5 steps to better incident management
Breaches happen, that’s for sure. But most companies are not prepared. Just like an average person is not prepared for being mugged. Check out the Cyber Security Crash Course video about incident management and how companies could better be prepared to face breaches. Watch how a high profile target, the Ministry for Foreign Affairs of Finland, recovered from a breach and what did they learn:
Here are 5 takeaways from the discussions Linda Liukas had with F-Secure Practice Leader Tomi Tuominen, F-Secure Principal Risk Management Consultant Marko Buuri and our special guest, CISO Antti Savolainen from the Ministry for Foreign Affairs of Finland.
1. Don’t panic
Most breaches stay undetected for months or years, so there’s no need to freak out and rush into impulsive solutions. Most mistakes are made within a few hours of discovering a breach. So, get a cup of coffee and take a deep breath. Stay calm and focus on what you are doing.
2. Don’t destroy evidence
Don’t shut down your computer, that’ll wipe out important information. Logs are a valuable source of evidence. Disconnect from the network to prevent the attacker from continuing his actions and stealing your data.
3. Call for help
Get a professional involved. With experience in cyber incident management, they can help you out in organizing the forensics and public relations. Write down what happened to help the forensics team to reconstruct the timeline and find out what happened.
4. Make cyber security everyone’s business
Build a culture, where cyber security is not only IT department’s, but everyone’s business. It starts with awareness. Your employees should know, what information is sensitive and confidential to your business.
Create a culture of mutual trust, where employees are not treated as the weakest link of security. Everyone should feel confident to alert the information security people, when they spot something suspicious.
5. Be prepared
Know your infrastructure better than the attacker, and you’ll be able to defend against future attacks. Get an assessment of your infrastructure and go through your processes. Most issues are process problems instead of technical problems. Make sure you have visibility to your own organization. Have a crisis management team, a plan and run regular rehearsals.
Be prepared – before you get hit.
F-Secure Cyber Security Crash Course explains in simple terms what kind of threats are out there and how they can be spotted and stopped. Linda Liukas, a programmer, children’s book author and TED speaker, explores the wonders of cyber security with the best talent in the industry. She even agrees to let F-Secure’s experts hack her. Watch the six short videos to learn what you can do to detect and respond to advanced cyber attacks. Include the Cyber Security Crash Course videos in your security training programme to foster awareness within your organization.
Categories