BUSINESS SURVEILLANCE
HOW TOMRA SHOWCASED COMMUNICATIONS WHILE BATTLING A CYBERATTACK
After suffering a security breach , TOMRA followed a Business Continuity plan that fostered transparency , respect and reassurance . James Watts , Managing Director , Databarracks , tells us about the efforts that TOMRA enforced throughout the attack and the importance of having a Disaster Recovery strategy .
James Watts , Managing Director , Databarracks orwegian
N multinational , TOMRA , specialises in state-of-the-art sorting and grading technologies for recycling , mining and food . It ’ s perhaps best known for its reverse vending machines . In the early hours of July 16 , the company discovered a cyberattack had affected some of its IT infrastructure . It immediately disconnected several of its systems to contain the breach .
Most of its digital services are designed to run offline for a limited time – and it added further temporary measures to keep operations up and running . TOMRA ’ s cybersecurity team began migrating services to the cloud and restoring others . It hired a global cyber response team from Deloitte to assist with the ongoing investigation and response .
Communications
Rather than posting every piece of information , at the early stages of crisis comms it ’ s best to pare it back . It ’ s a difficult time , you may not have a complete picture of the situation and you don ’ t want to over-commit or share more than is necessary . Consider the critical needs you ’ re addressing – and share the minimum effective message .
TOMRA was transparent and concise from the get-go .
The most important thing at this point is to acknowledge the issue and provide some detail on what was done to address it , and what the next steps will be . It stated that it had not been contacted by the attacker or asked to pay a ransom .
TOMRA posted its last update on September 25 . Its investigation found that the attack was in its reconnaissance stage on July 10 , and the target was the company ’ s internal systems and domain , rather than its customers .
Getting it right from the offset
TOMRA ’ s first post about the attack on its website stated that it had been targeted by an ‘ extensive cyberattack ’, that relevant authorities had been notified and that systems had been disconnected immediately to contain the breach . The company also shared a contact email for any questions .
Getting ahead of the news , laying out the response and inviting questions like this creates reassurance for the customer that you ’ re in control of the situation – and that you have a plan . It buys you time .
62 www . intelligentciso . com