Invest in cyber defence both in hardware-software ( SASE , XDR , SIEM , SOC ) and also in your employees .
I did not think that we could shut down , rebuild and transition our IT systems in less than 30 days .
COVER STORY
systems . Worldwide , all IT-based processes came to a standstill .
How did you recover from such a detrimental attack and how has it influenced your security approach ?
The backup was not compromised and so we were able to restore our systems quickly . However , since we implemented the current security standards during the setup , the rebuild took a little longer . We replaced the firewall and our virus scanner , installed a network segmentation and strictly adhered to the separation of IT and OT .
What did you learn from the recovery process and what advice would you give to other organisations looking to improve their network and security infrastructure ?
Invest in cyber defence both in hardware-software ( SASE , XDR , SIEM , SOC ) and also in your employees . Training for admins as well as security awareness training for your employees . Make sure you have a secure backup ( airgap ) and test the restore regularly . Implement network segmentation , if not already done and separate IT from OT . Establish MFA for all logins . Try to strike a good balance between security and usability . Look at your organisation and how prepared it is for a cyberattack .
How do you operate holistically across your 180-site global network and are there any varying trends between the different locations ?
All locations ( and group-based user access ) are handled the same way
Invest in cyber defence both in hardware-software ( SASE , XDR , SIEM , SOC ) and also in your employees .
using common generic rulesets . On some locations or for some specific user groups additional rulesets are defined , to e . g . incorporate OT equipment present on these sites or to add privileges , which should not apply to all users .
Still , this is all managed on the same admin panels , using the grouping feature for firewall rules .
How would you describe your security posture since the collaboration with Cato and what does the future hold ?
I would say that we can sleep much more relaxed . I think with Cato we get the best protection currently . Coupled with the other changes we have introduced we are in a good current state . The important thing now is to maintain this level and always be one step ahead of the attackers . u
We decided very quickly that we would rebuild ourselves under our own steam .
I did not think that we could shut down , rebuild and transition our IT systems in less than 30 days .
www . intelligentciso . com
53