Solutions Track 2

Thursday, April 1, 2021, 10:00 a.m - 10:45 a.m. EST

SOLUTIONS TRACK 2 - SESSION 1

Three Common Mistakes in Ransomware Security Planning

When:
Thursday, April 1, 2021
10:00 a.m – 10:45 a.m. EST

Speaker:
Frank Trovato, Info-Tech Research Group

When large organizations are crippled for days or weeks due to a ransomware attack (e.g., Garmin, City of Baltimore, Travelex, etc.), it begs the question how are these attacks penetrating what should be a mature security profile? And why are they not able to contain the incident more quickly, and then simply restore infected systems from backup?

This session will cover three common mistakes are made by these and other organizations that leave them unprepared to prevent or reduce ransomware risk.

  1. Failure to position risk in business terms to get appropriate funding and security policy buy-in.
  2. Not going deep enough in testing ransomware readiness.
  3. DR planning, including backup strategy, does not account for a ransomware threat that could infect your backups and DR site.

About Frank Trovato
Frank Trovato is a Research Director at Info-Tech Research Group, and a certified business continuity professional with extensive experience in organizational resilience planning.

SOLUTIONS TRACK 2 - SESSION 2

Business Continuity Perspectives on Preventing Workplace Violence and Insider Threat

When:
Thursday, April 1, 2021
10:00 a.m – 10:45 a.m. EST

Speaker:
Dave Hunt, Homeland Security Consulting, LLC

Business Continuity Programs should address the risks of insider threat and extreme violence which have the potential to seriously impact any organization. Identifying persons who may harm others or the organization can prevent incidents and provide appropriate intervention measures. Organizations should develop a program to manage these risks, tailored to the needs of their organization, addressing the steps in prevention, mitigation, response and recovery. Implementing training for workplace violence prevention also benefits the organization to identify persons who may wish to harm the organization through theft of intellectual property, IT system compromise, reputational damage or pilferage.

Dave Hunt, FBCI, CPP is a national subject matter expert, with 35 years of law enforcement and emergency response experience. He has developed many of the nation’s emergency preparedness guidance documents, including the current DHS active shooter preparedness program, the national workplace violence standard, the national exercise guidance and national planning guidance.

About Dave Hunt
Dave Hunt, FBCI, CPP, has 35 years experience in law enforcement and emergency response, supporting organizations in managing risk and protecting employees and assets. Mr. Hunt recently led a team to revise the DHS Active Shooter Preparedness Program, and served on the technical committee to revise the National Standard for Workplace Violence Prevention and Intervention. He has worked with corporations of all sizes, universities, non-profits and houses of worship to develop capabilities to prevent and respond to crisis incidents. He frequently lectures on risk management and the need to incorporate extreme violence prevention and insider threat management into business continuity programs.

SOLUTIONS TRACK 2 - SESSION 3

Cybersecurity - What's Keeping Management Awake Tonight!!

When:
Thursday, April 1, 2021
10:00 a.m – 10:45 a.m. EST

Speaker:
Dr. Al Marcella, BAC, LLC

Sustainable business resiliency begins with proactive cyber security!

Cybersecurity refers to the people, products, and processes that protect electronic data from those with malicious intent. This presentation will provide participants with an insight into the technologies that may wreak havoc throughout an organization’s operating environment. Our discussion will focus on cyber security exposures and associated attacks that are commonly perpetrated against organizations and individuals.

Dr. Marcella will discuss cyber security exposures…identifying various threat actors that seek to wreak havoc and disrupt business operations. Session participants will be provided with proactive internal control recommendations, designed to mitigate the associated risks and security exposures brought by these threat actors.

Dr. Marcella, is president of BAC, LLC an internationally recognized public speaker, author, researcher, consultant, and workshop facilitator.

About Dr. Al Marcella
Dr. Al Marcella recipient of the ISSA’s Security Professional of the Year award in 2016 is an internationally recognized public speaker, author, researcher, consultant, seminar leader with 40+ years of experience in IT audit, security & risk management.

SOLUTIONS TRACK 2 - SESSION 4

How to Recover Your Reputation After a Crisis

When:
Thursday, April 1, 2021
10:00 a.m – 10:45 a.m. EST

Speaker:
Andrew Gilman, CommCore Consulting

When Johnson & Johnson navigated through its tampering crisis 30 years ago, they called CommCore founder and CEO Andrew Gilman. He is still known in U.S. PR circles as “The Tylenol Man” because of that successful collaboration and outcome. When the Canadian government was faced with a health, economic and tourism crisis due to the SARS epidemic, they called only one U.S.-based PR company: CommCore.

When The New York Times wanted to write about the most effective and innovative crisis communications simulation program, they called CommCore and published a profile of our PressureTest™ simulation. NPR also singled out CommCore for our cutting-edge approach to crisis planning. The New York Observer named CommCore one of the Power 50 PR Firms.

When it happens (not if) to your company, industry or community, what can you do to prepare, withstand and recover? Andrew Gilman, President & CEO of CommCore Consulting will provide experience and examples and hands-on exercises to participants.

About Andrew Gilman
Andrew Gilman is a crisis communications expert, Andrew has provided advised hundreds of corporations, institutions and government officials. Andrew created CommCore’s industry leading PressureTest™ that focuses on social media and traditional table top crisis simulations.