Defeat with Discussion: Enabling Proper Cyber Response with Communication and Awareness
Jouni Auer, CISO, Cargotec
Henri Heinonen, Director, Head of Information Security, CISO, Aktia Pankki
Topias Salminen, Head of Information Security, Oriola
The saying “knowledge is key” has never been more true than when it comes to cyber security. Sharing possible threats and experiences thereof can be of immense value for others scanning the threat environment, improving their readiness and resilience. But how do you know how much to share about your company’s cyber weaknesses and incidents and most importantly – to whom? Staying silent and gatekeeping necessary information is starting to be a thing of the past, but how do you tackle the risk of losing the trust of your customers and external stake holders when exposing your weak spots?
In this session, our speakers will discuss the importance of knowledge and threat sharing amongst your peers in order to get a better situational awareness of the cyber climate. We are going to reflect on the downside of sharing your insights and how you can have an open, confidential communication without it compromising your company’s cyber security. Additionally, our speakers will compare how a transparent vs non-transparent post-attack communication strategy affects the company long-term as well as cover how companies should communicate - both internally and externally - before, during and after an incident in order to stay invincible in the evolving cyber climate. Join the session and pick the brains of our experts during our interactive live Q&A, where they will answer the questions you have about transparent cyber communication and the challenges that comes along with it.
- Reflecting on the most effective ways of threat sharing transparency in trusted security networks as well as the barriers that hinders open communication
- Comparing how a transparent vs non-transparent post-attack communication strategy affects the trust of the customers and external stake holders
- Discussing ways to internally and externally communicate before, during and after a cyber incident for best crisis management