Professional Documents
Culture Documents
Vulnerability Assessment Programme Agenda
Vulnerability Assessment Programme Agenda
7 November | Singapore
Vulnerability Assessment
Programme Agenda
DISCUSSION TOPIC 1
Conducting Vulnerability Assessments
> Vulnerability Assessments and Pen Tests
> Incident Response and Breach Readiness
> Performing Cyber Risk Assessments
DISCUSSION TOPIC 2
Examining Threats & Attack Scenarios
> IoT Malware
> DDoS Attacks
> Ransomware Threats
DISCUSSION TOPIC 3
Creating & Managing a Credible Cyber Security Programme
> Implementing a Cyber Security Framework
> Developing Cyber Security Policy
> The Critical Seven Steps for Cyber Security
DISCUSSION TOPIC 4
Incident Response, Mitigation & Recovery
> Disaster Recovery
> Business Continuity Planning (BCP)
> Crisis Management
DISCUSSION TOPIC 1
Conducting Vulnerability Assessments
Vulnerability Assessments & Pen Tests
> How has your organisation been compromised that you know of (internally or externally)?
> How frequently does your organisation formally assess firewall systems?
> Which specific security technologies/controls has your organisation deployed to monitor unauthorised
traffic patterns (e.g., attack signatures)?
> Does your organisation have dedicated connections to other organisations’ networks
(vendors, business partners)?
> Identify the number of mission-critical applications in your organisation.
> What is the frequency with which your organisation performs Web/application pen test exercises?
> What do you consider to be a significant area of cyber risk within the organisation?
DISCUSSION TOPIC 2
Examining Threats & Attack Scenarios
IoT Malware
> How has your organisation established a comprehensive inventory of IoT devices/systems?
> How have you identified the various types of IoT devices on your infrastructure?
> What risks do you see IoT devices introducing in your business environment?
> How are you assessing the security risks associated with IoT devices?
> How is your organisation managing the risks associated with IoT devices?
> What malware has your organisation discovered on IoT devices and what has that impact been?
> What is your organisation’s specific policy on IoT security?
DDoS Attacks
> When has your organisation formally conducted a business impact analysis? Describe the frequency
and key decisions/facts based on the exercise.
> What are the business risks if your organisation experiences a DDoS attack?
> What percentage of your mission-critical assets are in your data centre? In the cloud? How vulnerable
are these assets to a DDoS attack?
> What security controls has your organisation implemented to actively monitor vital systems and applications?
> What is your organisation’s experience with a DDoS attack?
Ransomware Threats
> How often does your organisation perform social engineering exercises, such as a phishing attack?
> Has your organisation experienced a ransomware attack? What was the impact to your team and business?
> What is the policy of the organisation if there were a ransomware attack?
> How credible is your organisation’s capabilities to recover data compromised during a ransomware attack?
Describe process and time to recover/rebuild systems/applications.
> What capabilities has your organisation implemented to safeguard against malicious software?
> What are the first few steps that your organisation will immediately perform if there is a ransomware attack?
DISCUSSION TOPIC 3
Creating & Managing a Credible Cyber Security
Programme
Implementing a Cyber Security Framework
> What do you think about your organisation formally adopting a cyber security framework?
> Identify seven key security tools/products that your organisation has deployed.
> Describe key cyber security priorities for your organisation in 2017? 2018?
> How credible is your organisation’s posture with patch management? Describe.
> How credible is your organisation’s posture with configuration management? Describe.
> How actively is your organisation monitoring critical systems and applications?
> Which specific security tools has your organisation implemented to manage critical systems and applications?
DISCUSSION TOPIC 4
Incident Response, Mitigation & Recovery
Disaster Recovery
> What is your process to update your IT Disaster Recovery (DR) Plan on a regular basis?
> How much data are at risk if there is a disruptive event?
> What type of your organisation’s data are of the most value to your organisation? Why?
> How frequently and who is responsible for updating the DR Plan?
> How does your organisation’s DR Plan accurately identify vendors/suppliers that would provide equipment/services
during the recovery phase?
> Where do you keep your DR Plan so it is readily accessible throughout the organisation?
Crisis Management
> What is your organisation’s crisis management plan and how clearly defined do you believe it is?
> How have you determined your “worst case scenario(s)” of events that could disrupt business operations,
finance, and other critical priorities?
> How long will it take to enact your plan, from the moment a crisis takes place?
> What are your organisation’s assignments of crisis management duties and decisions to a specific individual
or group of individuals? How was this determined?
> What specific training have your crisis management team members received to perform critical tasks?
> Who were your key work partners in developing a comprehensive, detailed crisis communications plan?
When was the most recent time this was reviewed and tested?