Checklist to help you get prepared

A CISO's guide to incident readiness

Did you know that most Swedish companies don’t have a strategy for handling a cyber attack? Prepare for the real threats and stay ahead with a contingency plan – download our checklist for incident readiness.

We know safeguarding your company against intrusion is not an easy task. And it gets more challenging as the potential threats get more refined each day. What protected your organization yesterday must constantly be updated to protect you from tomorrow's sophisticated methods.

Download our checklist to determine if you have taken the proper actions to withstand a possible cyber attack – and give your company a fair chance to survive.

CISO-guide-incidente-readiness-truesec

Imagine two to ten weeks of downtime – how would your organization survive without IT?

Having a contingency plan for handling a cyber attack is crucial to minimize the impact of a breach and securely get your business up and running again in the shortest time possible. In this article, we help you get prepared and incident-ready – before you get hit.

Today, everyone with a digital presence is a potential victim of a data breach or a cyber attack. This could mean two to ten weeks of downtime, if not more. So how would your organization manage without IT for at least two weeks?

Some people might think that their organization isn’t a possible target for a cyber attack – "it doesn't happen to us." However, the most important thing to realize is that every organization, regardless of size, risks being attacked, hacked, extorted for ransom, and facing an extreme loss of revenue and sensitive data. The technologies and methods for intrusion are now available online for anyone eager enough. In parallel, we face a threat where threat actors crawl the internet for weaknesses rather than targeting specific victims. Needless to say, the threat is imminent.

Mats-Hultgren-Truesec-1-1

"“A threat actor sees 10,000 possibilities and an organization must close all gaps. If not, one of the vulnerabilities will be compromised. The balance is enormously unfair,"

says Mats Hultgren, VP Cyber ​​Strategies at Truesec.

incident-260x315

At the same time, most organizations are aware of the threat but find it difficult to know how to act in the event of an attack. With an ever-evolving threat landscape, you may find it difficult to understand how to best prepare for a real-life attack situation. If something unwanted or unexpected happens, you must have procedures and guidance in place. This way, you'll know how to respond and use the right resources to meet a potential threat.

Incident Readiness – How to Prepare for a Real-Life Cyber Attack

Incident Readiness is challenging because it requires insight into your vulnerability and how to minimize it to affect the probability of an attack – and the consequences of it. For example, how will you be able to run your business when IT no longer exists? Taking the proper actions can prevent and protect your company.

There are things you can control and things you can’t control. By working with what you can control, you can reduce your vulnerability and minimize the risk of being breached.

What You Need to Have Under Control:

  • Understand the threats your business faces today. The threat actors get more sophisticated and constantly find new refined methods to gain access.
  • Without IT – no business. It’s crucial that IT is represented in the Management Team. When all activities and threats go digital, IT security should be on top of the priority list in every company strategy.
  • Secure the right resources and skills needed to understand the risk and what measures you need to take to minimize them.
  • Make an inventory of your protective measures and get a complete overview of what you do in terms of protection today.
  • Know the requirements placed on your organization in terms of agreements, laws, and regulations.

What You Can Do Now:

  1. Username and password are not enough. Multi-factor authentication is a requirement. This alone will reduce the risk of intrusion immensely.
  2. All software needs to be updated hastily. Waiting for more than 72 hours after a new patch is released will increase your risk exposure significantly since your systems are now vulnerable.
  3. Verify your backups and ensure they work and are protected and separated from the remaining system. In more than 60 percent of cases, backups don’t work properly, or are attacked and thus left unusable. Make sure you have enough capacity to restore your entire environment.