Bridgestone Americas CISO Offers Advice After Ransomware Attack
Tom Corridon, the CISO of Bridgestone Americas, shared advice for organizations on handling a ransomware attack in an interview at Accenture’s virtual cybersecurity summit. According to Corridon, the most important advice for organizations is to designate key decision-makers for handling such crises before they happen. In the absence of a clear-cut line of action at the executive level, a cyber attack’s consequences can exacerbate and allow the attacker an opportunity to create more damage. The recent February 2022 ransomware attack on Bridgestone led to the tire giant shutting down its networks at manufacturing and retreading facilities in North and Latin America for several days.
Learning from Experience
Corridon’s interview at the Accenture virtual event focused on several lessons the company could take away from the attack. The most important was knowing who makes crucial decisions during an unfolding crisis and how. Another crucial consideration is that executives in charge of making critical decisions during a ransomware attack need to feel comfortable making decisions without a lot of data.
Tabletop Exercises for Executives
Corridon advocates that organizations that do tabletop exercises for their technical team need to have a parallel scenario-based exercise that involves key executives and decision-makers. Just like incident management processes have two threads, one technical and one for executives, so, too, should tabletop exercises.
Never Let a Good Crisis Go to Waste
A silver lining with major security events is the heightened awareness and willingness to change that it can foster, according to Corridon. In the year since the attack, Bridgestone implemented security changes that would have otherwise taken years to convince executives of, push through, and enable.
Cybersecurity Daily Routine
Corridon also advised that organizations make cybersecurity a part of the daily routine for employees. In much the same way that operational technology (OT) environments emphasize physical safety precautions, organizations need to make cybersecurity a part of the daily routine for employees. One way to begin getting stakeholders to think differently about cyber resilience is to stop describing breaches and attacks as “security incidents” but as “criminal acts.”
Editorial
The above cyberattack on Bridgestone confirms that virtually no organization is immune to cyber threats. This attack highlights the importance of putting adequate measures in place to avoid undue pressure on decision-makers to act in crisis situations without the proper assessment of the situation. Organizations must bring key decision-makers into the process of creating a comprehensive and tested incident response plan. Organizations should run scenario drills across all levels of management and executives, focusing on parallel and separate threads of the technical and executive teams to ensure that there is a clear set of guidelines for decision-making in the event of an attack. This plan should ensure that CISOs and the corporate executive team have an understanding of the decision-making chain before a crisis exists.
Advice
Organizations must take cybersecurity preparedness seriously and align their cybersecurity strategies, budgets, and resources with that objective. Bridgestone‘s Corridon advised organizations to make cybersecurity a routine consideration and to invest in making all employees aware of the impact of cyber threats on the organization.
<< photo by Sora Shimazaki >>
You might want to read !
- ActZero and UScellular Partner to Provide Mobile Devices Protection Against Ransomware Attacks
- The Growing Threat of Multi-Stage Malware Attacks in the Middle East
- Exploring the Resurgence of FIN7 Cyber Gang Through Their Latest Cl0p Ransomware Attacks
- “Samsung’s Security May Be At Risk: Critical Flaws Being Actively Exploited”
