT
• IDENTIFY RISKS
• PERFORM QUALITATIVE RISK ANALYSIS
• PERFORM QUANTITATIVE RISK ANALYSIS
• PLAN RISK RESPONSES
• CONTROL RISKS
![Page 5: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/5.jpg)
RISK HAPPENS (PLAN RISK MANAGEMENT)
PMBOK Definition:
Risk is an uncertain event or condition that, if it occurs, has a positive
or negative effect on a project’s objectives.
Risk management and response planning:
Minimize negative effects (threats) and
Maximize positive effects (opportunities) if risk happens.
This presentation will focus on ways to minimize the negative effects of risk.
![Page 6: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/6.jpg)
RISK ASSESSMENT (IDENTIFY RISKS)
• Resource Risks
• Money
• People
• Equipment or Data
![Page 7: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/7.jpg)
DATA AT-RISK
• Identity theft
• Credit card theft
• Customer lists
• Price lists
• Financials
• Trade secrets
• Project plans
![Page 8: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/8.jpg)
RISK ANALYSIS
• Categories of risk (Perform Qualitative Analysis)
• Known unknowns
• Unknown unknowns
• SWOT Analysis (internal and external risks)
• Calculation of risk (Perform Quantitative Analysis)
Risk Weight = Risk Probability * Risk Impact
![Page 9: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/9.jpg)
20% PROBABILITY:
through malware or malicious Wi-Fi (external risk)
One in 5 employees (internal risk) will be the cause of a mobile breach
![Page 10: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/10.jpg)
IMPACT IN TIME AND MONEY*How much cash was lost to unplanned downtime in the past 12 months, including productivity?
• Survey set $10,000 as the line between “OK, we can fix this” and “There goes the
holiday party.”
• 18% of IT professionals responded they lost more than $10,000.
• How much data loss is OK, and how long application users can sit idle?
• 70% say it’s acceptable to lose no more than two (2) hours of data
• 76% think it should take less than four (4) hours to bring mission-critical systems online.
• Spend on Business Continuity/Disaster Recovery (BC/DR) as a percentage of the IT budget?
• 39% say BC/DR gets less than 5% of the cash in 2017
• 61% expect that to continue in the new year.
• Ability to recover from a disaster or cybersecurity incident?
• 64% are very or somewhat sure they could recover fully.
*Data: Channel Partners 2017 BC/DR Survey
![Page 11: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/11.jpg)
PROJECT CONTINUITY
Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery
Point Objective (RPO) and Recovery Time Objective (RTO).
• RPO limits how far to roll back in time, and defines the maximum allowable amount
of lost data measured in time from a failure occurrence to the last valid backup.
• RTO represents how long it takes to restore from the incident until normal
operations resume.
https://www.veeam.com/blog/rto-rpo-definitions-values-common-practice.html
![Page 12: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/12.jpg)
RISK RESPONSE PLANNING (PLAN RISK RESPONSES)
• Goal-minimize impact of negative risk
• Reduce cost by catching risk early in project
• Catch risk early by monitoring triggers on the Risk Register
• Key terms for planning response
• Risk averse
• Risk tolerance
• Risk threshold
• Contingency Reserve and Management Reserve
• Response methods for negative risk
• Accept
• Avoid
• Transfer (business continuity insurance)
• Mitigate
![Page 13: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/13.jpg)
CYBER SECURITY PROJECT RISK (CONTROL RISKS)
• Not just IT’s problem anymore
• Anything attached to the Internet is vulnerable, especially via Wi-Fi
• Vendor contracts need to include encryption requirements and malware remedies
• Trust but verify all email correspondence/text involving $$ or links
• Risk response plans need to include data backup/restore method
• Assume you are a target
![Page 14: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/14.jpg)
Average time attackers dwell
on networks until discovered
of challenge is detecting hidden,
unknown, and emerging threats1
12017 Threat Hunting Report, Crowd Research Partners
of Threats go undetected by
automated security tools1
ATTACKERS CONTINUE TO EVADE SECURITY DEFENSES
They get in They expand and hide They are tough to detect
