KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Unlock the power of industry-leading insights and expertise. Gain access to our extensive knowledge base, vibrant community, and tailored analyst sessions—all designed to keep you at the forefront of identity security.
Get instant access to our complete research library.
Access essential knowledge at your fingertips with KuppingerCole's extensive resources. From in-depth reports to concise one-pagers, leverage our complete security library to inform strategy and drive innovation.
Get instant access to our complete research library.
Gain access to comprehensive resources, personalized analyst consultations, and exclusive events – all designed to enhance your decision-making capabilities and industry connections.
Get instant access to our complete research library.
Gain a true partner to drive transformative initiatives. Access comprehensive resources, tailored expert guidance, and networking opportunities.
Get instant access to our complete research library.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Yes. As, as you mentioned, we have had a Haer attack and it was really, really hard for us as a company. I want to show you what we have learned and how was the way and what you should we have in the aspect to prevent. If you have such a way to go. When we are thinking about, about a cyber incident, for me, it was like a, a small fire, but it was a total disaster of us. And after the cyber attack, we have this non-function it. So when we go the way down, we look a little bit back. It was the black Friday for us.
The mail were started in the night and destroyed around 90% of all our infrastructure worldwide. So we have to shut down all systems to clean, up to reinstall and start an emergency planning and everything you go around in a cyber attack. We have had nine weeks of abnormal operation, which we have to restore mostly all service reinstall, a lot of new service.
And that was a huge business impact while you have not the exact configuration of all processes, all clients has to be new installed a lot of video conferences and telephone conferences, nearly 6,000 tickets has to be proceeded in the time with externally and internal resources. Also, by the way, we have to start a new E P system. And when you think about all that, you have a hard damaged infrastructure. What is the way to, to go down to secure infrastructure?
We have a lot of lessons learned, go well with the, with the resources, make, make a good infrastructure documentation and divide your strengths. You can't go this this hard times for long time and be sure that you are not really safe. Also when you have done or restructuring work, be prepared that it could happen again. And that's what we have done. We have decided to go to a zero trust model. And before you start with, with reorganizing the it, you have to be clear what you want to have in the future of cybersecurity, define your model.
You want to have how you want to have emergency planning. You should have incident management system in the security management system.
You be, you should segmentations. You should segment your networks and go in the, in the details of the segments that it not could be as hard as it was and make a project planning of the cybersecurity strategy and define your KPIs and also creating awareness that it could happen again and what your employees has to do then. So the way to a zero task model after cyber tech is not a sprint. It's a long way road, and you will have many rocks off the way to go to a new cybersecurity infrastructure. While when you have placed processes, you have to, to figure out how could be then integrated.
You have to remove legacy software, which is not passing to the new cybersecurity model you want to be implemented. So it's not that easy as only install a software and everything is fixed. So we defined for us that we want to have from all access from devices, users, and locations, and application, also realtime risks who can access from where data and applications in the company. If you are in a trust network insight, then you have direct access to, to the data. If you are not in a, in a secured infrastructure, you have to use multifactor out identification.
And if device or is not compliant, we blocked the access to the data and the applications in the company. After that also for us really important was the industry sector. We had a lot of machines, which communicating with our EP system, with the data center, with the company and the cloud. And we want to have secured infrastructure based on the application layer. And therefore you have to divide the access to data and to applications where the data is produced, where the access come from.
And therefore we have built micro micro segments in the, in the company, each machine, which is communicating directly with, with the P system or internal internal applications has to pass by a firewall and by application layer gateways, to be sure that the data is not manipulated and no virus effects the infrastructure. All of these we have done is we have implemented intrusion detection in intrusion prevention systems with companywide 802, 1 X authentication system, a network access control system. We have a steam system which helps us tonify manipulations of data.
We have lot of movements in legacy systems, or if they're not can remove, they have special protections. We have geometric access methods implemented for all our users. We have conditional access and therefore we need multifactor out indication. We have also highly automated our patch management for our, all of our existing systems. So once a month, we have to patch all of our systems, clients and service and applications. And we have a data loss prevention and information, class system and information protection system in place.
But all of these, all of these systems has one, one bottleneck, and that's the users or the human factor. When you implement as a, it, you have a plan, you have a vision to secure all of your data, all of your applications, but how is that used and how can users and our partners use our systems. Now what we go through this way and how we can afford that when something happens that the user is not shy to, to inform us, or has, has a problem to report a cyber.
I therefore we implemented a cyber awareness training package for all of our users and partners, how to use the tools, how to inform if something happens or what happens if we have a cyber attack again, how we proceed, then we train that every three months in our company. And that's a really good thing to be aware that something can happen again. So what we have done is not finished yet for all of the things I described in the short time, we have done that in over 650 tasks, and a lot of things are open. That's the details, which has to be managed.
We also decided to give out our management infrastructure of security parts to an, to an external partner, which is managed at infrastructure 24 by seven. And we learned also that necessary while you can't be there and manage all incidents, you have alone with your infrastructure. They are experts. They have good training for them. And they then inform us if something strange happens. We also tried AI and systems, but we learned that technology is really good, but not perfect. And things learns a lot, but the human being is really necessary to provide false positives.
We are, we are now on a way that we are say, okay, we are safe, but definitely not 100%. We are better than before the last cyber attack. We are good. We have trainings. We have prepared us for the next impact.
And, but we still say we are not hundred percent safe. So that was a short overview from my side, what we have done the last year after our cyber tech. Thank you for the time.
