1:00 pm - 3:00 pm WORKSHOP A: DISTILLING THREAT INFORMATION INTO ACTIONABLE INTELLIGENCE
When attacks occur, early warning and expert advice can mean the difference between business continuity and widespread business catastrophe. The importance of involvement in peer sharing groups, such as that of the Financial Services Information Sharing and Analysis Center (FS-ISAC), mean that organisations are able to receive timely notification and authoritative information specifically designed to help protect critical systems and assets from physical and cyber security threats.
As we know, bad news travels fast, particularly as we have seen when it comes to cyber security threats in the media. This workshop will provide delegates with an example of the type of platform that the FS-ISAC provides to help share anonymous information sharing capability across the entire financial services industry. Delegates will be able to understand how they are able to interact with similar style groups, both internally and across their industry to provide them with up-to-date, actionable, threat information regarding potential cyber attacks. The audience will be able to understand how they can use every bit of information they receive to start to shape their cyber strategy through intelligence.
3:00 pm - 5:00 pm WORKSHOP B: CYBER INCIDENT RESPONSE BEST PRACTICESBharat Thakrar - Head of Business And Cyber Resilience BT Global Services
This workshop is designed to immerse participants in a cyber incident as it takes place within a large commercial enterprise. Participants will be presented with a cyber incident and then be given control of the response - the choices they make at key junctures will dictate the state
of the enterprise at the end of the day. This exercise will educate attendees in the difficulties of constructing an effective response to cyber attacks on a commercial enterprise.
Key sections include: Instilling an awareness of the situation as it unfolds - recognising the key signals of a successful cyber penetration and beginning the initial response; the key principles of managing the post-incident situation and returning the business to full function.
•Incident handling – what to do while the attack is taking place
•Identify, Isolate, Investigate, Implement, Inform
•Report back your decisions as you watch the attack unfold – revise them based on their success
Bharat ThakrarHead of Business And Cyber Resilience
BT Global Services