{"id":15446,"date":"2024-09-16T14:05:02","date_gmt":"2024-09-16T12:05:02","guid":{"rendered":"https:\/\/oberender.com\/unkategorisiert\/information-security-part-4-what-to-do-if-there-is-a-fire\/"},"modified":"2024-10-07T12:21:38","modified_gmt":"2024-10-07T10:21:38","slug":"information-security-part-4-what-to-do-if-there-is-a-fire","status":"publish","type":"post","link":"https:\/\/oberender.com\/en\/blog-en\/information-security-part-4-what-to-do-if-there-is-a-fire\/","title":{"rendered":"Information security Part 4 – What to do if there is a fire"},"content":{"rendered":"\n

If there’s a fire, you should know where you can get a bucket of water quickly!<\/h3>\n\n

Sounds banal?\nBut if you look closely at the sentence, there is a lot of content in it, which we will look at below. <\/p>\n\n

“There is a fire” is an incident that is usually relatively easy to detect.\nIn the right place, the fire can cause a lot of damage to your company, in other places it can cause little or no damage.\nDepending on how you assess the fire, you tip a glass of water over it, get the fire extinguisher or call the fire department. <\/p>\n\n

Once the fire has been extinguished, the damage is repaired, the walls are repainted and then everything is OK again.\nNot quite!\nOf course, you should still consider whether it was a good idea to light a candle in a paper file archive and how to prevent this from happening next time. <\/p>\n\n

But how do you proceed in an emergency?<\/h3>\n\n

The requirements for handling information security incidents can be divided into two groups: organizational <\/strong>and procedural <\/strong>measures.<\/p>\n\n

For successful incident handling, your organization <\/strong>must be ready to respond.\nYou should have a crisis team, make sure that all employees know how the reporting chain works and define what the crisis team will deal with and how. <\/p>\n\n

Taking care refers to both internal and external addressees.\nTherefore, it should also be determined in advance who may or must speak to whom and how (e.g. press) (observe reporting obligations! e.g. BSI, police).\nIn our experience, proactive communication is better than trying not to communicate. <\/p>\n\n

In terms of processes, <\/strong>we are entering a cyclical process – something we know very well from our consulting work.\nA security incident always has a time component, a life cycle.\nThe treatment is based on this life cycle: <\/p>\n\n

    \n
  1. Detection and information –<\/strong> A security incident needs to be noticed first and this requires suitable means, a fire alarm, an alarm system, monitoring mechanisms for your IT infrastructure or similar<\/li>\n\n\n\n
  2. Triage –<\/strong> Decide what impact the incident will have on the business, what resources should be allocated to the response and what “alert level” should be raised<\/li>\n\n\n\n
  3. Containment –<\/strong> The incident is analyzed and, if possible, measures are taken to contain it.\nThe impact on company processes must be taken into account, as well as the risk of the damage spreading.\nMeasures may include, for example, isolating a section of the network, shutting down a server or deactivating user accounts. <\/li>\n\n\n\n
  4. Removal –<\/strong> A certain surgical generosity is particularly appropriate in connection with malware, as some species of this genus do not appear as a single program, but in the form of modules with different tasks that are difficult or impossible to remove from a computer.\nIt is therefore better to throw away one too many.\nThe Bundestag hack in 2015 led to an extensive renewal of the infrastructure of the Bundestag network, including the endpoints.\nSomething similar happened at Frankfurt University Hospital in early 2024. <\/li>\n\n\n\n
  5. Follow-up –<\/strong> The most important and often unrealized step is the follow-up of the attack with the aim of learning for the future.\nThis time should be taken because it generates valuable information.\nA good example of the fruits of the process is the MITRE ATT&CK\u00ae Framework(https:\/\/attack.mitre.org)<\/a>, in which the findings from cyber attacks are systematically processed and documented for the (specialist) public for further use. <\/li>\n\n\n\n
  6. End of incident –<\/strong> When everything is done, you may declare the incident over.\nDone… <\/li>\n<\/ol>\n\n

    …and prepare for the next incident.\nDid we mention that we love PDCA cycles?\nThey look good on PowerPoint slides. <\/p>\n\n

    Until the next and final part (link to Part 5 – Further building blocks)<\/p>\n\n

