North Carolina Electric Infrastructure Shootings & Implications for the Financial Sector & Other Businesses
The GRF Business Resilience Council invites you to join a briefing with Glen Kessler, CSIRA Security Director at Wells Fargo. Glen will provide historical insight into the recent shootings of electric infrastructure in North Carolina and other locations. His presentation will include details of that attack and other similar acts, as well as vulnerabilities and implications for the financial sector and other businesses and sectors.
The call will also provide a high level cybersecurity and geopolitical update as time permits.
*This call is TLP WHITE
Accidental Resiliency & Other Updates
The GRF Business Resilience Council invites you to join a briefing with Art Ocain, VP of Cybersecurity & Incident Response at Airiam. Art will speak on the topic of “accidental resiliency” and how businesses of all sizes have evolved out of necessity. Art will discuss how companies which have faced threats have often aligned themselves with cyber resilience frameworks, used cyber resilience techniques and addressed cyber resilience design objectives without knowing frameworks even existed. Handling cyber incident after cyber incident, learning to reactively follow good incident response processes, it is natural for defenders to want to shift the process “left of boom” and develop more proactive cyber resilience.
The call will also feature a discussion by GRF analysts on geopolitical and cyber threats relevant to business resilience, and an upcoming exercise with IBM Promontory on supply chain threats.
*This call is TLP WHITE
Operational Resilience Framework – Version 1.0
View for information on the release of version 1.0 of the Operational Resilience Framework (ORF). A culmination of 18 months, hundreds of meetings, and your valuable feedback. Agenda:
ORF Update
Discussion on Implementation – open discussion with task force members regarding the operational resilience challenges
ORF Next Steps
‘22/’23 European Energy Threats and Third-Party Risk Trends
The GRF Business Resilience Council invites you to join a briefing by EnergiCert’s Director Soren Maigaard to hear about European energy supply, demand, markets and resilience, and expected impacts on businesses.
The call will also feature a discussion by OneTrust’s Matthew Moog on third party risk including trends, risk appetite and the use of risk data.
Additionally, there will be an announcement regarding the BRC exercise program and updates on the Third-Party Security Connection program.
*This call is TLP WHITE
Lastly, you are invited to join us October 27-28 for our annual summit on Security & Third Party Risk featuring 42 speakers in 26 sessions at the Gaylord National Resort outside Washington DC. Visit the Summit webpage, and use discount code “BRC20” to register - and book a room soon as the hotel room block closes October 5. After October 5 rates go up and availability is no longer assured. You can find the full agenda including the speakers and session abstracts at the above linked webpage.
2022 Atlantic Hurricane Season Forecast + Physical & Geopolitical Security Updates
GRF’s Business Resilience Council invites you to a briefing on the 2022 hurricane season by meteorologist Phil Klotzbach of Colorado State University.
Dr. Klotzbach will provide an update on changes to the CSU hurricane forecast originally provided to the BRC’s Northeast Regional Group earlier this year.
Additionally, GRF BRC analysts and representatives from Flashpoint will cover the latest geopolitical and physical security alerts relevant to members.
There will be Q&A at the end of the session.
*This call is TLP WHITE
Grid Resilience vs. Climate Change
The GRF’s Business Resilience Council invites you to join a briefing with Andy Bochman, Senior Grid Strategist for National & Homeland Security at Idaho National Labs. Andy will speak on climate change, the threats it brings and the likely impact to the grid and businesses.
The meeting will also include a geopolitical and cybersecurity update.
There will be Q&A at the end of the session.
*This call is TLP WHITE
Critical Infrastructure at a Critical Juncture
The Cybersecurity & Infrastructure Security Agency (CISA) has recently issued alerts on cyber-attacks targeting critical infrastructure organizations. Targeted by cyber terrorists and foreign governments, it is easier, significantly less costly, and perhaps more damaging to disable the grid, water facilities, transportation etc., than to launch a full scale war. And the entry point for most of these attacks begins at authentication. In this session, we examine current methods of attack as well as how to protect against them. We will dive into:
The benefits and drawbacks of two-factor, multi-factor, and passwordless multi-factor authentication
Best practices when securing critical infrastructure from unauthorized authentication and access, reflecting on real case studies pulled from headlines
Tips on how to meet CISA’s recent guidance
Violent Extremism & Protests Disrupting Business
The GRF’s Business Resilience Council invites you to join an update briefing by Foresight Reports Chief Analyst Harris Stephenson. Harris will speak on activities and threats from violent extremists and politically motivated activists which may disrupt businesses.
The meeting will also include a summary and analysis on the US Department of Homeland Security’s most recent National Terrorism Advisory System (NTAS) Bulletin dated June 7, 2022.
There will be Q&A at the end of the session.
*This call is TLP WHITE
2022 NOAA Hurricane Forecast
Join the Business Resilience Council's Northeast Regional Group for a webinar presentation from NOAA meteorologist Matthew Rosencrans. Matthew will share NOAA’s expectations for the hurricane season so that members can take precautionary steps and make business continuity plans accordingly.
There will be Q&A at the end of the session.
*This call is TLP WHITE
Geopolitical Shift: Conti Ransomware Group's Threat to Operational Resilience
This month’s Business Resilience Council call will review the convergence of ransomware operations with political motivations. The discussion will feature a case study on Conti ransomware and how the war in Ukraine is influencing its targeting. Also covered will be the evolution of groups to accommodate “host” governments.
There will be Q&A at the end of the session.
*This call is TLP WHITE
Russian Threats to Communications Infrastructure & the Ukraine Invasion’s Impact on Financial Institutions
Presenters will include Chris Anderson, Principal Advisor for National Security and Emergency Preparedness at Lumen Technologies. Additionally, GRF Chairman Bill Nelson will discuss the impact and response to Russian attacks against financial institutions during the Ukraine invasion.
How to simplify your security landscape and reduce risk
IT environments must continually evolve to keep up with the business. However, many organizations have found themselves with disparate and redundant applications and services. As well as being expensive, this exposes organizations to increasing technical debt, staffing shortages, and greater security risks. Takeaways from this webinar:
Ways to approach simplifying your cybersecurity architecture
How to develop a security-optimization business case
The right balance of standardization and flexibility while improving your security posture
How to estimate costs and make decisions
Extremist Activity in the U.S. & Cyber/Geopolitical Impact Update on Ukraine
The GRF’s Business Resilience Council invites you to attend a presentation on extremist activity in the U.S. with additional updates on the Russian invasion of Ukraine, including geopolitical impacts and cyberactivity analysis.
Presenters, including Flashpoint, will cover resilience concerns and mitigation strategies to address these issues. There will be Q&A at the end of the session.
*This call is TLP WHITE
Manufacturing ISAC Virtual Roundtable: Business Impacts from the Ukraine Crisis
Join a group of security practitioners for a panel discussion on the business risks and security implications to U.S. manufacturing caused by Russia’s invasion of Ukraine.
Discussion will include:
- A brief on the invasion
- Potential for disruption of US and EU ICS critical infrastructure
- How to protect your organization from Russian retaliation
- Supply chain, geopolitical and business resilience risk management
Register to Watch the Event
Special Briefing: Hardening Your Environment Against Destructive Russian Cyber Activity
This webinar is hosted by GRF’s Business Resilience Council and will feature speakers from Mandiant presenting a recently released report on how a company can protect itself against potential cyberattacks in the face of Russian tensions with the West.
Register to Watch the Event
Omicron and Geopolitical Updates
Join the Business Resilience Council for a webinar session featuring updates on the COVID-19 Omicron variant and other geopolitical threats to business operations.