![Page 15: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/15.jpg)
Attacker Dwell Time: The Central Issue
Exploitation Installation Command & Control Lateral Movement Exfiltration Persist
Attack In Progress Attacker Dwell Time Response
NETWORK
BREACHED
INCIDENT
DISCOVERED
Reconnaissance
![Page 16: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/16.jpg)
THE FASTER YOU HUNT AND CONTAIN BREACHES, THE SMALLER THE FINANCIAL IMPACT
![Page 17: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/17.jpg)
TOOLS-RISK ASSESSMENTS TO MINIMIZE IMPACT
• Penetration Test
• Web Application Vulnerability
• Social Engineering Test
• Wireless Network Assessment
Reducing Dwell Time
is Key
Organizations that
are able to contain a breach
in less than
30 days paid nearly
$1 million less in
total breach costs.*
*Ponemon Institute 2017 Cost of Data Breach Study: Global Overview
![Page 18: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/18.jpg)
TOOLS-CYBER RISK AUDIT
Exploitation Installation Command & Control Lateral Movement Exfiltration Persist
Real-Time Prevention & Monitoring Threat HuntingContainment, Eradication &
Recovery
Attack In Progress Post Breach Activity Incident Response
Reconnaissance
Endpoint Protection Platforms (EPP)
Endpoint Detection and Response (EDR)
• Detect attacks in progress based on application behavior
• Collect event history for big data investigation & downstream IR
• Block known attack entry and/or malware installation
Incident Response (IR) Platforms
• Breach breadth and depth identification, containment, eradication, recovery and hardening against future attacks
• Root cause and impact assessment via log, alert, and traffic analysis
Hunt Platforms
• Detect post breach activity and persistence that has bypassed EPP and EDR solutions
• Identify exact endpoints that need remediation
• Triage IR activity and workload
User Entity & Behavior Analytics• User / device behavioral anomaly analytics
NETWORK
BREACHED
INCIDENT
DISCOVERED
![Page 19: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/19.jpg)
TOOLS-WIRELESS TAGS AND ASSET TRACKING
![Page 20: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/20.jpg)
ASSET TRACKING AND WAYFINDING
Electronically tracking assets and staff allows hospitals to better manage what they
have, streamline staff efficiencies, and reduce risk of loss, which in turn improves
patient and staff satisfaction and bottom line savings.
Uses Real-time Locating Systems (RTLS) to locate assets and improve efficiency.
Can also be used for wayfinding and patient safety tracking.
Uses technology built into Aruba Access Points, software and low cost, low power
Bluetooth Low Energy (BLE) “tags” that are placed on high value project assets.
![Page 21: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/21.jpg)
ASSET TRACKINGEXAMPLE:
Find the nearest
IV Pump
![Page 22: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/22.jpg)
TOOLS-FALL DETECTION
• Could safety risks delay your project?
• Fall Detection Use Cases:
• Retail
• Corporate
• Manufacturing
• Hospitals (high fall risk)
• Parking garages
• Parking lots; and
• other public areas where falls can occur.
• Configurable “Cool Down” period to align
with the client’s needs-if fall is cleared quickly and no injury
• Integrated with Hitachi Visualization Suite or sold as a stand-alone solution.
![Page 23: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/23.jpg)
Q&A
• Thank you for attending PMI lunch n learn
• Additional questions can be sent to:
Jill Almaguer, PE, MBA, PMP
832-467-0000 x227
www.nordstargroup.com
![Page 24: PROJECT RISK MANAGEMENT AND RESPONSE PLANNING … · 2018. 7. 28. · PROJECT CONTINUITY Two important parameters for a BC/DR (i.e. project continuity) plan are the Recovery Point](https://reader036.vdocuments.site/reader036/viewer/2022081621/6124c574ec697770984a72de/html5/thumbnails/24.jpg)
NEXT STEPS
• PMP Exam Prep Class
• October 8-11, 2018, at SCA in Houston
• PMBOK 6th edition
• More processes and 150 more pages!
• Registration and location details at www.scacompanies.com
• Course includes tool to help with PMP exam application and online study resources after the
class provided by PMI Registered Education Provider.
• Minimize risk impact by scanning regularly for cyber security threats!
• Complimentary Infocyte scan for 50 nodes of a >100 node network