4 minute read
The Covid-19 Pandemic Highlights the Importance of Preparedness and Training in the Digital World.
text: TUOMO HAUKKOVAARA
During spring, every organisation has in one way or another had to adapt to the exceptional circumstances. From a digital perspective, this has meant a giant leap forward for most companies in terms of telecommuting, digital commerce, customer service, sales, marketing, and internal operations such as in human resources.
Advertisement
For some organisations this digital leap has ment mainly increasing the capacity and using flexibility of already existing online architectures, for example in VPN connections or e-commerce platforms, both of which saw an increase of up to hundreds of percents. For a significant portion, however, the increase in digital services has come as a surprise, and without much preparation companies are urged to transition to telecommuting, as well as build new digital channels for customers at a rapid pace.
The strong increase in digitalisation in all activities also raises digital security to an even more significant role when alternative, analog solutions may not be available. Now a significant part of work, meetings, data exchange and data storage have moved to a decentralised digital infrastructure. In particular, fast-track solutions may meet the operational needs, but may not withstand critical inspection from a digital security and continuity perspective.
Although cybercriminals have not taken significant advantage of the situation, the “new normal” offers new opportunities for cybercrime and state actors. Quickly set up temporary solutions are waiting to be exploited. For this reason, now that the first wave of the epidemic has subsided, it is important to evaluate new digital solutions in terms of security and take the necessary developmental measures so that these applications, which are likely to remain in use for longer, do not act as semi-open doors for cyber crime.
It can be divided into three main entities: technology, culture and practice. In terms of technology, it is essential to maintain and update the systems and to protect them with appropriate and up-to-date security software and services. Cyber culture, on the other hand, means that the topic is perceived as important by company management and action is taken accordingly. In addition to this, the competence of the staff in technical matters is developed and they are educated with examples. Although it is almost impossible to prevent disturbances, they can be prepared and trained for. Preparation and training improve companies’ ability to recover from various disruptions.
TRAINING TOGETHER HIGHLIGHTS SURPRISING WEAKNESSES IN DIGITAL SECURITY
National Emergency Supply Agency Digi pool and its networks help companies prepare for unexpected situations. Such extensive cooperation between the private and public sectors in preparing for cyber disruption is rather exceptional even when viewed from an international perspective. The network assists companies and authorities to anticipate potential crisis situations, by sharing up-to-date information on digital security and offering training on how to combat cyber disruptions.
This is exactly what the biannual TIETO exercise organised by Digipool is all about. This year, TIETO20 is engaged in the security of companies and authorities operating in the food manufacturing, trading and logistics sectors. Based on a script, but still presenting a plausible disruptive situation, the exercise is a simulated review of how each situation would impact each actor and how to prepare for the possible effects.
Joining the event is a large number of food supply companies and the authorities and general authorities in association with them. Previous TIETO exercises revealed important areas for companies to develop in, as well as issues affecting the entire industry and even the Finnish state. Although this is a significant investment in terms of time, joint training is an effective way to identify the unstable areas that form in long, diverse and interdependent value chains. If one only focuses on one’s own actions, and never in conjunction with other key actors, such critical dependencies go unnoticed.
TIETO20’s game starts with a simulation of a world that corresponds to reality. In the imaginary scenario, the problems consist of the combined effect of different situations that have not yet been experienced in Finland. Training for familiar, already experienced situations would not be as useful. Working on unfamiliar soil draws attention to new key areas of development. It is very advantageous, as harmful cyber activity is also constantly evolving.
Cyber exercises and training environments are also commercially available. For example, IBM’s Cyber Range is a simulated environment created for enterprise leaders to practice dealing with serious cyber attacks. And you can already get a feel for it by playing for free at: ibm.com/terminal
Tuomo Haukkovaara is currently working as the Vice President for IBM’slong term services businessin the Nordic Region. His area of responsibility covers multiple types of strategic client engagements ranging from traditional outsourcing to digital platforms and transformation projects in Denmark, Finland, Norway and Sweden. In addition, Tuomo is the chairman of the Board of IBM Finland and he isthe chairman of the National Emergency Supply Agency Digi pool and thedirector of the Tieto20 event.
