Industries
Industries Overview
Healthcare & Life Science
Manufacturing
Media & Entertainment
Public
Retail & Consumer Goods
Utilities
Consulting & Innovation
Consulting
Business Transformation
Technology Consulting
Process Consulting
Innovation
Generative AI
Sovereign AI
Metaverse
Consulting
Business Transformation
Business Transformation Consulting
Solutions & Products
Solutions
Sovereign IT
Business Process Management
Counterfeit Protection
Customer Experience
Data & Automation
Digital Workplace
E-Commerce & Omnichannel
Finance
SCM & Logistics
Products
Arvato Systems Alive
Order Management with aroma®
Digital Workplace with NAVOO®
Digitize logistics processes with platbricks®
Vulnerability Management with Varedy
Sustainability Management with green.screen
Further Products
Technologies
Amazon Web Services
Google Cloud
Microsoft
SAP
Further Partners
Solutions
Business Process Management
Process Modeling and Process Documentation
Process Mining
Process Automation
Governance, Risk & Compliance
Solutions
Counterfeit Protection
Serialization in the Consumer Goods Industry
Serialization in the Pharma Industry
Solutions
Customer Experience
API Management
App Development
Arvato Systems Alive
Customer Experience Consulting
Hyperpersonalization
Customer Loyalty
Content Management
Customer Relationship Management
Product Information Management
UX and UI Design
Solutions
Data & Automation
Data Fabric
Data Governance
Generative AI
Hyperautomation
DocuStream
Artificial Intelligence
Robotic Process Automation
Self-Service Business Intelligence
Solutions
Digital Workplace
Microsoft 365 Backup Service
Digital Meeting Management
Digital Workplace with NAVOO®
Microsoft 365
Microsoft Power Platform
Guest User Manager
Solutions
E-Commerce & Omnichannel
Order Management with aroma®
SAP Customer Experience
Solutions
SCM & Logistics
Warehouse Management
Transport Management
Production Planning
Digitize logistics processes with platbricks®
Artificial Intelligence in Logistics
Logistics 4.0
E-Commerce & Omnichannel
Order Management with aroma®
Distributed Order Management
Customer Service
Instore Modul
Drop shipping
Cart Handling
Registration for a demo
SCM & Logistics
Digitize logistics processes with platbricks®
Production Supply
Container Management
Warehouse Management System
Mobile Solutions
Analytics
Chatbots
Gamification
Healthcare Suite
Technologies
Amazon Web Services
Amazon Connect Contact Center
AWS Container Acceleration
AWS Cloud Migration
SAP on AWS
High-performance online store hosting in AWS
Cost-Effective Online Store Hosting with AWS
Technologies
Google Cloud
API Management with Apigee
Modern Data Warehouse Management with BigQuery
SAP on Google Cloud
Google Cloud Landing Zone
Technologies
Microsoft
Microsoft Azure
SAP on Azure
Microsoft 365
Microsoft Power Platform
Technologies
SAP
SAP Application Management Service
SAP Business Technology Platform
SAP Customer Experience
SAP IS-U
SAP License Management
SAP on Cloud
SAP RISE
SAP S/4HANA
End-2-End Process Monitoring
Infrastructure & Operations
Cloud & Data Center Services
Cloud Transformation
IT Outsourcing & Infrastructure Services
Multi & Hybrid Cloud
SAP on Cloud
Virtual Desktop Infrastructure
Workload Automation
Security Services
Cyber Care & CDC
Disaster Recovery
Security services for AWS
Vulnerability Management with Varedy
SAP Security
Managed Services
Cloud Foundation
Managed Workloads
Application Management
Cloud & Data Center Services
Cloud Transformation
Application Modernization on Cloud
Datacenter on Cloud
Data Management on Cloud
Enterprise Application Integration
Managed cloud IT with Avvia
Cloud & Data Center Services
IT Outsourcing & Infrastructure Services
SAP Hosting
Cloud & Data Center Services
Multi & Hybrid Cloud
Amazon Web Services
Google Cloud
Microsoft Azure
Virtual Private Cloud
About us & News
About Arvato Systems
Awards
Corporate Responsibility
Management
Memberships & Certifications
Partnerships
Locations
References
Press
Events
Contact
Wie Sie Ihre IT-Infrastruktur optimal für einen Security-Vorfall vorbereiten

How to Optimally Prepare Your It Infrastructure for a Security Incident

Six tips for IT security

...
Timo Schlüter - Hoch
Written by
Security Incident Checklist
12.03.2021
Security

IT Security

Although protecting their IT infrastructure, systems, workplaces, and data is a priority for many companies, most firms are not prepared for an attack. Timo Schlüter, Business Consultant Cyber Security at Arvato Systems, has summarized six tips on how companies can prepare themselves and react correctly.

