Dr. Gabi Siboni taught a seminar at the University of Navarra in Madrid about “How to manage a cyber crisis“. Dr. Gabi Siboni is the head of the cyber-security research program at the INSS at Tel-Aviv University, and a professor for cyber-security. He is a former Coronel of the Israeli military forces and a world-wide recognized expert in cyber crisis management. Dr. Siboni wrote specialized books and research papers such as “Regulation in Cyberspace” (INSS-The Institute for National Security Studies-Israel), “Guidelines for a National Cyber Strategy” (INSS) or “Guidelines for National Security Strategy for Israel” (The Washington Institute for Near East Policy-USA).
The objective of the seminar was to address:
- The theory behind Crisis Management
- Cyber Actors and Threats
- What is a Cyber Crisis
- Legal Aspects of a Cyber Crisis
- The evolutions of the Crisis
- Crisis Management Plan
- Cyber Crisis Management Team
- Plan and Conduct a Cyber Crisis Exercise
- Cyber Crisis Simulation
The seminar was organized by a collaboration between the University of Navarra and Francisco Canos and included in the UNAV’s Banking and Financial Regulation Master’s Degree.
The attendance was mixed with regulators, companies and financial institutions decision-makers looking for top existing guidelines in regards to how to manage the situation when a real cyber crisis is in place. Of course, this is not just a technical view, but a holistic approach that includes legal, media, investors, regulators, and of course clients and people in general. Clear examples of how to correctly or incorrectly manage this type of crisis are shared in the seminar and its consequences.
A short video on Dr. Gabi Siboni teaching class on the so-called “Three-level management crisis teams“: short video on Three-Level Management Crisis Team
More seminars will be in place in the coming months on different aspects of cyber-security management. Details on the seminar could be requested to firstname.lastname@example.org.
A short video on Dr. Gabi Siboni teaching class on the “Chronological phases of managing a crisis“: Chronological phases
The seminar was provided along 2 days from 9 am to 6 pm with plenty of interaction between the speakers and the class. Given the importance of legal aspects associated with the crisis management approach, Dr. Gabi Siboni brought his colleague Dr. Limor Etzioni a well-recognized expert in the legal aspects related to cyber-security.
A short video on Dr. Limor Etzioni on legal aspects of cyber-crisis management
In our view, a cyber-security crisis will inevitably occur in any organization. The question then is whether there is in place a proven protocol that helps the company to tackle the situation in the most efficient and beneficial way for the organization. A typical big mistake is to misunderstand what is best for the organization and assume that this is equal to hide, mislead or directly lie to the parties related to that organization about the existence or the consequences of the given cyber-security crisis. This could include internal members, clients, media, regulators, and the general perception that people could have on that particular organization.
A cyber crisis will occur, but the management of it could represent big damage for the company if not well managed or a big opportunity to reinforce the company and its image.