際際滷

際際滷Share a Scribd company logo

Unconventional Risks Presented by Synergy Assoc

Download as PPT, PDF
Sujit Ghosh
Sujit Ghosh

www.scqaa.net hosted a webinar on August 18, 2010 and Eli Dabich, Co-founder of Synergy Associated spoke at the event

Convert to study guideBETA

Transform any presentation into a summarized study guide, highlighting the most important points and key insights.

1 of 30
Download to read offline
Welcome to SCQAA Webinar- Unconventional Risks! Presented by Eli Dabich August 18, 2010
SCQAA-SF ( www.scqaa.net ) chapter sponsors sharing of information to promote and encourage quality improvement in information technology practices and principles through networking, training and professional development. Networking: We meet once in every other month in San Fernando Valley. Check us out on LinkedIn (SCQAA-SF) Contact Sujit at [email_address] or call 818-878-0834 About SCQAA-SF- A Not-for Profit Organization 08/22/10
Presenter : Steve Bender, President of The Quality Connection, Former Senior Examiner for New York State's Excelsior Award and veteran in Quality Assurance Topic : Addressing the Top Ten Testing Challenges Venue : Bank of America Bldg 2 at: 29851 Agoura Rd. Agoura Hills,CA91302 Future Events- 23 rd September 2010 08/22/10
Membership Benefits: Excellent speaker presentations on advancements in technology and methodology Networking opportunities PDU, CSTE and CSQA credits Regular meetings are free for members and include dinner 08/22/10
Membership Policy Recently revised our membership dues policy to better accommodate member needs and current economic conditions. Annual membership is $50, or $35 for those who are in between jobs. Please check your renewal with Cheryl Leoni- [email_address] . If you have recently joined or renewed, please check before renewing again 08/22/10
Unconventional Risks!
Synergy Associates Synergy Associates was formed in 1995 as a partnership of former senior executives with extensive expertise and success in developing and implementing risk reduction and innovative organizational development programs. Our Business Continuity practice helps clients develop plans to mitigate potential risks whether human beings, nature, or technology are the cause of a business disruption. We are unique in having hands-on business recovery experience after earthquakes and hurricanes. Business Continuity/Resiliency engagements have included: GAP Analysis, development of enterprise-wide plans, employee awareness, recovery team training, testing and maintenance Our leadership and human resources practices include individual business and leadership coaching, organizational development, culture initiatives, team and leadership development, talent and performance management systems. Clients include: start-ups, public and privately owned, and members of the Fortune 500. The industries we serve include: financial services, Internet, medical, entertainment, retail, agriculture, utilities, legal, manufacturing and many others. We pride ourselves on helping clients reduce risk while preparing for future growth.
Purpose of Presentation Background of risks What are these risks How to identify the risks How to prepare for the risks How do these threats fit in with Risk Management and Business Continuity Question and Answers
Purpose of Presentation World largely uneducated for unconventional risks Only thing we have to fear is fear itself FDR, 1937 Knowledge about risks will result in less panic and casualties if an attack occurs Protect your organization and employees Plan for risks through organizational Risk and Vulnerability assessment and Business Continuity Planning
Plan Complacency In his suit, Papantonio asserts that filings BP made from 2000 to 2009 with the Interior Dept.s Minerals Management Service misrepresented the companys preparations for a potential deepwater disaster and dishonestly minimized risks. One BP document, an Initial Exploration Plan submitted to MMS in February 2009, claimed that the company had the capability to respond, to the maximum extent practicable, to a worst-case discharge or a substantial threat of a discharge, the suit states.
Background of Threats Recent National Intelligence Estimate report Terrorist threats to U. S. Homeland In 2007 prior Head of National Intelligence said al Qaeda is determined to attack the USA with either nuclear, biological or chemical weapons. al Qaeda is determined to launch a mass casualty spectacular event on U. S. soil. 2008 SAGA survey indicates nuclear terrorism is Americas top fear 74% 2008 report that U.S. Military is not prepared for catastrophic attack
Background of Threats Domestic terrorism threat is increasing Ricin in Las Vegas Hotel Room: 2008 Radiological Threat in NYC: 2007 DC Metro Shut Down: 20007 According to IAEA 15 known instances of illegal trafficking of enriched uranium or plutonium between 1993 and 2006 10 not recovered Chemical Weapons WWI
