SVA System Vertrieb Alexander GmbH: Safely mastering cybersecurity incidents

Wiesbaden Incident Response: A proactive service and proper preparation help to minimize the duration and extent of damage caused by a cyber attack.

The Federal Office for Information Security (BSI) describes cyber attacks as the greatest threat to the German economy. Increasing networking is creating new and more lucrative attack surfaces for cyber criminals. In particular, the dangers posed by ransomware attacks using encryption software continue to rise, both quantitatively and qualitatively. It is no longer just large corporations that are affected. The invisible threat from cyberspace has noticeably become a problem for everyone, and an attack for every company size and every sector is only a matter of time. This situation is leading to a change. It is no longer enough to simply purchase security solutions that focus on prevention. Instead, it is about keeping the material and immaterial damage of an “assume breach” as low as possible through good preparation.

In conversation with Sven Ulke, Senior Manager DFIR at the German IT service provider SVA System Vertrieb Alexander GmbH:

How can organizations best deal with the current situation?

There are many types of cyber security incidents. However, most of them are detected too late and catch a company unprepared. While a quick response is important in an emergency, a hasty decision is often counterproductive. For example, if I use my last backup, that may be a quick solution, but the attacker may still be in the network. Because if I don't close the access gate, there is a high risk that the problem will reappear. It is also often not always clear who makes the decision. A cyber attack may start in IT, but its effects affect the entire company. Therefore, you should first prepare a well-thought-out incident response plan: an emergency plan that includes analysis and takes the necessary protective measures and also appoints the right people in the company to form a crisis team. In order to deal with incidents effectively or to ensure that operations continue in an emergency, you need to have a plan that is as realistic as possible. Also to avoid stress and chaos as much as possible.

There probably isn't a blueprint for a working plan?

Unfortunately not. Our credo is: In order to respond effectively to an attack, we must be proactive and in partnership with the customer and have regular communication. Then the potential dangers can be identified and the necessary precautions taken. To do this, it must first be clear: which areas are particularly important or do they have a direct impact on my core business? Based on this risk assessment, you look at which IT systems are involved and what you have started to do to protect the most critical assets. At this point, we see that it is often difficult to prioritize pragmatically. A process that we support with our Business Impact Analysis.

The measures must also be implementable by the customer.

Absolutely. Our organizational and technical recommendations for risk minimization are individually tailored to each customer and their resources. Our regional proximity helps us enormously to quickly get a good picture of a company's structure. For example, every customer receives two SVA forensics experts as permanent contact persons upon signing a contract. We provide support via the 24/7 emergency hotline at the German headquarters – initially as initial assistance from a distance – but as a nationwide team we can also be on site quickly. There we also carry out the complete reconstruction of the customer's network or server systems from scratch if necessary. We have the relevant experts in-house for a wide range of solutions and, thanks to our more than 200 manufacturer partnerships, we also have the option of being able to procure replacement hardware at short notice, for example. We also support the regulatory requirements and reporting in accordance with the EU General Data Protection Regulation and the compliance with IT security laws from DORA to NIS2.

Press contact:
SVA HEADQUARTERS WIESBADEN
Borsigstraße 26, 65205 Wiesbaden
Phone: +49 6122 536-0
M: [email protected]
W: https://www.sva.de/de

Original content from: SVA System Vertrieb Alexander GmbH, transmitted by news aktuell