Business Continuity Awareness Week Webinar Programme

The Business Continuity Institute

BCAW 2017

During Business Continuity Awareness Week, the Business Continuity Institute hosted a series of free webinars all linked to the theme of cyber resilience. Webinars provide an ideal learning experience for everyone – delivered by experts and viewed from the comfort of your computer. As such, and if you can reflect on this learning experience and use it to improve your skills or knowledge, why not put it towards your CPD?

All the webinars were recorded so can be watched on demand at a time of your choosing.

Embedding cyber security into continuity planning

Hosted by Mike Solomon (BSI)
How organizations can embed cyber security into continuity planning to build a resilient information security strategy. This talk will discuss the key cyber security threats to business operations, as well as the core concepts required for effective information governance. We will also focus on governance structures and how to develop assurance around risk mitigation through effective audit, penetration testing and security incident response simulation.
Click here to watch the recorded version

Resiliency orchestration in the hybrid era

Hosted by Karpagam Venkataraman (IBM)
Are you confident in your IT recovery program? In today’s hybrid IT environment, interconnected, mission-critical applications run across diverse platforms and geographies. The manual disaster recovery process traditionally followed, requires huge time, resource and efforts to scale up DR management for all critical IT assets. This leads to critical IT resources being excluded from DR programs. As per a recent survey, IBM found that 78% of enterprises face unacceptable risk for core enterprise IT resources. With growing threat of cyber breaches, assured resiliency to support business objectives requires a new approach, including constant, intelligent monitoring and proactive action to achieve DR SLAs. In this webinar you will learn how resiliency orchestration is transforming resiliency, explore the complexity of hybrid environments and the roadblocks behind DR and business continuity, and understand the benefits of Resiliency Orchestration and how it can enhance confidence in your cyber resilience program.
Click here to watch the recorded version

The GDPR’s impact on your business and preparing for compliance

Hosted by Alan Calder (IT Governance)
The EU General Data Protection Regulation (GDPR) comes into effect on 25 May 2018, and will significantly reshape the data protection landscape for organisations that collect and process the data of European residents. Therefore businesses will need to take responsibility for the way they collect and process personal data and will have to take immediate action to align their business systems with the requirements of the GDPR. This webinar session will cover:

  • An overview of the General Data Protection Regulation (GDPR).
  • The impact GDPR creates on businesses and the transition timelines.
  • The first steps in preparing for GDPR compliance.
  • The technical and organisational measures your business will need to adopt to comply with the Regulation.
  • Key recommendations and best-practices to achieve and manage GDPR compliance.

Click here to watch the recorded version

Playing your part in building a cyber resilient organization

Hosted by Andrew Scott (The BCI)
In the build up to Business Continuity Awareness Week, the Business Continuity Institute published six posters to help promote the week, each one highlighting a way in which each and every one of us can play a role in cyber security and help build a more resilient organization. The issues highlighted in these posters may seem basic, but the report to be published during BCAW shows why they are a real concern, and how, regardless of the security measures in place, slack security on the part of the user can be immensely damaging to organizations. This webinar reveals some of the findings of the report, and uses existing research to demonstrate how vulnerable our organizations can be.
Click here to watch the recorded version

Risk and resilience in 2017

Hosted by Chris Butler (Sungard Availability Services)
Chris will be presenting on risk and resilience in 2017, looking specifically at:

  • The current risks to businesses
  • The current threat landscape
  • The importance of resilience, including cyber resilience and how it is more than just cyber security
  • What companies need to do to become and stay resilient

Click here to watch the recorded version

Cyber crisis management: Building organisational readiness to respond & recover

Hosted by Roberta Ramsden-Knowles and Charlotte Thompson (Both Regester Larkin by Deloitte)
This session will focus on how organisations can build senior executive level readiness to respond and recover from sophisticated cyber incidents. It will provide an overview of the threat landscape and consider the differences cyber crises present for senior executives. Participants will learn about some of the challenges faced when responding to a cyber incident and how to overcome them by building readiness in people, structures, processes and plans.
Click here to watch the recorded version

Creating confident cyber crisis responses

Hosted by Claudia Van Den Heuvel and James Campbell (PwC)
Crisis leader Paul Robertson and cyber expert James Campbell (PwC) share the lessons they’ve learned from Operation Cloud Hopper, and offer insight on how to confidently integrate cyber response into your organizational crisis capability. During this webinar you'll also be able to download the cyber case study we share, along with the latest CEO crisis survey statistics.
Click here to watch the recorded version