Background of Threats Government/Non Government Interventions Extended Terrorism Reinsurance Backup Consolidation of Federal Agency Bio-surveillance Data Base 2007 law calling for voluntary certification programs for corporate readiness ERM Risk Rating for non-financial companies
Nuclear Bombs Threat Initiated by conventional explosives Need to achieve critical mass Uncontrolled chain reaction occurs Symptoms Intense heat, light, shock wave Radiation alpha, beta and gamma Emergency Preparation/Response Bunker/safe room/physical shield Location and distance from target is key Cover nose, mouth and eyes
Dirty Bombs (RDDs) - Radiological Threat Not a nuclear bomb weapon of mass disruption Explosive wrapped in radioactive material, therefore, radiation material dispersed over immediate area Type of radiation alpha, beta and gamma Over 21,000 organizations in U. S. licensed to use radioactive material
Dirty Bombs (RDDs) - Radiological Symptoms Explosion panic Some radioactivity Emergency Preparation/Response Turn off __________? Use mask to cover nose and mouth, dont touch material, use gloves Move upwind, go inside, bag clothes and shower
Chemical Threats Key Definitions Not true gases but aerosolized solids or liquids Volatility ability to evaporate Persistence ability to stay Six Types of Chemical Threats Blister Mustard gas Nerve Sarin Choking Chlorine, Phosgene Blood Hydrogen cyanide Incapacitating/Behavior altering QNB Riot Control Tear Gas
Chemical Threats Preparation Special clothing needed, upwind Protect skin, mask Symptoms Dead animals/birds Lack of insect life Physical symptoms Unexplained odors Geographical illness
Biological Threat Agents Threat Easy to acquire, synthesize and use No reliable and immediate detection system exist Covert application Flu/Spanish Flu in 1918, 50 million died Type-Bacterial/Viral Anthrax Plague Cholera Smallpox Ricin Dissemination of biowarfare agents
Biological Threat Agents Preparation/Response Mask Upwind, cover skin Turn off HVAC Seal windows and doors Shower thoroughly Vaccinate Symptoms Dead animals/birds/fish Lack of insect life Physical Symptoms Low lying clouds Unexplained odors Patterns of mass casualties, geographical
GLOBAL WARMING More CO2 in air makes oceans more acidic 4 meter rise in oceans in 300 years Worse draughts versus worse floods Water availability Food growth Cut GDP by 5 20% Greater risk than terrorism Health issues Insurance implications
CLOUD COMPUTING Treasury shut down 4 sites Gartner Research says 60% of virtual servers less secure Who owns them and what security Lack of visibility and controls Theft of data and identity theft
CYBER WAR/SECURITY Unintended consequences of shutting down Saudi Arabia site 300 servers impacted Guidelines remain elusive 75,000 computer systems at 2,500 companies have been hacked by Eastern Europe How can we be at cyber war if we dont know what it is Social media opens new doors to cyber attacks 1/3 of government agencies have experienced cyber attacks Encrypt data and educate staff
DRONES 40 countries have capability Two thirds of world side investment non US Insurgents tapped into UAV video - $30 software Farmers already use drones for crop dusting Civilian built a version of military drones for $1,000 Hardware from China and software from India
GANGS Approximately 24,500 gangs in U.S. with over 1,000,000 members Low income, learning disabilities, emotional disorders, school failure Growing problem and could impact employees
Strategies to Survive a Mass Casualty Threat Perform a risk and vulnerability assessment At a minimum, develop a Business Continuity Plan and Disaster Recovery Plan Plan for the worst, easy to scale recovery for lesser disaster Train for reality Communicate plans in simple terms Educate, Educate, Educate!
Risk and Vulnerability Assessment Quantitative BIA Financial Operational Prioritization Downtime estimate Resource requirement Regulators Insurance Qualitative Loss of: Competitive advantage Public support Employees
Business Continuity Plan Should Include at a Minimum Scenarios and alert levels Provisions for employees and their families safety Identify Key Business Processes with ranking Recovery Time Objectives rank of Key Business Processes by RTO Alternative work sites who goes where and what processes go Emergency Communication Plans for different scenarios
Next Steps Risk and Vulnerability assessment Review your organizations Business Continuity Plan, capabilities versus recovery requirements Identify gaps in requirements versus capability Update plans Train employees Test plans
Contact Information East: Eli Dabich, Jr. [email_address] Office: 410 643 5563 Cell: 410 725 9238 West: Jeanette T Smith [email_address] 818 261 6658

