Blog post · Case Study

The story of a cyber incident and some consequences

A story about a security incident in a middle-sized company. Email account was compromised, and thousands of emails were sent out in their name.

Aug 22, 2023

The other day I was listening to a story about a security incident. It happened in a middle-sized company.

One of their email accounts was compromised and thousands of emails were sent out in their name.

Their domain got to blacklists used to block the spread of infections.

They fought for about two weeks to be removed from these lists and get back their email services to normal.

Two weeks without emails. Just try to imagine.

The whole incident was told by the rightfully proud service provider (SP) who basically run an ad-hoc disaster recovery plan (DRP) and helped them out quickly.

The success is clear on the side of the SP. They did very well.

I started to think, what is the difference if this company works with us too?

Yes, there is a quick answer, which is about costs😊

It can be obvious, but not necessarily true.

Most companies are learning this afterwards a similar situation.

Before everything else, I have to tell I have been in these situations. With and without plans.

Sometimes we had business continuity plan (BCP), incident handling procedures and DRP as well. Sometimes not. The difference is huge. Especially in stress level and the speed of response and recovery (return to normal operations).

The first difference can be that probably they could have avoided this situation completely.

If they had a cyber security program in place, including a security awareness program.

An awareness program teaches your employees about the rules and the hygiene in the cyber space.

The second difference can be, that you have plans when something happens.

Then you are in control of the situation and not just follow happenings. Which are not clear for your team in most of the cases, because no one ever explained them.

If you have plans, that is great. Let us try them out. Let us see how they work. And when you see it working you will be in a very different state when something unwanted happens.

The calmness and control of the management with tested plans, will help employees to stay calm, follow plans and instructions.

Your team is prepared and not desperate and clueless. You all know that it will be solved soon.

Your team does not have to invent things in the heat of the moment.

In this situation the talking to your customers, suppliers, employees, banks, authorities, stakeholders, and in some cases to the media can be very exhausting and stressful.

And basically, very unnecessary if your company is prepared.

The last thing is about recovery.

If you have a plan and there are procedures and known and tested plans, your return to normal operations is much faster and with less stress.

It is like testing back-ups time to time, everyone knows that they are working, so everyone can be more relaxed.

The “bad news” is that all of these preventive steps are the responsibility of the management. They have the power to make it and make it happen.

About the Author

Jozsef worked as a CISO in a central hospital and in a school district. He is the founder and owner of Torotoro Ltd. He holds the following certifications: Security+ - CompTIA - 2023 Security Consultant - Ministry of Justice NZ - 2023 Certified Cyber Security Professional – Google – 2023 NZPA – NZ Privacy Commissioner – 2022 OPSWAT Certified Cyber Security Associate – OPSWAT – 2022 OSINT training – European Security Academy – 2021 Fortinet NSE – Fortinet - 2020 Virtual Agile Teams – IIL/PMI – 2020 ISO 27001 Lead Auditor – TÜV Rheinland InterCert Germany – 2019 NZQE recognized Level 7 General Informatics Diploma - 1996

Related Posts

Torotoro became a trademark in New Zealand.
Torotoro became a trademark in New Zealand.

Torotoro just passed its first birthday a few weeks ago and now became a registered trademark in New Zealand by IPONZ of the Government.Hopefully it will give greater trust to our customers and partners, and a bigger headache to our beloved competitors as a visible...

NZ Blood event

On 20th September NZ Blood invited the business community to visit the brand-new facility in Hamilton CBD. It is a very impressive place and NZ Blood, WCC, Abbott and Cafe provided excellent hospitality for the guests. We had good food, good coffee and very good chats...

The risk of AI in cyber security – an article by Gyöngyi Sági

Few months ago, my old friend, Gyongyi who runs Digitrendi a news portal in Hungary, asked my expert opinion about the risks of AI in cyber security, based on a study by one the vendors in this field.

To be in style, I have asked Chat GPT to summarize and translate this artice, with the preliminary approval of Gyongyi, of course. Enjoy:)