Cybersecurity: Minimizing Your Risk

Cybersecurity incidents typically only involve less than 50,000 people. True or false?

True
False

What are the potential costs and effects of a cybersecurity incident? (Select all that apply)

Identity theft costs
Increased insurance premiums
Contractual liability to vendors and partners
Loss of value for corporate sale of company
Litigation and government investigation costs

Which of the following are entities that you may contact during incident response (select all that apply)?

Law enforcement
Public relations / communications firm
Insurance
Social media

How quickly do potential notification obligations begin to regulators and/or individuals?

24 hours
72 hours
30 days
60 days

What information does your legal team need to know to assess obligations to notify potentially impacted individuals and/or regulators (select all that apply)?

What data types are implicated
When the incident began
Who the potentially impacted people are
Where the potentially impacted people are from
How much money was potentially stolen

All breaches are cybersecurity incidents, but not all cybersecurity incidents are breaches – true or false?

True
False

What is the average time to identify a data breach?

17 days
69 days
197 days
321 days

What regulatory benefit is achieved by aligning information security to cybersecurity frameworks?

Reduced insurance premiums from maturing cybersecurity program
Reduced liability (from safe harbors) for alignment to industry best practices
Reduced time to certify for federal government business
Improved capability to store sensitive data

Why should incident communications be managed?

Preserve integrity of an active investigation
Ensures communications are reviewed for risk
Ensures terminology used is accurate
All of the above

A cross-functional response team should consist of (select all that apply)

Information Technology/Security
Finance
Legal
Law Enforcement
Marketing
Communications
Human Resources (HR)
Insurance

Which item is not part of an incident response ‘break glass’ plan?

Call list
Communication plan
Media plan
Post-incident analysis plan
Engagement matrix

What is a cybersecurity incident?

An identified occurrence of a system, service, or network state, or a previously unknown situation that may be relevant.
A single, or a series of, unwanted or unexpected information security events that is threatening information security.
A cybersecurity event that gives rise to a significant probability of compromising business operations.

Nation-state actors often will target smaller organizations, which best explains why?

To re-target customers in their portfolio
Less cybersecurity detection and response capabilities
Trusted supply chain injection launch point
All of the above.

Which is the most effective mechanism to mitigate credential compromise?

Email Security Controls
Multi-Factor Authentication
Anti-Virus
Security Awareness Training

A malicious incident is the only thing that can give rise to a cybersecurity breach, true or false?

True
False

If a user doesn’t visit suspicious sites, has a strong anti-virus, and doesn’t open suspicious email attachments – then they aren’t going to have their machine compromised, true or false?

True
False

Which of the following is an offensive attack framework?

Raytheon Cybersecurity Attack Protocol
Booz Allen Attack Fabric
Lockheed Martin Cyber Kill Chain
BAE Cyber Attack Plan

What is the most common attack/threat vector for malicious actors?

Malware/Virus
Ransomware
Rootkit
Social Engineering/Phishing

Which is not a motive for external threat actors?

Financial
Evasion
Disruption
Surveillance

Which is an actual step in the NIST incident response framework?

Preparation
Governance
Mitigation
Evaluation

Cybersecurity frameworks integrate industry standards and best practices, what best describes why?

Enables organization to better manage vulnerabilities both internally and externally facing
Enhances an organization’s response capabilities in the event of a cybersecurity incident, while providing greater accountability for security
Provides a common criteria to allow for assessment, and understanding, of an organization’s cybersecurity risks
Provides a frame of reference for mitigating supply chain and insider threats

Which is not a Cybersecurity framework type?

Program Based
Governance Based
Control Based
Risk Based

Which is not a type of risk mitigation strategy?

Acceptance
Avoidance
Transfer
Enablement
Mitigation

Which question does not address 3rd Party Risk Management?

What data am I sharing with vendors and partners?
What products/systems am I putting into my environment?
How critical are processes that depend upon products/systems I am putting into my environment?
What permissions do users have in my environment?

What is the purpose of commander’s intent during the course of an incident?

Provides a guideline for who is in charge and how to communicate during the course of an incident and recovery activity.
Provides guidance on cross functional strategy for engagement with executives and insurance partners.
Provides clear strategic guidance about restoration and recovery from an incident to all employees in the event that communications are disrupted.
Provides definition around the nature of the incident and financial impact, direct and indirect, to executives and board members.

Quiz Summary

Information

Results

Results

Categories

1. Question

2. Question

3. Question

4. Question

5. Question

6. Question

7. Question

8. Question

9. Question

10. Question

11. Question

12. Question

13. Question

14. Question

15. Question

16. Question

17. Question

18. Question

19. Question

20. Question

21. Question

22. Question

23. Question

24. Question

25. Question

Why Join TMA

Logo Rotator TBD

About

Membership

Education

Events

Programs

Resources

Average score
Your score