Cyber security and the insider threat

Hosted by Sonny Sehgal (Transputec) and Adam Blake (ThreatSpike Labs)
The greatest threat to the corporate security perimeter now comes not from the outside, but the inside. Social engineering threats such as phishing, malware and ransomware target the weakest link, the human factor. This webinar will expose the techniques of the hackers and offer advice on how these can be combatted to make your business more resilient in the face of the cyber threat.
Click here to watch the recorded version

Supply chain cyber resilience – getting the balance right

Hosted by Matt Thomas and Lee Glendon (Both Ultima Risk Management)
Today’s digitised value chains have a very high dependency on third parties. This exposure is not lost on potential attackers, who will invest resources in researching, identifying and selecting targets among value chain partners. It would be an uneven contest were firms not to take steps to understand these vulnerabilities and ‘value at risk’ themselves. This webinar will set out clear steps that can be taken to understand potential vulnerabilities among third parties and will introduce a lifecycle approach to support robust third party risk management from the start of the relationship through to exit.
Click here to watch the recorded version

Cyber Resilience - Can your organization deliver after a cyber event crisis?

Hosted by Al de Brito (ContinuitySA)
Take your mark. Get set… and go. What do you do if your organization is faced with a crisis, do you have the necessary steps and procedures to recover from a cyber attack? 91% of APT (Advanced Persistent Threats) begin with spear phishing emails. Successfully phishing key individuals could give hackers the ‘key’ to breaching security in further attacks. Hosted by Al de Brito of ContinuitySA, this webinar will cover five domains that focus on preventative, detective and reactive controls within the organization. These five domains will follow the process of identifying, protecting, detecting, responding and recovering, giving a holistic view of the full cycle of infrastructure resilience.
Click here to watch the recorded version

Cyber contingency planning: Going beyond traditional BC planning

Hosted by Charlotte Thompson and Charles Barlow (Both Regester Larkin by Deloitte)
Business continuity planning has long helped organisations prepare for, respond to and recover from all types of disruption. Sophisticated and enduring cyber incidents, however, can challenge the planning assumptions many organisations rely on, including recovery time and recovery point objectives. This session will look at how organisations can go beyond traditional business continuity planning to enhance cyber incident readiness.
Click here to watch the recorded version

Cyber resiliency in the hybrid era: best practices, benefits & tools for success

Hosted by Joe Starzyk (IBM)
There is a growing demand for organizations to extend their operations out of a secure, controlled domain into an unpredictable ecosystem, for reasons such as cost reduction, increases in productivity, profitability requirements and regulatory pressures, to name a few. This expansion into hybrid environments exposes businesses into unforeseen risks, requiring a more formidable capability relative to the resiliency measures that need to be in place. A strong cyber resiliency framework that includes a combination of security, business continuity and a resilient control system can help to mitigate disruptions of critical business functions and enable confidence across the entire enterprise in the event of a cyber breach. In this webinar, you will learn tactical approaches for implementing cyber resilience, including evolving industry practices for enhanced cyber resiliency, benefits to be realized beyond mitigation of threats and risk reduction, and technological advancements that support successful cyber resiliency.
Click here to watch the recorded version

Critical communication for the lifecycle of a cyber attack

Hosted by Darren Notley (Everbridge)
Cyber resiliency teams can no longer rely on security defence measures alone - instead, you need to assume and admit, that a cyber attack is not just a possibility, but a likely event that will impact your organization at some point in the very near future.

According to the BCI Cyber Resilience Report 2016, 15% of organizations have experienced at least 10 cyber security incidents in the previous year. While no two cyber attack events are the same, there are 5 key steps that should be followed in order to ensure a quick and successful event resolution for a critical event situation. Using real world anecdotes, we’ll take a look at the timeline of a cyber attack and walk you through the 5 Steps to help you prepare your cyber attack communications and response plan.
Click here to watch the recorded version

Prevent email blackouts and keep your data safe during cyber attacks

Hosted by Mayur Pitamber (Mimecast)
Organizations feel the pain of successful cyber attacks through the loss of personal customer information, release of commercially sensitive data or the disruption of business critical email systems. The effects are devastating, with wide-ranging damage to corporate reputation or loss of competitive advantage. 91% of successful attacks start with email. Learn how cyber resilience best practices can help organizations tackle cyber risks effectively, improve productivity and ensure business continuity by providing cyber security assurances to ecosystem partners, stakeholders and customers.
Click here to watch the recorded version

Interpreting the GDPR's Article 32 in the most appropriate way for YOUR business

Hosted by Nick Burrows (Daisy Group)
With its 25th May 2018 deadline, the General Data Protection Regulations have become the stuff that marketing dreams are made of, but the delivery of appropriate levels of confidentiality, integrity and availability for affected data does not have to mean vast amounts of investment in cutting edge technology and expensive consultancy engagements. In this session we will have a closer look at what the end results of Article 32 (Security of Processing) actually need to look like and address some of the terminology used so that delegates properly understand what the regulation demands from them and their businesses. In the context of business continuity, we will further look into how current strategies match up to GDPR and what can be done to optimise them for May 2018 and beyond.
Click here to watch the recorded version

