While hurricanes and tornadoes have been on the front pages lately, your organization might be the victim of an undetectable cyber attack right now. Even if you suspect that you have been hacked, you may not be quite sure what’s been exposed or exfiltrated, or where the attack is coming from.
If your first thought is to disconnect the affected systems, you must attend Solutions Track 5 on Sunday afternoon, titled "Will Your BCP Help You Recover from a Cyber Incident?" to find out why doing that could be more dangerous than you could ever imagine. I want to give you some homework before coming to San Diego. Do you know that the default passwords for hundreds of devices and operating systems are published on http://www.cirt.net/passwords and did you know that some systems do not allow you to change them? You also might want to run the Shodan tool against your systems to show which ones still have their defaults enabled - you might be very surprised what shows up. This session should be entertaining and eye-opening, especially for BC planners that have not yet formed a strong relationship with your physical and information security counterparts.
Ron LaPedis is a workforce continuity strategist overseeing SunGard AS’ work area recovery business. He is a Master Business Continuity Professional (MBCP), a member of the Business Continuity Institute (MBCI), and a CISSP with ISSAP and ISSMP endorsements. He has published many articles and has taught and consulted in the information security and business continuity fields around the world. LaPedis is a licensed amateur (ham) radio operator, instructor, and volunteer examiner. He is a member of the San Bruno Citizen Preparedness Committee, and is on the boards of the San Francisco chapters of InfraGard, FBI citizen's Academy Alumni Association, and the Association of Contingency Planners (ACP). He is also a sworn volunteer member of the San Mateo County Sheriff's Office communications unit and is a Red Cross preparedness instructor.