    Cyber risk check – a new service from Oberender AG<\/h3>\n\n

    Do you want to know where you stand in terms of information security right now?\nGreat – then let’s do the cyber risk check<\/strong> together.\nYou can find more information here<\/a>. <\/p>\n\n

    <\/p>\n","protected":false},"excerpt":{"rendered":"

    What to do if the worst comes to the worst?
    \nRead here what to do in the event of an information security incident. <\/p>\n","protected":false},"author":5,"featured_media":15360,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[62,220,64],"tags":[152,227,148,222,117],"class_list":["post-15446","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-en","category-data-security","category-digitisation","tag-consultant","tag-cyber-security-en-3","tag-hospital","tag-information-security","tag-public-health"],"acf":[],"yoast_head":"\nInformation security Part 4 - What to do if there is a fire - Oberender AG<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/oberender.com\/en\/blog-en\/information-security-part-4-what-to-do-if-there-is-a-fire\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Information security Part 4 - What to do if there is a fire - Oberender AG\" \/>\n<meta property=\"og:description\" content=\"What to do if the worst comes to the worst? Read here what to do in the event of an information security incident.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/oberender.com\/en\/blog-en\/information-security-part-4-what-to-do-if-there-is-a-fire\/\" \/>\n<meta property=\"og:site_name\" content=\"Oberender AG\" \/>\n<meta property=\"article:published_time\" content=\"2024-09-16T12:05:02+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-10-07T10:21:38+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/oberender.com\/wp-content\/uploads\/iStock-946613770-scaled.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"1440\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ursula Lauterbach\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ursula Lauterbach\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/oberender.com\\\/en\\\/blog-en\\\/information-security-part-4-what-to-do-if-there-is-a-fire\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/oberender.com\\\/en\\\/blog-en\\\/information-security-part-4-what-to-do-if-there-is-a-fire\\\/\"},\"author\":{\"name\":\"Ursula Lauterbach\",\"@id\":\"https:\\\/\\\/oberender.com\\\/en\\\/#\\\/schema\\\/person\\\/6d858500dcc179abc6e781d3d95329b3\"},\"headline\":\"Information security Part 4 – What to do if there is a fire\",\"datePublished\":\"2024-09-16T12:05:02+00:00\",\"dateModified\":\"2024-10-07T10:21:38+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/oberender.com\\\/en\\\/blog-en\\\/information-security-part-4-what-to-do-if-there-is-a-fire\\\/\"},\"wordCount\":675,\"publisher\":{\"@id\":\"https:\\\/\\\/oberender.com\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/oberender.com\\\/en\\\/blog-en\\\/information-security-part-4-what-to-do-if-there-is-a-fire\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/oberender.com\\\/wp-content\\\/uploads\\\/iStock-946613770-scaled.jpg\",\"keywords\":[\"Consultant\",\"Cyber security\",\"Hospital\",\"Information security\",\"Public Health\"],\"articleSection\":[\"Blog\",\"Data security\",\"Digitisation\"],\"inLanguage\":\"en-US\",\"copyrightYear\":\"2024\",\"copyrightHolder\":{\"@id\":\"https:\\\/\\\/oberender.com\\\/#organization\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/oberender.com\\\/en\\\/blog-en\\\/information-security-part-4-what-to-do-if-there-is-a-fire\\\/\",\"url\":\"https:\\\/\\\/oberender.com\\\/en\\\/blog-en\\\/information-security-part-4-what-to-do-if-there-is-a-fire\\\/\",\"name\":\"Information security Part 4 - What to do if there is a fire - Oberender AG\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/oberender.