FEATURE : DISASTER RECOVERY AND BUSINESS CONTINUITY
letter puts TOMRA ’ s people at the centre of its incident response , forming the impression of a team in sync .
Keeping customers updated
TOMRA ’ s sixth update breaks down the target , timeframe , development , investigation and technical details of the attack . This update showcases the progress the investigation has made and the resources dedicated to it . It gives a fuller picture of the incident and reiterates the topline for customers – that their data is safe .
Through August , the company continued with status updates on external systems and recovery progress . It didn ’ t add much new information , but the organisation demonstrate a desire to keep customers and industry in the loop .
CONSIDER THE CRITICAL NEEDS YOU ’ RE ADDRESSING – AND SHARE THE MINIMUM EFFECTIVE MESSAGE .
By September , TOMRA ’ s update focused more on recovery . It laid out its plans for building resilience , including MFA , migrating to Zero Trust Architecture and centralising its vetting process for IT hardware .
Its final update has it all . It starts with a recap , runs through recovery , key findings from the forensics report , comments from Andersen , strategies for rebuilding with greater resilience the lessons learned and changes made . It signs off as the final dedicated update on the attack and shares a communications email address .
44 INTELLIGENTCIO EUROPE www . intelligentcio . com