Confident Response Series: Ransomware Untangled

27 January

Asia Pacific

Competency Skills

Business Continuity & Crisis Management
Digital Fluency

Synopsis

Welcome to the 2021 Confident Response Series , where we will be bringing a session every quarter to help fine-tune your incident response preparedness and understand the latest tactics, techniques, and procedures from the most successful cyber criminals, leading to deeper collaboration with business partners and mitigation of technical, legal, and reputational risks.

For the first session of the series on Ransomware Response, dive into the realities of responding to a ransomware attack with seasoned cyber security and insurance experts. This session will cover the ramifications from data theft and extortion schemes, the challenges of a third-party attack reaching your firm, and the efficacy of ransomware preparedness assessments. Panelists will be available for a live Q&A following the session.

Speakers

David Klopp​
David Klopp

Associate Managing Director,
Cyber Risk
Kroll

Andrew Taylor
Andrew Taylor

Cyber Product Head, Asia Pacific
Chubb

Suchitra Narayanan
Suchitra Narayanan

Senior Vice President,
Risk Management
Lazada Group

Key Takeaways

This week, we hosted the first of our Confident Response Series with focus on Ransomware Response. Here are some points highlighted by speakers from Kroll & Chubb during last Wednesday’s discussion:

  • A common mistake businesses make is treating Cyber Incidents as ‘just an IT problem’. Key decision-makers must understand that cyber risks are now enterprise-wide risks, a message that risk managers must continue to communicate.
  • Crisis management teams must have everything in place and ready to be rolled-out before an attack happens. Crisis simulations, policies, communication trees and a centralised response should be stress-tested beforehand to prevent creating more chaos in the process.
  • Several of the heavier considerations on cyber risk insurance pricing are the level of the organisation’s risk awareness, governance & support of the senior management, how the business had previously responded to incidents and if they belong to industries which are top cybercrime targets.

The panelists also shared their experience in response to questions from the audience on the most appalling mistakes that businesses make after a ransomware incident.

Presentation Deck

This section is restricted to PARIMA members only.

Video Playback

This section is restricted to PARIMA members only.

More About The Event

Jeffrey Toh
Jeffrey Toh

Business Risk Consultant, Asia Pacific

FM Global

Jeffrey is a member of FM Global’s Business Risk Consulting (BRC) team in the Asia Pacific region. BRC services take a strategic approach towards helping clients identify the critical processes that drive their businesses and quantify dependencies on those processes. Through Business Impact Analysis (BIA), BRC helps clients to better understand the financial exposures to their businesses, to strengthen business resilience and develop effective risk management strategies.

Jeffrey joined FM Global in September of 2018. Prior to joining FM Global, Jeffrey was a Risk & Compliance Manager in the Group Finance department of The Great Eastern Life Assurance Company Limited, where he specialised in business process improvements and developing risk strategies. Prior to Great Eastern, Jeffrey served as a Corporate Improvement Manager in a publicly listed supply chain management company. He also had experience in performing financial statement audits in a range of industries, during his stint as a Senior Assurance Associate in Deloitte.

As a member of the Business Risk Consulting Group, Jeffrey is primarily responsible for conducting Business Impact Analysis, working in partnership with FM Global clients, to fully identify and quantify the client’s financial exposures as they relate to property and business interruption loss potential. The analysis Jeffrey performs often result in the identification of significant exposures that were previously unknown or not fully understood by the client, which potentially has a material impact to risk management decisions.

Jeffrey holds a Bachelor of Accountancy degree from Nanyang Business School, Nanyang Technological University of Singapore. He is also a certified Chartered Accountant.

Guido Gavio
Guido Gavio

Asia Complex Loss Director

BELFOR Asia

Guido Gavio is the Asia Complex Loss Director for BELFOR Asia. He has more than 22 years of experience in handling restoration projects for companies suffering from losses after a disaster. He joined BELFOR Asia, then known as Relectronic – Remech as a Restoration Engineer in Australia in 1996. He rose through the ranks and was seconded to Thailand for 3 years from 1998 to 2001 before being posted to the regional Headquarters in Asia in 200

Guido studied electrical engineering at the Universidad Technologica de Buenos Aires in Argentina. Upon graduation, Guido worked at the National Institute of Industrial Technology assisting with research programs in the area of superconductors where he gained considerable hands – on experience in developing and building prototypes. Guido then migrated to Australia where he worked for Telstra in the design and construction of the cable and internet network.

Upon completion of the Telstra project, Guido joined Relectronic – Remech. BELFOR Asia has the capability to recover buildings, production lines and other property, following disaster incidents such as fire, explosion, earthquake, typhoon, wind, flooding, rain, water ingress, chemical spills etc.

The company has maintained the market leader position for disaster recovery in Asia for the past 25 years, and is now handling more than 1,600 industrial disaster incidents per year.