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/oberender.com\\\/en\\\/blog-en\\\/information-security-part-4-what-to-do-if-there-is-a-fire\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/oberender.com\\\/en\\\/blog-en\\\/information-security-part-4-what-to-do-if-there-is-a-fire\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/oberender.com\\\/wp-content\\\/uploads\\\/iStock-946613770-scaled.jpg\",\"datePublished\":\"2024-09-16T12:05:02+00:00\",\"dateModified\":\"2024-10-07T10:21:38+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/oberender.com\\\/en\\\/blog-en\\\/information-security-part-4-what-to-do-if-there-is-a-fire\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/oberender.com\\\/en\\\/blog-en\\\/information-security-part-4-what-to-do-if-there-is-a-fire\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/oberender.com\\\/en\\\/blog-en\\\/information-security-part-4-what-to-do-if-there-is-a-fire\\\/#primaryimage\",\"url\":\"https:\\\/\\\/oberender.com\\\/wp-content\\\/uploads\\\/iStock-946613770-scaled.jpg\",\"contentUrl\":\"https:\\\/\\\/oberender.com\\\/wp-content\\\/uploads\\\/iStock-946613770-scaled.jpg\",\"width\":2560,\"height\":1440,\"caption\":\"Teenage Hacker Girl Attacks Corporate Servers in Dark, Typing on Red Lit Laptop Keyboard. Room is Dark\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/oberender.com\\\/en\\\/blog-en\\\/information-security-part-4-what-to-do-if-there-is-a-fire\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Startseite\",\"item\":\"https:\\\/\\\/oberender.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Information security Part 4 – What to do if there is a fire\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/oberender.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/oberender.com\\\/en\\\/\",\"name\":\"Oberender AG\",\"description\":\"Ihr Partner im Klinikmanagement.\",\"publisher\":{\"@id\":\"https:\\\/\\\/oberender.com\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/oberender.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/oberender.com\\\/en\\\/#organization\",\"name\":\"Oberender AG\",\"url\":\"https:\\\/\\\/oberender.com\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/oberender.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/oberender.com\\\/wp-content\\\/uploads\\\/171218_Oberender_RGB.png\",\"contentUrl\":\"https:\\\/\\\/oberender.com\\\/wp-content\\\/uploads\\\/171218_Oberender_RGB.png\",\"width\":769,\"height\":186,\"caption\":\"Oberender AG\"},\"image\":{\"@id\":\"https:\\\/\\\/oberender.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/company\\\/oberender-ag\\\/\",\"https:\\\/\\\/www.xing.com\\\/pages\\\/oberenderag\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/oberender.com\\\/en\\\/#\\\/schema\\\/person\\\/6d858500dcc179abc6e781d3d95329b3\",\"name\":\"Ursula Lauterbach\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Information security Part 4 - What to do if there is a fire - Oberender AG","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/oberender.com\/en\/blog-en\/information-security-part-4-what-to-do-if-there-is-a-fire\/","og_locale":"en_US","og_type":"article","og_title":"Information security Part 4 - What to do if there is a fire - Oberender AG","og_description":"What to do if the worst comes to the worst? Read here what to do in the event of an information security incident.","og_url":"https:\/\/oberender.com\/en\/blog-en\/information-security-part-4-what-to-do-if-there-is-a-fire\/","og_site_name":"Oberender AG","article_published_time":"2024-09-16T12:05:02+00:00","article_modified_time":"2024-10-07T10:21:38+00:00","og_image":[{"width":2560,"height":1440,"url":"https:\/\/oberender.com\/wp-content\/uploads\/iStock-946613770-scaled.jpg","type":"image\/jpeg"}],"author":"Ursula Lauterbach","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Ursula Lauterbach","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/oberender.com\/en\/blog-en\/information-security-part-4-what-to-do-if-there-is-a-fire\/#article","isPartOf":{"@id":"https:\/\/oberender.com\/en\/blog-en\/information-security-part-4-what-to-do-if-there-is-a-fire\/"},"author":{"name":"Ursula Lauterbach","@id":"https:\/\/oberender.com\/en\/#\/schema\/person\/6d858500dcc179abc6e781d3d95329b3"},"headline":"Information security Part 4 – What to do if there is a fire","datePublished":"2024-09-16T12:05:02+00:00","dateModified":"2024-10-07T10:21:38+00:00","mainEntityOfPage":{"@id":"https:\/\/oberender.com\/en\/blog-en\/information-security-part-4-what-to-do-if-there-is-a-fire\/"},"wordCount":675,"publisher":{"@id":"https:\/\/oberender.com\/en\/#organization"},"image":{"@id":"https:\/\/oberender.com\/en\/blog-en\/information-security-part-4-what-to-do-if-there-is-a-fire\/#primaryimage"},"thumbnailUrl":"https:\/\/oberender.com\/wp-content\/uploads\/iStock-946613770-scaled.jpg","keywords":["Consultant","Cyber