Breaches happen, that’s for sure. But most companies are not prepared. Just like an average person is not prepared for being mugged. The final episode of our Adventures in Cyberland focuses on incident response and how can companies be better prepared to face breaches. Check out the video, including a real-life breach story from the Ministry of Foreign Affairs of Finland:
Here are 5 takeaways from the discussions our host Linda Liukas had with F-Secure Practice Leader Tomi Tuominen, F-Secure Principal Risk Management Consultant Marko Buuri and our special guest, CISO Antti Savolainen from Ministry for Foreign Affairs of Finland.
1. Don’t panic
Most breaches stay undetected for months or years, so there’s no need to freak out and rush into impulsive solutions. Most mistakes are made within a few hours of discovering a breach. So, get a cup of coffee and take a deep breath. Stay calm and focus on what you are doing.
2. Don’t destroy evidence
Don’t shut down your computer, that’ll wipe out important information. Logs are a valuable source of evidence. Disconnect from the network to prevent the attacker from continuing his actions and stealing your data.
3. Call for help
Get a professional involved. With experience in cyber incident management, they can help you out in organizing the forensics and public relations. Write down what happened to help the forensics team to reconstruct the timeline and find out what happened.
4. Make cyber security everyone’s business
Build a culture, where cyber security is not only IT department’s, but everyone’s business. It starts with awareness. Your employees should know, what information is sensitive and confidential to your business.
Create a culture of mutual trust, where employees are not treated as the weakest link of security. Everyone should feel confident to alert the information security people, when they spot something suspicious.
5. Be prepared
Know your infrastructure better than the attacker, and you’ll be able to defend against future attacks. Get an assessment of your infrastructure and go through your processes. Most issues are process problems instead of technical problems. Make sure you have visibility to your own organization. Have a crisis management team, a plan and run regular rehearsals.
Be prepared – before you get hit.
In F-Secure’s new video series, Linda Liukas goes on a journey to discover the answers to some of the most burning questions in cyber security. Linda meets the brightest minds in the field of cyber security to learn what type of cyber threats are out there and why modern breaches are so difficult to stop. She agrees to let our cyber security experts hack her, finds out how to detect and respond to breaches and how cyber security can benefit from artificial intelligence and machine learning. Watch the previous episodes here.