Cyber security
21.09 2023

How To Prepare for Overcoming a Cyber Incident

It is no longer a question of if cyber incidents take place, but when they will take place. Based on international studies done by KPMG, 90 percent of companies have faced at least one cyber attack, and 26 percent of those incidents forced companies to suspend their operations temporarily. The impact of the incident on the company's operations can be very severe. For example, email bouncing is a nuisance, but it is a minor problem compared to cyber criminals being able to shut down a company's manufacturing or sales operations.

There are several aspects to consider in order to be prepared. First, cyber defense requires that you know your partners, especially if they handle your organization's information. For example, you need to make sure that access control is clearly in place in a cloud-based file sharing system. You also need to make sure that ransomware or other uninvited guests are prevented from entering your network through partners.

Second, people. Employee awareness plays a key role in protecting yourself. Employees need to be informed and instructed on how to act in the event of cyber incidents. The information security unit must have its own emergency number for crisis situations, that is a hotline personnel can contact to report their concerns. No matter how slight the suspicion, it must be reported immediately because the cost of days or weeks of delay can be very high. It should be mentioned that even in organizations where information security training takes place regularly, around 10 percent of employees still forget themselves and click where they should not.

Third, processes. There must be guidelines for critical situations on who exactly needs to do what. For example, in a power plant, there must be a very comprehensive manual on which button to press at what time, otherwise everything will blow up. Processes and guidelines are meant for managing the incident within the organization and coordinating with external partners when necessary. So that every link in the information security chain knows what it has to do. From the point of view of an employee, it is enough for him/her to know the person whom to contact in the event of an incident. The rest is the responsibility of the Chief Information Officer who decides when and through which channels he/she informs the management, authorities, etc.

Fourth, technology. It is an important part of the preparation and must be capable of gathering information about the incident and contributing to the quick resolution of the situation. It goes without saying that technology must not be the organization's Achilles heel that facilitates attacks. Businesses typically replace laptops and other office equipment every 3-5 years. All information security solutions should also be reviewed with a fresh eye at the same interval because their life cycles are different and some of them may be hopelessly outdated.

In addition to the loss or manipulation of data, an attack can lead to reputational damage, the consequences of which the company will have to deal with for some time.

However, in the event of an incident, you must be ready for well thought out communication both within the organization and with your customers and other external target groups.

Mihkel Kukk

Head of Cyber Security
mihkelkukk@kpmg.com
+372 521 4332

Cyber Security Expert: IT Hygiene Should Not Be Neglected During Holidays and Vacations

The line blurring between work and spare time, and the widespread use of remote work mean that peo..

Cyber security

A Company Must Not Be Bought Without a Pre-transaction IT Audit

It is a volatile time for economy, which always leads to businesses being purchased and sold. For ..

Cyber security

Too Many Companies Underestimate IT Risks

Mihkel Kukk, Head of Cyber Security Services at KPMG, notes that, although great importance is att..

Cyber security

KPMG Cyber Security Expert: Chief Information Security Officers (CISOs) Play a Key Role in Combining Business and Information Security Objectives

"Not dealing with information security should not be seen as an IT risk, but rather as a strategic..

Cyber security

KPMG: artificial intelligence cannot replace a doctor

Mihkel Kukk, Head of Cyber Security Services at KPMG, says that artificial intelligence cannot rep..

Artificial Intelligence

Provide a safe and sustainable business environment for your company. We help build a resilient and reliable digital landscape, even in the face of changing threats.

KPMG Baltics OÜ

+372 626 8700
cyber@kpmg.ee
Narva mnt 5, 10117 Tallinn, Estonia
${item.title}
KPMG Baltics KPMG Global Privaatsuspoliitika
KPMG IT Audit
Oma veebilehel kasutame küpsiseid. Küpsised aitavad analüüsida veebiliiklust ning annavad meile statistilist teavet.
Email again:

HR assessment 

HR assessment focuses on mapping the skills and increasing the competencies of the weakest link in cyber security: the users, the employees.

Email again:

Threat assessment

Threat assessment is a tactical and technical service that allows a company to get a quick overview of external threats.

Email again:

Maturity assessment

Maturity assessment helps plan IT investments and design further steps to mitigate vulnerabilities and ensure better security.

Email again: