Mitigation Strategies Steve Elliot President CEO Elliot Consulting
- Slides: 17
Mitigation Strategies Steve Elliot President & CEO Elliot Consulting, LLC © 2018 Elliot Consulting, LLC. All Rights Reserved
Warren Buffett © 2018 Elliot Consulting, LLC. All Rights Reserved
Threats & Hazards • Threat - A man-made or natural situation or condition that can cause disruption to an organization’s operations or services • Hazard - A dangerous phenomenon, substance, human activity or condition that may cause loss of life, injury or other health impacts, property damage, loss of livelihoods and services © 2018 Elliot Consulting, LLC. All Rights Reserved
Vulnerabilities & Risk • Vulnerability - Degree to which an organization is exposed to the actions or effects of a risk, event or other occurrence • Risk - A possible event that could cause harm or loss, or affect the ability to achieve objectives. Risk is measured by the probability of a threat, the vulnerability of the asset to that threat, and the impact it would have if it occurred. • Risk score = Probability (Likelihood) x Impact © 2018 Elliot Consulting, LLC. All Rights Reserved
Hazards & Vulnerabilities - Causes Natural Earthquakes Tornado/Wind Hurricanes Floods Volcanoes Rain/Snow/Ice Storms Wildfires Political Human Technological Strikes Workplace Violence Software Outage Riots Sexual Harassment Data Loss/Corrupt Civil Disorder Fraud/Embezzlement Hardware Outage Bomb Threat Terrorism HVAC Biological Threat Sabotage Network Outage Nuclear Threat Machinery Failure Acts of War Power Outage Security Privacy Viruses/Ransomware Data Theft Denial of Service Attacks Counterfeiters Accidents Human Error Fire/Explosion Water Damage Building Collapse Environmental Loss Of: Executives Key Staff Subject Matter Expert © 2018 Elliot Consulting, LLC. All Rights Reserved Emerging Threats Pandemics Drought PR Incidents Product Liability Cloud Computing Cyber Security
Potential Effects Loss of • the Physical Facilities Loss of • the Information and Systems Loss of • the Critical Business Operations Loss of • the People Challenge and Confirm your Assumptions © 2018 Elliot Consulting, LLC. All Rights Reserved
What Should We Do? © 2018 Elliot Consulting, LLC. All Rights Reserved
2 Approaches to Address Risks Continuity Planning Disaster Recovery Proactive Process Reactive Process Enterprise-wide IT / Facilities-Focus Strategic Plan Break-Fix Plan Business and People Things and Recovery Time © 2018 Elliot Consulting, LLC. All Rights Reserved
Risk Assessment © 2018 Elliot Consulting, LLC. All Rights Reserved
Mitigate Risks Four main ways that you can mitigate risks: - Avoidance - Transfer - Acceptance - Reduction © 2018 Elliot Consulting, LLC. All Rights Reserved
Risk Avoidance • Relocate your facility • Divide operations between multiple sites • Eliminate a risk process • Stop working with hazardous materials © 2018 Elliot Consulting, LLC. All Rights Reserved
Transfer Risks • Buy insurance / review coverages • Outsource the risk to 3 rd party suppliers • Sell off a division or product © 2018 Elliot Consulting, LLC. All Rights Reserved
Acceptance of Risks • Decision to do nothing about a potential risk • Accept the risk probabilities and impact • Management is willing to roll the dice • Cost/Benefit Analysis shows the impact cost is less than the mitigation cost • Probability is so low that investing in a long-term mitigation strategy isn’t necessary © 2018 Elliot Consulting, LLC. All Rights Reserved
Reduction of Risks • Split production between multiple sites • Supplier Diversity (Workload /geography) • Physical Mitigation (Hardening Facility) • Alternative Access (Work Remotely) © 2018 Elliot Consulting, LLC. All Rights Reserved
Local Hazard Mitigation Planning © 2018 Elliot Consulting, LLC. All Rights Reserved
Document Your Decisions Hazards & Vulnerabilities Winter Storms / Snow / Ice Tropical Storm / Hurricane IT - Hardware Outage(Servers, Printers, etc. ) Loss of Key Staff IT - Critical Application(s) Outage IT - Network Outage (Data) Economic Recession Tornado Building Fire / Explosion / Bomb Threat Power / Utility Failure & Resulting Damage Probability Impact Score Level of Risk 4 3 3 3 2 2 2. 5 3. 7 4. 3 3. 7 3. 3 4. 7 3. 3 14. 7 14. 0 13. 0 11. 0 10. 0 9. 3 8. 3 Very High Medium Medium © 2018 Elliot Consulting, LLC. All Rights Reserved Revenue Risk Strategy A, R T Ac T, R R Options?
Steve Elliot, President & CEO Elliot Consulting, LLC 813 -792 -8833 selliot@elliot-consulting. com www. elliot-consulting. com © 2018 Elliot Consulting, LLC. All Rights Reserved
- Ransomware mitigation strategies
- Billy elliot character profile
- Ducks unlimited president
- Steve jobs, steve wozniak and ronald wayne
- Microsoft for some users
- Mitigation tactics
- Buffer overflow mitigation
- Credit union enterprise risk management
- Microsoft onpremises mitigation
- Climate change mitigation
- Mitigation
- Blossomfield club
- Bad news mitigation
- Structural mitigation
- Environmental enhancement and mitigation program
- Preparedness mitigation response recovery
- Buffer overflow mitigation
- Natural hazard mitigation association