More Related Content

Unconventional Risks Presented by Synergy Assoc

  • 1. Welcome to SCQAA Webinar- Unconventional Risks! Presented by Eli Dabich August 18, 2010
  • 2. SCQAA-SF ( www.scqaa.net ) chapter sponsors sharing of information to promote and encourage quality improvement in information technology practices and principles through networking, training and professional development. Networking: We meet once in every other month in San Fernando Valley. Check us out on LinkedIn (SCQAA-SF) Contact Sujit at [email_address] or call 818-878-0834 About SCQAA-SF- A Not-for Profit Organization 08/22/10
  • 3. Presenter : Steve Bender, President of The Quality Connection, Former Senior Examiner for New York State's Excelsior Award and veteran in Quality Assurance Topic : Addressing the Top Ten Testing Challenges Venue : Bank of America Bldg 2 at: 29851 Agoura Rd. Agoura Hills,CA91302 Future Events- 23 rd September 2010 08/22/10
  • 4. Membership Benefits: Excellent speaker presentations on advancements in technology and methodology Networking opportunities PDU, CSTE and CSQA credits Regular meetings are free for members and include dinner 08/22/10
  • 5. Membership Policy Recently revised our membership dues policy to better accommodate member needs and current economic conditions. Annual membership is $50, or $35 for those who are in between jobs. Please check your renewal with Cheryl Leoni- [email_address] . If you have recently joined or renewed, please check before renewing again 08/22/10
  • 7. Synergy Associates Synergy Associates was formed in 1995 as a partnership of former senior executives with extensive expertise and success in developing and implementing risk reduction and innovative organizational development programs. Our Business Continuity practice helps clients develop plans to mitigate potential risks whether human beings, nature, or technology are the cause of a business disruption. We are unique in having hands-on business recovery experience after earthquakes and hurricanes. Business Continuity/Resiliency engagements have included: GAP Analysis, development of enterprise-wide plans, employee awareness, recovery team training, testing and maintenance Our leadership and human resources practices include individual business and leadership coaching, organizational development, culture initiatives, team and leadership development, talent and performance management systems. Clients include: start-ups, public and privately owned, and members of the Fortune 500. The industries we serve include: financial services, Internet, medical, entertainment, retail, agriculture, utilities, legal, manufacturing and many others. We pride ourselves on helping clients reduce risk while preparing for future growth.
  • 8. Purpose of Presentation Background of risks What are these risks How to identify the risks How to prepare for the risks How do these threats fit in with Risk Management and Business Continuity Question and Answers
  • 9. Purpose of Presentation World largely uneducated for unconventional risks Only thing we have to fear is fear itself FDR, 1937 Knowledge about risks will result in less panic and casualties if an attack occurs Protect your organization and employees Plan for risks through organizational Risk and Vulnerability assessment and Business Continuity Planning
  • 10. Plan Complacency In his suit, Papantonio asserts that filings BP made from 2000 to 2009 with the Interior Dept.s Minerals Management Service misrepresented the companys preparations for a potential deepwater disaster and dishonestly minimized risks. One BP document, an Initial Exploration Plan submitted to MMS in February 2009, claimed that the company had the capability to respond, to the maximum extent practicable, to a worst-case discharge or a substantial threat of a discharge, the suit states.
  • 11. Background of Threats Recent National Intelligence Estimate report Terrorist threats to U. S. Homeland In 2007 prior Head of National Intelligence said al Qaeda is determined to attack the USA with either nuclear, biological or chemical weapons. al Qaeda is determined to launch a mass casualty spectacular event on U. S. soil. 2008 SAGA survey indicates nuclear terrorism is Americas top fear 74% 2008 report that U.S. Military is not prepared for catastrophic attack
  • 12. Background of Threats Domestic terrorism threat is increasing Ricin in Las Vegas Hotel Room: 2008 Radiological Threat in NYC: 2007 DC Metro Shut Down: 20007 According to IAEA 15 known instances of illegal trafficking of enriched uranium or plutonium between 1993 and 2006 10 not recovered Chemical Weapons WWI
