security

SecurityCrisis Management

Emmanuel FUCHS

Slides available at www.Elfuchs.Fr

Crisis Management

• Crisis• Crisis Management Process• Risk analysis• Crisis Management System

Crisis management system

Yes I start by the end !

Definition

• A crisis can be defined as any unplanned event, occurrence or sequence of events that has a specific undesirable consequence.

Crises examples

• Natural disasters, • Financial manipulation, • Pollution,• Terrorism,

Crisis management

• Coordination– Effective coordination of activities among the

organizations having a management/response role; • Warning

– Early warning and clear instructions to all concerned if a crisis occurs;

• Decision– Continued assessment of actual and potential

consequences of the crisis; • Continuity

– Continuity of business operations during and immediately after the crisis.

Crisis management planning

Event

Prepare Plan Execute Plan

Crisis management planning

• Develop– Policy, strategy, priority, controls.

• Test– Planning gaps.

• Train– Prepare staff.

• Maintain– Update, improve.

Contingency plan content

• Objective of the plan:– Continue normal operations, continue in a degraded

mode, abort the function as quickly as safely possible,

• Criteria for invoking the plan:– Local disaster, experiencing serious system failures,

• Expected life of the plan:– How long can operations continue in contingency

operating mode?

• Roles, responsibilities and authority

Contingency plan content

• Training on and testing of plans

• Procedures for operating in contingency mode• Resource plan for operating in contingency

mode:– Staffing, scheduling, materials, supplies, facilities,

temporary hardware and software, communications, …

• Criteria for returning to normal operating mode• Procedures for returning to normal operating

mode

• Procedures for recovering lost or damaged data

Crisis Management


Crisis management process loop

Preparation

Response

Rebuild

Mitigation

Crisis management process loop

• Mitigation– Long-term measures for reducing or

eliminating risk. (Risk analysis)

• Preparedness– Develop plans of action (command).

• Response– Activate and control on the field actors.

• Recovery – Rebuild and restart normal activities.

Process phase

Event

Risk analysis

Mitigation Preparedness Response Recovery

Crisis Management


Risk management

• The term risk management is applied in a number of diverse disciplines.

• Statistics, economics, psychology, social sciences, biology, engineering, toxicology, systems analysis, operations research, decision theory

Risk analysis

• Risk analysis tries to answer the questions:– 1) what can happen ?

– 2) how likely is it to happen ?– 3) given that it occurs, what are the

consequences ?

Risk analysis case

1800,0 mm x 2000 ,0 mm

15000mm

125

00m

m

3250mm

315

0mm

4600mm

Very Expensive Painting

Risk analysis case

• Vulnerability : no burglar alarm system• Threat : burglary • Countermeasure : install burglar alarm

Risk analysis case

• Value of the painting : 1000 euros• Value of the burglar alarm : 200 euros• Probability of burglary : 10%• Value of the risk : 1000 euros x 10 %

• Risk = 100 euros

Burglar alarm more expensive than the risk !

Risk analysis goal

• A procedure to identify threats & vulnerabilities, analyze them to verify the exposures, and highlight how the impact can be eliminated or reduced.

• Risk analysis goal:– To commensurate (balanced) security measures with

the risks applicable. – To establish where to invest security budget for the

best return.

Risk and uncertainty

• Uncertainty frequently impacts our decisions and actions.

• When we talk about risk, we mean the chance that some undesirable impact will occur.

• Hence, we normally seek to avoid or minimize risk.

Coin toss

• Two coin toss – That gains $50 or breaks even,

– That gains $150 or loses $100,

• The average or 'expected' outcome of both tosses is $25.

Risk impact assessment.In project management

• Risk impact is the effect on project objectives if the risk occurs, which may be a negative effect (threat) or a positive effect (opportunity).

• Risk is the effect “positive” or “negative” of an event.

Risk analysis in project management

• Risk probability and risk impact may be described in qualitative way :

– Unacceptable (red area)

– Acceptable, but risk reduction measures needs to be considered (yellow area)

– Unconditionally acceptable ie the risk is negligible (green area)

Risk analysis in project management

consequence

prob

abili

ty

Project risk managementID Risk Probab. Impact Preventive/Corrective Action

R01 Schedule slippage and slow progress in general

Medium High Strong project management and full commitment to the project from senior management within each partner organisation Application of management principles/tools proven in comparable projects

R02 Under-estimation of the required effort

Low Medium Monitor the planned versus actual effort per task. Early warning in quarterly status reviews. Timely team reinforcement

R03 Change of key-personnel Low High Standardising the way of working across the various teams. Definition of resources backup policy for fast compensation and substitution

R04 Unstable or inconsistent requirements.

Medium Medium Requirements changes impacts to be pointed out as soon as they arise. Early agreed requirements document

R05 Technical difficulties in harmonisation, adaptation and integration of software components

Medium Medium Early assessment of software risks. Early definition of standards, interfaces, conventions. Structured software development process

R06 The identified user requirements are not feasible within the scope of the project

Low High Manage the user requirements analysis process in order to ensure that expectations are realistic Clearly prioritise those functions that will be essential for the prototype

Risks evaluation

LOW MEDIUM HIGH

HIGH

MEDIUMR04R05

R01

LOW R02R03R06

IMPACT

PROBABILITY

Risk elements

• Event: what could happen?

• Probability: how likely is it to happen?• Impact: how bad will it be if it happens?

• Mitigation: how to reduce the probability and by how much?

• Contingency: how to reduce the impact and by how much?