Cyber resilience: How the culture of your organisation can improve resilience

Hosted by Lyn Webb (Regester Larkin by Deloitte)
The first defence against cyber attacks is often to impose technical barriers, but how can an organisation’s culture help mitigate the cyber risk? This session will look at the cultural aspects of security, measuring cyber security culture and suggest how behaviour can make us more resilient.
Click here to watch the recorded version

Carry your cyber response plans in your pocket

Hosted by Darren Notley (Everbridge)
You’ve built your cyber response plan and are confident you can respond and recover from a cyber attack and have robust procedures in place. But once a business critical cyber attack has been identified, how quickly can you invoke those plans, get your team to start collaborating, communicating and coordinating the response?

Moreover, cyber attacks don’t conveniently happen during office hours so you need to be able to mobilise your response teams across shift schedules, time zones, locations and communication devices. In this session we’ll look at how you can digitize your response plans, improve operational response, keep everyone informed through reliable crisis communications and simplify and standardise the organizational response.
Click here to watch the recorded version

Balancing resiliency, risk and regulations with consumer choice and convenience

Hosted by Karin Beaty (IBM)
Cyber threats. Compliance. Ease of use. These are among the growing challenges to resiliency for all organizations, but they often are at odds with another. Clients and their customers are driving a need for ease of use, customization and empowerment, which can result in a more complex, at-risk infrastructure. How can organizations manage risk and compliance - maintaining expected transparency, accountability and interconnectedness amongst all of this complexity? Join our discussion on the impacts of increased regulatory supervision and the effects of standards, using industry examples - and learn key strategies you can use today to manage resiliency across all levels of the enterprise to protect your business in the age of digitization and IT modernization.
Click here to watch the recorded version

Been hacked by cyber terrorists? What’s your Plan B?

Hosted by Braam Pretorius (ContinuitySA)
In today’s global village everyone is connected. The internet has brought billions of people together, allowing sharing of data, communication and commerce at a scale never imagined before. The value of the internet is clear for everyone to see. Unfortunately, the same internet also allows for cyber hackers and attackers to fight a new war, Cyber terrorism, theft of data and extortion. The attackers hide in plain sight. Working from homes or offices. Sometimes alone, often in syndicates. Even state sponsored cyber terrorism is on the increase. So, given that no matter what you do to protect yourself against the cyber threat, you will probably be attacked or have already been attacked. You therefore need a plan B to allow your business to continue with crucial day-to-day activities after the event.
Click here to watch the recorded version

Managing stakeholder communication during a cyber crisis and preventing a reputation meltdown

Hosted by Caroline Sapriel (CS&A International)
Cyber crime has been around for as long as we’ve been connected to the Internet, but in recent times, the criminals behind it are excelling in their creativity and ingenuity with consequences that are more damaging than ever before. Furthermore, the organisations that invest in cyber crime preparedness seem to forever be one step behind as they only get to guess what might be coming. The price tags of these data thefts, DDoS attacks, ransoms to unblock operating systems, etc. are going through the roof. Therefore, when faced with a cyber crisis, it is critical to demonstrate strong leadership and communicate effectively with all stakeholders to avoid spiralling down to a reputation meltdown.
Click here to watch the recorded version

Privacy law, a catalyst for cyber resilience

Hosted by Padma Naidoo and Philippa Chappell (ContinuitySA)
Privacy laws regulate the collection, storage and use of data by organisations in many countries globally. Following the proclamation of the Protection of Personal Information Act (POPI) Act into law in 2014, so too will these laws become applicable to South African organisations.
In this digital age, technology plays a pivotal role in shaping the way in which business is done. The objective of this topic is to explore the Cyber Security and Resilience requirements placed on organisations by privacy regulations, and the impact of Cyber Security and Resilience on Business Continuity.
This webinar will touch on the reliance placed on effective Information Security and Cyber Security solutions to ensure compliance, and explore how a breach or failure of Information Security Controls needs to be managed.
Click here to watch the recorded version

Cyber attacks – how to identify the real scale of the problem

Hosted by Jon Mitchell (ClearView Continuity)
This session will focus on how identifying the scale of the cyber problem can be handled in a practical way by software, covering:

  1. Understanding the organizational impact and dependencies.
  2. Decision making based on the availability of accurate information.
  3. Assisting ‘recovery’ through effective incident management.

Click here to watch the recorded version