B10: Buying Down the Risk of a Failed Ransomware Compromised Data Recovery Effort
John Beattie, Sungard Availability Services
In order to create the opportunity to extort a ransom payment, ransomware threat actors must make it compelling for you to consider it. They must make it a viable option – one you have to consider. In fact, they will be working diligently to make sure it’s your only option. And that happens when they successfully encrypt or disable your data replicas and backups as well as your production data. They must attack the data that you care about: data that’s important to your organization’s success; your “must-have” data; your vital data. They are thinking ahead. Are you? It is therefore essential to extend your thinking beyond your Cyber Security Incident Response Plan and your Disaster Recovery Plan. You need to think about a Cyber-compromised Data Recovery Management Program. This session will explore exactly that and what you need to put in place to have the right thinking, the right approach, the right team, the right plan, and the right capabilities that buy down your risk of a failed data recovery effort in the aftermath of a successful data compromising cyberattack.
D7: Three Steps Towards Becoming ISO 22301 Compliant
Tim Woodcome, NQA
This presentation will focus in-depth on three key components of a successful BCMS under ISO 22301: Internal BCMS Audit, BCMS Corrective Action, and BCMS Management Review. These key requirements are the building blocks to any robust management system and need to be understood and implemented effectively to achieve ISO 22301 conformance. The presenter will go in-depth to the specifics of these requirements, providing interpretations, guidance, and potential tools and templates to be used. Takeaways of this session include the inside knowledge and expectations of the requirements, examples to demonstrate best-practices, and templates to be brought back to organizations for potential use.
E4: Resiliency Training for a Virtual Workplace
Paul Lambert, Ripcord Solutions
Your fellow employees are working from home. You are probably still working from home. But best practices, experience, standards, and regulators keep whispering that training and awareness are required for a continuously improving program. Odds are 2020, and now 2021, have ushered in an incredible amount of change to your program – such as new software, evolving methodology, new team members, etc. And we can’t train everyone on Zoom! This presentation will cover the importance of a well-organized resiliency training strategy including: the different types of effective training, delivery models that will work for you, how to train a dispersed and overwhelmed workforce, and how you can do it yourself. Following the presentation, all attendees will receive a free training video titled, “Back to the Office after Covid-19” branded for your organization and licensed to use internally.