The extensive cyber security exercise started in February 2022 and culminated in the intensive phase’s games in September, during which participants practiced responding to a fictional cyber security incident affecting the banking sector.
“The exercise is intended to support companies’ continuity management and preparedness and develop cooperation between different organisations. The goal of the exercise is to develop a cooperation-based operating culture and cooperation models. At the same time, the exercise allows participants to identify real cyber security development needs, which can then be carried forward into everyday practices in both the National Emergency Supply Agency’s digital security development programme and participating organisations”, says Delivery Director Juha Kylänpää of Digia’s Secure Development and Operations unit.
Companies from numerous industries participated in this year’s exercise, along with those industries’ key service providers from the telecom, ICT, security and media sectors. Additionally, the exercise was also joined by authorities responsible for the industries in question, the National Emergency Supply Agency, Finnish Transport and Communications Agency Traficom’s National Cyber Security Centre, the Finnish Defence Forces, the Finnish broadcasting company Yle, the police and many more.
“We joined the exercise with high expectations. Of course, preparedness and risk management are already an integral part of our everyday operations, but exercises always give us a chance to learn and gain experience that has far-reaching benefits when it comes to developing our operations and the operations of our customers. In a digital world, change is a constant, and incidents can spread quickly, which means it’s important to practice managing unexpected situations”, says head of Digia’s Financial Products unit Matti Saarikallio.
Sharing expertise is key – even outside exercises
Digia’s customers include a wide range of public authorities and private companies, and, for various reasons, many have especially high security requirements.
“These exercises prepare us for situations we rarely encounter. They give us a very important opportunity to practice our procedures and keep our skills sharp. Another important benefit is the opportunity to strengthen the networks between different organisations, which speeds up cooperation in the event of an incident. We all have something to give and something to take away, which is why national exercises are such a unique opportunity”, Kylänpää says.
The exercise allows participants to put lessons and practices to the test, but it also allows for the identification of real development needs, which can then be addressed in everyday practice. Digia also has an important role in sharing good practices between different industries outside of exercises.
“Thanks to our extensive customer base, we are familiar with security practices from many different industries. This allows us to provide our customers with an outside viewpoint and give them cyber security development tips taken from practices in different sectors”, Kylänpää adds.
In the financial sector, preparedness requires continuous effort – and exercises play a significant role
Financial-sector cyber security was the central focus of this year’s exercise. The financial sector plays a key role in our society, and practically every company is dependent on its continued operation. Financial sector functions have been largely digitalised, which means that maintaining preparedness to respond to cyber security threats facing the sector requires continuous work.
The financial sector is also vital for Digia: Digia’s Financial Systems product family is one of the most comprehensive financial system packages available to management companies, asset managers and equity brokers in the Nordic countries. In addition, Digia produces back office functions for some of its customers as a complete service.
“Due to our customer relationships, our responsibilities in the industry are significant, and we want to be ready to react as part of a national mechanism. We regularly invest a significant amount of work and other resources into ensuring that the system solutions and services we provide to financial sector companies are always up to the standards of constantly evolving data security requirements”, says director of Financial Services at Digia Sami Vallinkoski.
“These exercises are an essential part of our preparedness. When the real situation comes around, the exercises prepare us to keep a cool head and react as the situation requires – systematically and calmly. Our ability to respond quickly in real-life situations also improves with practice in simulated situations”, Saarikallio adds.
The exercise is coordinated by the National Emergency Supply Agency’s Digipooli network in cooperation with Traficom’s National Cyber Security Centre. The National Emergency Supply Agency is responsible for organising the exercise. The TIETO22 exercise is part of a longer series of exercises. The exercises have been held regularly every second year in various forms since the late 1980s.
Delivery Director, Digia Plc
+358 40 673 6391 / juha.kylanpaa(a)digia.com
Digia is a software and service company that helps its customers renew themselves in the networked world. There are more than 1,300 of us working at Digia. Our roots are in Finland and we operate both in Finland and abroad. We are building a world in which digitalisation makes a difference – together with our customers and partners. Digia’s net sales totalled EUR 156 million in 2021. The company is listed on Nasdaq Helsinki (DIGIA). digia.com