Your Device is locked!

This is an EXAMPLE of a ransomware attack.

Ransomware occurs when a user clicks on a bad link or downloads a file in a malicious e-mail that causes the user to be locked out until a ransom is paid. According to the FBI, criminals are netting an estimated $150 million a year through ransomware attacks. In a real ransomware attack, you would be asked to pay a ransom in order to unlock the device and restore your files.

Please click below to dismiss this popup.

DISMISS

Hagerty's Solution to Cyber Program Management

Scroll to Learn More...
Annual expected cyber crime costs in 2021.
June 2017 CSOOnline Article
$6
 Trillion
$1,077
Average ransomware demand in 2016, up from $294 in 2015.
2017 Symantec Internet Security Threat Report, Volume 22
Identities exposed in data breaches since 2009.
2017 Symantec Internet Security Threat Report, Volume 22
7.1
Billion
1 in 131
Emails sent containing malware in 2016, up from 1 in 220 in 2015.
2017 Symantec Internet Security Threat Report, Volume 22

The cyber Disruption Team

enables a virtual mechanism for collaboration between...
Emergency Management:

As cyber incidents grow in complexity, the role of emergency management in cyber incident response will also expand. In the event of a large scale critical infrastructure compromise, emergency managers may be asked to fulfill a consequence management role in handling cyber incidents. As such, a sound cybersecurity program for emergency management is key to staying ahead of the threat.
Emergency
Management (EM)
Partners
Information Technology:

IT partners are integral to cyber incident response. Their role in handling the threat in the virtual space through system monitoring, log audits, and patch management ensures that cyber incidents are contained. In the event of large-scale cyber incidents with significant cascading effects, IT partners will be responsible for handling the escalation of the threat and pulling in additional stakeholders, such as emergency management.
Information
Technology (IT)
Partners
Hagerty's Cyber Nexus Approach Overview
Pre-Incident
Incident Response
Post-Incident

Why Does it Matter?

To effectively prevent, respond to, and recover from cyber disruptions, emergency management and information technology partners must first collaboratively establish plans for managing complex cyber incidents and test those plans. Ensuring cyber preparedness establishes relationships pre-event and tests viability of planning.

Information Technology Team

  • System Monitoring and Hardening
  • Patch Management
  • Penetration Testing
  • Hardware / Software Maintenance

Emergency Management Team

  • Cyber Risk Management
  • Cyber Incident / Disruption Response Planning
  • Training and Exercise

Recommended coordinated actions:

Hold quarterly Cyber Disruption Team meetings

Develop and maintain cyber incident response plans

Conduct IT / EM trainings and exercises

Why Does it Matter?

A coordinated response ensures that all parties are performing their functional missions while minimizing or eliminating unnecessary duplication of efforts. Coordinating response across IT / EM ensures that the response is as streamlined and effective as possible.

Information Technology Team

  • Digital Forensics
  • Malware Analysis and Quarantine
  • Breach Management
  • Information Technology Disaster Recovery Restoration

Emergency Management Team

  • Consequence Management (Response to Physical Cascading Impacts)
  • Operational Coordination Across Relevant Disciplines

Recommended coordinated actions:

Establish regular briefing schedule across disciplines

Communicate and prioritize response actions

De-conflict any response issues across disciplines

Why Does it Matter?

Coordinated recovery actions ensures the restoration of virtual and physical systems align and lessons learned from the incident are retained and improved upon. Collaborating on recovery, and mitigation activities and managing long-term impacts of complex cyber incidents supports a jurisdiction’s ability to recover quickly and increase resilience.

Information Technology Team

  • Restoring IT Services (Systems, Data, Connectivity)
  • Update Controls and Processes

Emergency Management Team

  • Recovery of Physical Assets
  • After-action Reporting

Recommended coordinated actions:

Establish regular meeting schedule for virtual and physical asset recovery coordination

Conduct after-action reporting that captures areas for improvement in both virtual and physical arenas

Develop a roadmap for long-term recovery actions, including any mitigation or grant management options

The Cyber Nexus Approach Can Help

Prepare Your Business

Planning

Training

Exercises

Hagerty is here to help. Our experts in cyber incident preparedness can assist your organization or community in developing cyber incident/disruption response plans and conducting training and exercises.

Want to know more? Complete the form below and you will be contacted by a member of our cyber preparedness planning team.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form

Download our free Cybersecurity Assessment Tool
to evaluate your capabilities:

Download

For more information, visit:
www.HagertyConsulting.com