Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Management
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: BCP for Avian Flu Pandemic

from [Ryan Chow] Network Security [Permanent Link]
Subject: Re: BCP for Avian Flu Pandemic
Date: Wed, 11 Jan 2006 22:21:15 +1100 
Hi All,

Brad, interestingly you are the second person to have mentioned preparing
for a possible bird flu pandemic that I've come across in recent months.

The advice we gave to our client was to contact the Department of Health and
see what their advice was on preparations however we left it largely to the
client to determine their risk profile and response.

My thoughts are that -

You'll going to have to plan for the worse case scenario which is I think
that a total epidemic is declared by the government and all travel is
restricted to prevent the spread of the virus.

In which case as Lee mentioned that is where Remote Access solutions come
into play.  However I'm thinking that the last thing sick people will be
doing is actually working :)  which means that it will be only the
healthy/able persons who will be working in the quarantine conditions
imposed.  If such a condition were to occur it is feasible to assume that
the Internet would be affected as well through the load of people attempting
to gain access to information and the lack of maintainance during the
quarantine period.  This could adversely impact on remote access to
corporate resources.

Anyone have any other thoughts?

Ryan.




On 11/01/06, Brad Bemis <bradleyb@bradleyb.net> wrote:


Some good points - thanks Fernando.

I am pretty new to the company (since December) and it's a new
spin-off entity (formed over the past year).  So we are really
starting out from scratch on this.  The team we have assembled
involves a strong HR presence and a few folks from various risk
management functions...  I think we have a good start (I haven't seen
any suggestions posted here that we hadn't already considered), but
its always worth checking around to see what others have done.  Our
primary focus right now is on identifying the critical functions that
still need to be staffed in the event of an outbreak and then
identifying our options from there.

-Brad Bemis, CISSP, CISA


-----Original Message-----
From: Fernando Martins [mailto:fernando.martins@iol.pt]
Sent: Tuesday, January 10, 2006 11:53 AM
To: Brad Bemis; security-management@securityfocus.com
Subject: Re: BCP for Avian Flu Pandemic

The emergency management planning for this pandemic is being
considered more in the physical security perspective, in the
departments that take care of safety&security. If your security
management integrate all this security aspects, my congratulations.
I'm having contact with BCP's that are considering this pandemic in
corporations with many people working in places outside their
facilities, where there are huge chances to get the flu. As an example
it can be a big pharma industry, because they have a huge sales force
that spend most of their time in clinics, hospitals, etc ... where the
avian flu will be if the pandemic arrives at some country/state/place.
In a IT perspective, this sales force can be based in laptop remote
users, where you can get for example many users for several time
without communication with your servers, and without sending some or a
lot of key information to you business, and in the pharma industry
case. In the same context, other issue, regarding security, can be a
huge number of laptops without being updated in their OS and Office
applications, and the recovery plan must consider that.

Try to get in contact with CIO's and CSO's from the pharma industry
... it's a good hint!

FM

-----Original Message-----
From: Brad Bemis [mailto:bradleyb@bradleyb.net]
Sent: Tuesday, January 10, 2006 8:49 AM
To: security-management@securityfocus.com; CISSP_PNW@yahoogroups.com
Subject: BCP for Avian Flu Pandemic


A little off the main topic, but still relevant to information
security management from a BCP perspective.

I am looking for points of contact to touch base with on emergency
management planning for the potential avian flu pandemic (or any large
infectious disease outbreak).  We have come across a requirement in
New York to demonstrate the presence of a contingency plan...

Anyone else addressing this same issue?

Thanks,
Brad Bemis


--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.371 / Virus Database: 267.14.13/221 - Release Date:
04-01-2006
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: RE: How to organize a lot of policies?, nickpuetz
Next by Date:  Re: How to organize a lot of policies?, Packet Man
Previous by Thread:  RE: BCP for Avian Flu Pandemic, Brad Bemis
Next by Thread:  RE: BCP for Avian Flu Pandemic, Jon Lodge
Indexes:  [Date] [Thread] [Top] [All Lists]