Presentation is loading. Please wait.

Presentation is loading. Please wait.

ACAA Summer Meeting Carrie O’Brien June 1, 2017

Published byAron Richards Modified over 6 years ago

Similar presentations

Presentation on theme: "ACAA Summer Meeting Carrie O’Brien June 1, 2017"— Presentation transcript:

1 ACAA Summer Meeting Carrie O’Brien June 1, 2017
Data Breach Exercise ACAA Summer Meeting Carrie O’Brien June 1, 2017

2 Data Breach Exercise This is a small group exercise that simulates a data breach within a small city. It is intended to assist your city to think about how it would respond to a real data breach. As is true in real life, you will begin this exercise with very little information and discover more over time.

3 Your Team What are the roles each person should play IT Director Mayor
City Manager Counsel Public Information Officer Vendor Representative

4 Your Goal Prepare an Incident Response Plan
Public and Internal Communications

5 ABC City ABC has 20000 residents and 100 employees
Last year, you have procured a highly regarded web-based employee information system and you maintain other databases using amazon web services. You decided to allow all administrative staff to be “super users” of the system. They have access to everything.

6 The Situation Begins… A City Court employee reports that he lost his laptop sometime during a conference last week. Your IT Department determines that the same user’s information accessed databases last night. Your IT Department also reports that reports of employee information was downloaded from other systems and those files contain private information of employees.

7 Check In How are you building a response plan?
What more information do you need? Does the fact that the breach involves employee information change the way you plan to respond?

8 Incident Response Plan
Outline the steps to identify the source of the breach, catalog the data affected and how it occurred. Should you involve law enforcement? What are the legal ramifications? How could this be prevented in the future?

9 Lessons Learned What was threat involved in the incident?
What was the vulnerability? What safeguards should have been in place? What processes could have been carried out better? What incident response best practices could've been helpful if implemented? What resources could've been used to avoid the incident scenario?

Download ppt "ACAA Summer Meeting Carrie O’Brien June 1, 2017"

Similar presentations

Password District Data Breach Exercise [District Name] [Date] [Logo]

Password District Data Breach Exercise [District Name] [Date] [Logo]
County and City Government in Georgia

County and City Government in Georgia
How to Respond. Sgt. Trent Smith Bremen District #24.

How to Respond. Sgt. Trent Smith Bremen District #24.
(Insert agency name and/or date) Are we prepared?.

(Insert agency name and/or date) Are we prepared?.
Incident Response Updated 03/20/2015

Incident Response Updated 03/20/2015
Developing an Effective Anti-Bullying Policy Valerie R. Cherry, Ph.D., Principal Mental Health Consultant, Humanitas Julie A. Luht, MPH, Health Analyst,

Developing an Effective Anti-Bullying Policy Valerie R. Cherry, Ph.D., Principal Mental Health Consultant, Humanitas Julie A. Luht, MPH, Health Analyst,
Threat Assessment Team Presented By: John Dailey, Jack Moorman, Jon Barnwell, Frank Brinkley Paul Cousins & Tina Nelson.

Threat Assessment Team Presented By: John Dailey, Jack Moorman, Jon Barnwell, Frank Brinkley Paul Cousins & Tina Nelson.
Responding to a Security Incident Maryland Security Day March 2, 2004 Joy Hughes, CIO

Responding to a Security Incident Maryland Security Day March 2, 2004 Joy Hughes, CIO
 Sana Riaz  Registration No. 0185  Saira Khalid  Registration No. 0201.

 Sana Riaz  Registration No  Saira Khalid  Registration No
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, 2014 -WITH THANKS TO.

PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
Welcome to Unit 8 Tina Mainwaring

Welcome to Unit 8 Tina Mainwaring
PAD214 INTRODUCTION TO PUBLIC PERSONNEL ADMINISTRATION

PAD214 INTRODUCTION TO PUBLIC PERSONNEL ADMINISTRATION
INCIDENT RESPONSE IMPLEMENTATION David Basham University of Advancing Technology Professor: Robert Chubbuck NTS435.

INCIDENT RESPONSE IMPLEMENTATION David Basham University of Advancing Technology Professor: Robert Chubbuck NTS435.
Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.

Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.
1 State Homeland Security: Priorities and Funding R. Chris McIlroy Homeland Security and Technology Division National Governors Association.

1 State Homeland Security: Priorities and Funding R. Chris McIlroy Homeland Security and Technology Division National Governors Association.
Prepared by Dept. of Information Technology & Telecommunications, November 19, 2015 Application Security Business Risk and Data Protection Gregory Neuhaus.

Prepared by Dept. of Information Technology & Telecommunications, November 19, 2015 Application Security Business Risk and Data Protection Gregory Neuhaus.
Welcome 2011 California Statewide Medical and Health Exercise.

Welcome 2011 California Statewide Medical and Health Exercise.
EECS 4482 Fall 2014 Session 8 Slides. IT Security Standards and Procedures An information security policy is at a corporate, high level and generally.

EECS 4482 Fall 2014 Session 8 Slides. IT Security Standards and Procedures An information security policy is at a corporate, high level and generally.
Chapter 11: Policies and Procedures Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 11: Policies and Procedures Security+ Guide to Network Security Fundamentals Second Edition.
KENTUCKY: POLICIES & PRACTICE Preventing, Detecting, and Investigating Test Security Irregularities: A Comprehensive Guidebook On Test Security For States.

KENTUCKY: POLICIES & PRACTICE Preventing, Detecting, and Investigating Test Security Irregularities: A Comprehensive Guidebook On Test Security For States.

Similar presentations

Ads by Google