...

NFIR hosts its first MDR Seminar: the importance of monitoring, governing privacy and legal resilience

Content

June 30, 2022, Utrecht

From the heart of the Netherlands, NFIR hosted its first Managed Detection and Response (MDR) Seminar on Thursday, June 30, 2022. This event attracted as many as 75 visitors who are directly or indirectly involved in the digital security and resilience of their organizations. A diverse program and a pleasant networking reception resulted in a successful first seminar. A seminar where different disciplines looked at the ins and outs of security monitoring, the usefulness and necessity of file monitoring and the importance of good contractual agreements in the event of cyber incidents.

NFIR hosts its first MDR Seminar: the importance of monitoring, governing privacy and legal resilience
From left to right: Arwi van der Sluijs, Wim Heij, Dennis Slier, Rob de Vries, Gertrude van der Welle and Anne-Wil Duthler. Missing from the photo: Petra van Oldengarm.

The importance of adequate security monitoring

After the welcome address by Arwi van der Sluijs, NFIR’s general manager, the seminar was kicked off by the Petra Oldengarm, director of Cyberveilig Nederland, with the question, “What to do if you can’t keep cyber incidents out?” She answered this question using several lessons learned from previous cyber incidents. After all, one learns the most from practice. Among other things, Oldengarm emphasized the importance of actively monitoring infrastructure and that the lack of basic measures often plays a major role. Rob de Vries, Security Officer of NFIR, elaborated on the importance of security monitoring and clearly indicated the difference adequate monitoring makes to organizations. De Vries closed with the future perspective of security monitoring and what trends will develop in this area.

For Hof van Twente municipality, these measures could have made a big difference. Wim Heij, program manager at Hof van Twente, guided us through the cause and aftermath of one of the biggest hacks in the Netherlands in recent times. Along with installing usable backups and implementing IT Security policies, he cited active monitoring as the lessons learned that followed after the ransomware attack in 2020.

Grip on unlawful use of personal data

The second discipline within our MDR services is Dossier Monitoring. After Wim Heij’s presentation, Dennis Slier, commercial director of NFIR, made the bridge from security to privacy. The central question was “How do organizations that process personal data maintain control over the privacy of their clients and patients?” Slier mentioned that when monitoring files, it is important to provide insight into user behavior. NFIR started with its Dossier Monitoring service once in healthcare, but sees many opportunities for the future to roll out the service within other organizations such as Municipalities, which are also intensive processors of personal data.

Gertrude van der Welle gave the Dossier Monitoring presentation a practical addition. From her former role as Privacy Officer at Haga Hospital, she outlined the challenges in controlling logging. In doing so, she explained the differences between types of logging research and what prerequisites and carders should be established when conducting logging research.

In addition to digital resilience, legal resilience

The presentations mentioned all indicate that security and privacy incidents should be prevented as much as possible and substantiate which tools are suitable for this. After all, cybercrime is the order of the day and the question is not if, but when your organization will be targeted. Complete prevention is still a pipe dream, but proper handling of a cyber incident can limit the damage. Anne-Wil Duthler, attorney at First Lawyers, therefore spoke about the importance of legal resilience in cyber incidents. She emphasizes that well-equipped legal operations are indispensable for recovering damages and for being resilient to legal claims. However, practice has shown that this is far from always in order.

All in all, we look back with pride on a successful seminar that sparked useful and inspiring conversations among all parties present. NFIR hopes to host more similar events in the near future. Keep an eye on our channels and we may welcome you at one of the following events.

SECURITY INCIDENT BIJ UW ORGANISATIE?

De volgende 30 minuten zijn van cruciaal belang​!

De eerste 30 minuten na een cyber security incident zijn cruciaal, omdat een snelle en adequate reactie de schade kan beperken. Daarnaast kan verdere verspreiding van de aanval worden voorkomen en kan essentieel bewijsmateriaal veiliggesteld worden voor nader onderzoek.

Ons Computer Emergency Response Team (CERT) staat 24/7 klaar om bedrijven en organisaties te ondersteunen bij IT-beveiligingsincidenten.

Heeft uw bedrijf professionele hulp nodig bij een beveiligingsincident? 

* LET OP: Wij werken uitsluiten voor bedrijven en organisaties.

SECURITY INCIDENT AT YOUR ORGANIZATION?

The next 30 minutes are crucial!

The first 30 minutes after a cyber security incident are crucial because a quick and adequate response can limit the damage.
In addition, further spread of the attack can be prevented and essential evidence can be secured for further investigation.

Our Computer Emergency Response Team (CERT) is available 24/7 to support businesses and organizations during IT security incidents.

Does your company need professional help with a security incident?

* NOTE: We work exclusively for companies and organizations.