The case story of ISS:
How to manage World attacks and recovering well

February 17, 2020, 4 o’clock in the morning, the Danish facility firm ISS was hit by a ransomware attack. An attack that has changed the company ever since. In this case story you will get to meet two significant people from the ISS Group, Nikolaj Storm Lund, responsible for IT infrastructure and Services globally together with Martin Petersen, responsible for all IT security at the ISS Group. They experienced the attack firsthand and was part of the team who managed and recovered from it back in 2020.

The host of this episode is Lars Nørballe, Product Manager at the ALSO Group. He’ll take you through the story from the very beginning to the end up until today, how ISS manage their cyber security.

As with any crisis you can never be fully prepared whether it is a pandemic or cyberattack. But one thing is certain, Nikolaj and Martin have gained great experience and heavy knowledge from experiencing an attack upfront. They will give you a detailed perspective on the case. Tell you more about how other companies might prepare themselves from hacks. In what way they can be managed, how to recover, as well as recovering well. These topics along with key learnings and findings will be shared. Below is a little appetizer for you curious readers! Key takeaways to take into consideration when preparing for cyberattacks.

5 key takeaways

  • The technical recovery: Define the scope of the crisis; When and where did it happen. The scope needs to be defined before you can do the recovery.
  • Visibility: As a company take an active part in ensuring the IT security and management of the crisis. Create an overview of your data and have visibility into the segmentation of your networks and IT environments.
  • Communication: The management of the communication related to a crisis is underrated. First things first, have a plan prepared on the route to command, establish key stakeholders and management. Define when, how and by whom communication should be shared.
  • Cyber security emergency plan: Have an emergency planned prepared e.g., defining key stakeholders and the decision-making process. Even though you practice on a crisis beforehand it will always be difficult to be fully prepared.
  • Strategic partners: Before a crisis define your trusted strategic partners. Including defining how the partners are to support you and the requirements that needs to be met.

To this day, the ISS group has very much grown from the experience as well as their IT-security, infrastructure, and knowledge internally on how to create a more secure and stabile platform.

Get the full story by listening in below: