“Prevention, detection & preparation for the next attack are the 3 musketeers in cybersecurity” - Pascal Steichen, CEO SECURITYMADEIN.LU
‘Prevention, detection & preparation for the next attack are the 3 musketeers in cybersecurity’ - Pascal Steichen, CEO of SECURITYMADEIN.LU joined the mini-documentary “Before, during and in the aftermath of a cybersecurity attack” organised by FEDIL.
Following the testimonies of Félix Giorgetti and Victor Buck Services, two luxembourguish companies that have faced a cyberattack, Pascal Steichen, besides Christophe Bianco, Managing Partner of Excellium Services S.A. and Cédric Mauny, Cybersecurity Lead at Telindus Luxembourg, shared his expertise on how to efficiently handle a cyberattack.
The interview was moderated by Céline Tarraube, Adviser Digital & Innovation at FEDIL.
The following is a summary of his presentation.
In 2020, 150.000 attempts of attack have been identified in Luxembourg. CIRCL (Computer Incident Response Center Luxembourg) supported 1.200 companies in real incidents.
According to ENISA, an intrusion was detected within 6 months in average in 2020.
Preparing for a cyberattack is key
Digitisation comes with many advantages but also some disadvantages – such as cyber incidents – that companies need to be prepared for. Cyberattacks are spinning up and getting more sophisticated.
‘After the attack is before the attack_’, explains Pascal Steichen.
First day of the attack
The first hour of the attack is crucial to organise and coordinate the teams in order to prepare the actions that will come further. No room to be left for panic.
1. Actions to take on the first day:
- Set emergency measures
- Inform internal staff, customers, suppliers and stakeholders
- Identify the source of the attack, the point of entry, in order to block it.
2. In the course of the crisis management process:
- Set clear objectives
- Communicate with your customers, stakeholders, suppliers, CERT teams, specialists
- Set a restoration and restructuring plan of the affected systems
- Keep track of the actions taken into a log book so you are able to draw lessons afterwards and continuously improve the systems, be better prepared for the next attack and/or even avoid a further attack.
- Communication is key. It is crucial. This tool is your weapon, the way you get through a crisis. Legal and technical experts will do their parts but communication is yours.
3. Post-attack time:
- Set the normality your company wants to go back to, by understanding and having a clear view of what normality means to you. Consider an enhanced normality with a certain number of improvements in order to reinforce your systems.
- Officialise the end of the crisis, even though it is not easy to determine the right moment you can go back to production, start working again.
Watch the replay here - Cybersecurity starts at 4:25:00