Tip 1: Invest in Cyber Security

Checkliste bei einem Security-Vorfall

Most companies have defined IT crisis processes. However, those processes are often not suitable for fending off a sophisticated attack. Hackers' methods are becoming increasingly complex, and thus, so is the complexity of the necessary measures to protect. Depending on the nature of the incident, fast responses with the right measures are vital. Also, the issue arises that some measures have not been tackled for years. In case of doubt, an IT infrastructure that has grown over the years has to be reorganized entirely within a few weeks, which causes significant efforts and high costs. That's why you shouldn't wait until a critical security incident forces you to react. Investments in cyber security are worthwhile because they demonstrably reduce the risk of a critical security incident.

Tip 2: Review Existing Security Measures

f dedicated measures have already been defined, this is only half the battle. Preventive measures should be reviewed regularly to keep security levels high in the long term: Are your preventive measures suitable for warding off a security incident (prevention) and countering an actual attack (detection and response)? You must be prepared against sophisticated attacks at all times. Attack methods previously only known from APTs (Advanced Persistent Threats) are now used among common cyber criminals.

Tip 3: Define Individual Packages of Measures

Cyber security is the result of a continually ongoing process. Thus, cybersecurity is highly individual, and there are several success factors for a successful Incident Response (IR): communication, organization, processes, and resources. Based on the respective processes, individual packages of measures should be preventively derived and documented. The goal, the procedure, and crucial roles, business units, and skills should be described. Examples include domain administration and data center management. An incident response communication plan should also be included.

Tip 4: Take a Structured Approach

To be best prepared for the eventuality, the incident response should be divided into two strands of action. First, there is the forensic investigation of the alleged incident. Here, it is possible to determine how deeply the attacker penetrated the IT infrastructure, the hackers' goals, and what technology the hacker used. In addition to logging data, company analysts should also use information from endpoint detection and network monitoring and analyze conspicuous systems in depth. Analysts usually focus on Active Directory, DMZ (Demilitarized Zone), and particularly vulnerable areas.


Based on this, measures can be planned to defend against the attack and remove the attacker from your network. In the case of ongoing incidents, it is necessary to decide which actions need to be taken ad hoc (containment) and which predefined measures are to be applied. The same applies to remediation. Here, packages of measures must adapt to the complexity of the business processes, the structure of the infrastructure, the monitoring capabilities on endpoints and network traffic, and available analysis skills. The defensive measures should also correspond to the attacker's methods.

Tip 5: Know Your Own System Criticality

Investieren Sie in Cyber Security

To identify vulnerable areas and neuralgic points, one must have a thorough understanding of the peculiarities of one's own organization, IT infrastructure, and available skills. It helps to think of the incident response as a team sport with players contributing their strengths according to a previously coordinated playbook. The ideal mix of experience and skills is needed to fill the positions optimally. It requires a great deal of effort to built up these skills internally. Using a service provider that offers managed security as a service may be worth considering. But even then, regular training is essential to ensure a high level of responsiveness.

Tip 6: Focus on Teamwork

In the event of an attack, a company needs its entire security team. The Security Operations Center (SOC) assesses the threat potential and decides whether an attack has occurred jointly with the Incident Response Team. Suppose it is a massive incident - from ransomware extortion cases to APT attacks - the incident response team coordinates and executes containment and cleanup activities. Follow-up is also critical. Those who derive strategic actions from an incident can develop better response capabilities and resilience. To create a soccer metaphor, it's about questions like: Did the game structure and organization fit? Were the positions staffed correctly? Did the communication work? Were the correct human and technological resources available in the right quantity and intensity? Was the visibility over the entire game sufficient? Finally, a company must continuously optimize risk management and decision-making processes. After all, after the attack is before the attack.

Security Services

Security for your business: You can rest assured that your data and applications are protected by state-of-the-art security solutions in our data centers.

Learn more
Cyber Care & SOC

Our complete package against cyber attacks helps you to set up your IT security professionally.

Learn more

Written by

Timo Schlüter - Hoch
Timo Schlüter
Expert for Cyber Security
Subscribe to our newsletter
ImprintPrivacy PolicyGeneral Purchase ConditionsYour Career at Arvato SystemsContactChange Cookie-Settings
© 2024 Arvato Systems