THE COVID-19 PANDEMIC HIGHLIGHTS THE IMPORTANCE OF PREPAREDNESS AND TRAINING IN THE DIGITAL WORLD text: TUOMO HAUKKOVAARA Tuomo Haukkovaara, Vice President, Long Term Services, IBM Nordic at IBM. In addition, he is the chairman of the National Emergency Supply Agency Digi pool and the director of the Tieto20 event.
D
uring spring, every organisation has in one way or another had to adapt to the exceptional circumstances. From a digital perspective, this has meant a giant leap forward for most companies in terms of telecommuting, digital commerce, customer service, sales, marketing, and internal operations such as in human resources. For some organisations this digital leap has ment mainly increasing the capacity and using flexibility of already existing online architectures, for example in VPN connections or e-commerce platforms, both of which saw an increase of up to hundreds of percents. For a significant portion, however, the increase in digital services has come as a surprise, and without much preparation companies are urged to transition to telecommuting, as well as build new digital channels for customers at a rapid pace. The strong increase in digitalisation in all activities also raises digital security to an even more significant role when alternative, analog solutions may not be available. Now a significant part of work, meetings, data exchange and data storage have moved to a decentralised digital infrastructure. In particular, fast-track solutions may meet the operational needs, but may not withstand critical inspection from a digital security and continuity perspective. Although cybercriminals have not taken significant advantage of the situation, the “new normal” offers new opportunities for cybercrime and state actors. Quickly 50
|
CYBERWATCH
FINLAND
set up temporary solutions are waiting to be exploited. For this reason, now that the first wave of the epidemic has subsided, it is important to evaluate new digital solutions in terms of security and take the necessary developmental measures so that these applications, which are likely to remain in use for longer, do not act as semi-open doors for cyber crime. Every organisation is responsible for its own digital security. It can be divided into three main entities: technology, culture and practice. In terms of technology, it is essential to maintain and update the systems and to protect them with appropriate and up-to-date security software and services. Cyber culture, on the other hand, means that the topic is perceived as important by company management and action is taken accordingly. In addition to this, the competence of the staff in technical matters is developed and they are educated with examples. Although it is almost impossible to prevent disturbances, they can be prepared and trained for. Preparation and training improve companies’ ability to recover from various disruptions. TRAINING TOGETHER HIGHLIGHTS SURPRISING WEAKNESSES IN DIGITAL SECURITY
National Emergency Supply Agency Digi pool and its networks help companies prepare for unexpected situations. Such extensive cooperation between the private and public sectors in preparing for cyber disruption is rather exceptional even when viewed from