• Reduction = mitigation x contingency• Exposure = risk – reduction

Types of risk analysis

• Quantitative risk analysis– The probability of an event occurring

– The likely loss should it occur. • Probability x likely loss

• Qualitative risk analysis – Focuses on the impact– Risk model

Qualitative risk analysis model

• Threats• Vulnerabilities • controls


• Threats– Things that can go wrong or that can 'attack'

the system. • Examples might include fire or fraud.

– Threats are ever present for every system.

Threats• Human

– From individuals or organizations, illness, death, etc. • Operational

– From disruption to supplies and operations, loss of access to essential assets, failures in distribution, etc.

• Reputation– From loss of business partner or employee confidence, or damage to reputation in the

market. • Procedural

– From failures of accountability, internal systems and controls, organization, fraud, etc. • Project

– Risks of cost over-runs, jobs taking too long, of insufficient product or service quality, etc.

• Financial– From business failure, stock market, interest rates, unemployment, etc.

• Technical– From advances in technology, technical failure, etc.

• Natural– Threats from weather, natural disaster, accident, disease, etc.

• Political– From changes in tax regimes, public opinion, government policy, foreign influence,

etc.

Natural threats

• Flooding, • Fire, • Seismic activity, • High winds, • Snow and ice storms, • Volcanic eruption, • Tornado, hurricane, • Epidemic, • Tidal wave, typhoon.

Technical threats

• Power failure/fluctuation, • Heating, • Ventilation or air conditioning failure, malfunction

or failure of CPU, • Failure of system software, • Failure of application software,• Telecommunications failure, • Gas leaks, • Communications failure, • Nuclear fallout.

Human threats

• Robbery, • Bomb threats, • Embezzlement, • Extortion, • Burglary, • Vandalism, • Terrorism, • Civil disorder, • Chemical spill,

• Sabotage, • Explosion, • War, • Biological contamination,• Radiation contamination, • Hazardous waste,• Vehicle crash,• Airport proximity,• Work stoppage (strike)• Computer crime.


• Vulnerabilities – Make a system more prone to attack by a

threat or make an attack more likely to have some success or impact.

• For example, for fire a vulnerability would be the presence of inflammable materials (e.G. Paper).

• Software Complexity


• Controls– Countermeasures for vulnerabilities. – There are four types of controls:

• Deterrent controls – Reduce the likelihood of a deliberate attack

• Preventative controls – Protect vulnerabilities and make an attack unsuccessful or

reduce its impact

• Corrective controls – Reduce the effect of an attack

• Detective controls – Discover attacks and trigger preventative or corrective controls.


THREAT Fire Software Error VULNERABILITY Presence of Flammable

materials Complexity

CONTROLS Sprinklers Extinguishers Design and development, standards, Change control.


Attack

Threat

creates

Vulnerabilty

Impact

Results in

eploits


Attack

Threat

creates

CorrectiveControl

Vulnerabilty

DetectiveControl

Deterrent control

Preventative control

Triggers

Impact

Reduces likelihood of

Results in

Reduces

eploits

Decreases

discovers

protectsTriggers

Risk management processEstablish Context

Identify Risks

Analyze Risks

Evaluate Risks

Opportunities & Losses

Likelihood & Severity

Ranked & Prioritized

Treat Risks

Crisis Management


Crisis management system

Incident management system

• Provide the pertinent, accurate information you need to make critical decisions.

• Deploy personnel, equipment, communication, facilities and procedures effectively and efficiently.

• Give access to information to plan, direct, coordinate and control resources.

• Foster collaboration and coordination with other command controlsystems.

• Deliver secure, dependable systems on time and within budget.

Emergency response organization

StrategicBig Picture

Operational

Tactical First Responder

Risk AssessmentPlanning tools

Environment(Urban area, weather)

emergency centers(Operative Level)

Higher level Response (Strategic level)

Low response Cell (Tactical Level)

Simulation Framework

Critical Assets

M&S SystemManagement

First Responders Units Resource Mgt(logistic, …)

Emergency system architecture

Crisis management schedule

The incident

Crisis ManagementReal TimeOn line

PreparationNon real timeOff line

incident response phase

Crisis management system functions

• Command and control– To provide the functions necessary to put multiple response and recovery plans

into action

• Communication and intelligence– To effectively receive and transmit information

• Coordination and documentation– To organize all of the steps taken to respond to an event and create a record of

those actions to protect employees, infrastructure and shareholder value

• Automated checklists– To ensure that response and recovery is complete for major functions

• Alert notifications– To sort and distribute messages so managers/commanders can track and log

multiple and varied notifications

• Media management– To inform the media about the progress the company is making toward normal

operations

CrisisManagers

PlansManagment

RessourcesManagment

EventsManagment

AlertsManagment

Check ListsManagment

Geographicalinformation

DocumentsManagment

Brieffing

Modelling&

Simulation


Geographical information system

geo-referenced information: information that is associated with a physical location

Common situation awareness• Annotations and markups• Data sharing and synchronization• Chat• Data acquisition • Geospatial collaboration• Asset tracking: blue force tracking, location-based

services• Decentralized data editing• Fusion of geospatial data• Neutral and trusted workspace• Sensor integration• Reporting• Web-based services

Distributed crisis management system

• All participants have to share information, make decisions and

deploy resources without being physically present in the same

place.

• Using web-enabled software allows participants to work from

their normal workstation, from home or from the field.

• Emergency plans and reports are available from any location.

• All information can be maintained in a central database that is

available to participants from anywhere in the world.

Web services based distributed emergency system architecture

Components

Services

ServicesOrchestration

EmergencyWorkFlow

Middleware

Transform

Use

Expose

Conclusion

Thank you for your attention

Questions are welcomeContacts :

[email protected]

Slides available at www.elfuchs.fr

security

Technology

financial manipulation

sequence of events

unplanned event