security","Hospital","Information security","Public Health"],"articleSection":["Blog","Data security","Digitisation"],"inLanguage":"en-US","copyrightYear":"2024","copyrightHolder":{"@id":"https:\/\/oberender.com\/#organization"}},{"@type":"WebPage","@id":"https:\/\/oberender.com\/en\/blog-en\/information-security-part-4-what-to-do-if-there-is-a-fire\/","url":"https:\/\/oberender.com\/en\/blog-en\/information-security-part-4-what-to-do-if-there-is-a-fire\/","name":"Information security Part 4 - What to do if there is a fire - Oberender AG","isPartOf":{"@id":"https:\/\/oberender.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/oberender.com\/en\/blog-en\/information-security-part-4-what-to-do-if-there-is-a-fire\/#primaryimage"},"image":{"@id":"https:\/\/oberender.com\/en\/blog-en\/information-security-part-4-what-to-do-if-there-is-a-fire\/#primaryimage"},"thumbnailUrl":"https:\/\/oberender.com\/wp-content\/uploads\/iStock-946613770-scaled.jpg","datePublished":"2024-09-16T12:05:02+00:00","dateModified":"2024-10-07T10:21:38+00:00","breadcrumb":{"@id":"https:\/\/oberender.com\/en\/blog-en\/information-security-part-4-what-to-do-if-there-is-a-fire\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/oberender.com\/en\/blog-en\/information-security-part-4-what-to-do-if-there-is-a-fire\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/oberender.com\/en\/blog-en\/information-security-part-4-what-to-do-if-there-is-a-fire\/#primaryimage","url":"https:\/\/oberender.com\/wp-content\/uploads\/iStock-946613770-scaled.jpg","contentUrl":"https:\/\/oberender.com\/wp-content\/uploads\/iStock-946613770-scaled.jpg","width":2560,"height":1440,"caption":"Teenage Hacker Girl Attacks Corporate Servers in Dark, Typing on Red Lit Laptop Keyboard. Room is Dark"},{"@type":"BreadcrumbList","@id":"https:\/\/oberender.com\/en\/blog-en\/information-security-part-4-what-to-do-if-there-is-a-fire\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/oberender.com\/en\/"},{"@type":"ListItem","position":2,"name":"Information security Part 4 – What to do if there is a fire"}]},{"@type":"WebSite","@id":"https:\/\/oberender.com\/en\/#website","url":"https:\/\/oberender.com\/en\/","name":"Oberender AG","description":"Ihr Partner im Klinikmanagement.","publisher":{"@id":"https:\/\/oberender.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/oberender.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/oberender.com\/en\/#organization","name":"Oberender AG","url":"https:\/\/oberender.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/oberender.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/oberender.com\/wp-content\/uploads\/171218_Oberender_RGB.png","contentUrl":"https:\/\/oberender.com\/wp-content\/uploads\/171218_Oberender_RGB.png","width":769,"height":186,"caption":"Oberender AG"},"image":{"@id":"https:\/\/oberender.com\/en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.linkedin.com\/company\/oberender-ag\/","https:\/\/www.xing.com\/pages\/oberenderag"]},{"@type":"Person","@id":"https:\/\/oberender.com\/en\/#\/schema\/person\/6d858500dcc179abc6e781d3d95329b3","name":"Ursula Lauterbach"}]}},"_links":{"self":[{"href":"https:\/\/oberender.com\/en\/wp-json\/wp\/v2\/posts\/15446","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/oberender.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/oberender.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/oberender.com\/en\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/oberender.com\/en\/wp-json\/wp\/v2\/comments?post=15446"}],"version-history":[{"count":0,"href":"https:\/\/oberender.com\/en\/wp-json\/wp\/v2\/posts\/15446\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/oberender.com\/en\/wp-json\/wp\/v2\/media\/15360"}],"wp:attachment":[{"href":"https:\/\/oberender.com\/en\/wp-json\/wp\/v2\/media?parent=15446"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/oberender.com\/en\/wp-json\/wp\/v2\/categories?post=15446"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/oberender.com\/en\/wp-json\/wp\/v2\/tags?post=15446"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}