  • 13. Background of Threats Government/Non Government Interventions Extended Terrorism Reinsurance Backup Consolidation of Federal Agency Bio-surveillance Data Base 2007 law calling for voluntary certification programs for corporate readiness ERM Risk Rating for non-financial companies
  • 14. Nuclear Bombs Threat Initiated by conventional explosives Need to achieve critical mass Uncontrolled chain reaction occurs Symptoms Intense heat, light, shock wave Radiation alpha, beta and gamma Emergency Preparation/Response Bunker/safe room/physical shield Location and distance from target is key Cover nose, mouth and eyes
  • 15. Dirty Bombs (RDDs) - Radiological Threat Not a nuclear bomb weapon of mass disruption Explosive wrapped in radioactive material, therefore, radiation material dispersed over immediate area Type of radiation alpha, beta and gamma Over 21,000 organizations in U. S. licensed to use radioactive material
  • 16. Dirty Bombs (RDDs) - Radiological Symptoms Explosion panic Some radioactivity Emergency Preparation/Response Turn off __________? Use mask to cover nose and mouth, dont touch material, use gloves Move upwind, go inside, bag clothes and shower
  • 17. Chemical Threats Key Definitions Not true gases but aerosolized solids or liquids Volatility ability to evaporate Persistence ability to stay Six Types of Chemical Threats Blister Mustard gas Nerve Sarin Choking Chlorine, Phosgene Blood Hydrogen cyanide Incapacitating/Behavior altering QNB Riot Control Tear Gas
  • 18. Chemical Threats Preparation Special clothing needed, upwind Protect skin, mask Symptoms Dead animals/birds Lack of insect life Physical symptoms Unexplained odors Geographical illness
  • 19. Biological Threat Agents Threat Easy to acquire, synthesize and use No reliable and immediate detection system exist Covert application Flu/Spanish Flu in 1918, 50 million died Type-Bacterial/Viral Anthrax Plague Cholera Smallpox Ricin Dissemination of biowarfare agents
  • 20. Biological Threat Agents Preparation/Response Mask Upwind, cover skin Turn off HVAC Seal windows and doors Shower thoroughly Vaccinate Symptoms Dead animals/birds/fish Lack of insect life Physical Symptoms Low lying clouds Unexplained odors Patterns of mass casualties, geographical
  • 21. GLOBAL WARMING More CO2 in air makes oceans more acidic 4 meter rise in oceans in 300 years Worse draughts versus worse floods Water availability Food growth Cut GDP by 5 20% Greater risk than terrorism Health issues Insurance implications
  • 22. CLOUD COMPUTING Treasury shut down 4 sites Gartner Research says 60% of virtual servers less secure Who owns them and what security Lack of visibility and controls Theft of data and identity theft
  • 23. CYBER WAR/SECURITY Unintended consequences of shutting down Saudi Arabia site 300 servers impacted Guidelines remain elusive 75,000 computer systems at 2,500 companies have been hacked by Eastern Europe How can we be at cyber war if we dont know what it is Social media opens new doors to cyber attacks 1/3 of government agencies have experienced cyber attacks Encrypt data and educate staff
  • 24. DRONES 40 countries have capability Two thirds of world side investment non US Insurgents tapped into UAV video - $30 software Farmers already use drones for crop dusting Civilian built a version of military drones for $1,000 Hardware from China and software from India
  • 25. GANGS Approximately 24,500 gangs in U.S. with over 1,000,000 members Low income, learning disabilities, emotional disorders, school failure Growing problem and could impact employees
  • 26. Strategies to Survive a Mass Casualty Threat Perform a risk and vulnerability assessment At a minimum, develop a Business Continuity Plan and Disaster Recovery Plan Plan for the worst, easy to scale recovery for lesser disaster Train for reality Communicate plans in simple terms Educate, Educate, Educate!
  • 27. Risk and Vulnerability Assessment Quantitative BIA Financial Operational Prioritization Downtime estimate Resource requirement Regulators Insurance Qualitative Loss of: Competitive advantage Public support Employees
  • 28. Business Continuity Plan Should Include at a Minimum Scenarios and alert levels Provisions for employees and their families safety Identify Key Business Processes with ranking Recovery Time Objectives rank of Key Business Processes by RTO Alternative work sites who goes where and what processes go Emergency Communication Plans for different scenarios
  • 29. Next Steps Risk and Vulnerability assessment Review your organizations Business Continuity Plan, capabilities versus recovery requirements Identify gaps in requirements versus capability Update plans Train employees Test plans
  • 30. Contact Information East: Eli Dabich, Jr. [email_address] Office: 410 643 5563 Cell: 410 725 9238 West: Jeanette T Smith [email_address] 818 261 6658