Instructions and guides for organisations and companies

Organisations have become increasingly dependent on digital services and systems. A well-built cyber security protects the organisation's functional capacity and ensures that the opportunities offered by digital services and systems can be utilised in business. This page contains instructions for improving the security of your organization.

Instructions for management

What to do in case of a ransomware incident - instructions for management Cyber security and the responsibilities of boards Strengthening cyber security at Finnish organisations - Instructions for management and experts

Instructions related to Microsoft 365 services

How to protect your Microsoft 365 services What to do in the event of Microsoft 365 account compromise Increasing number of M365 data breaches utilise AiTM phishing technique

Instructions for recovering from cyberattacks

Instructions – Data breach Instructions – Ransomware Instructions – Denial-of-service attack Instructions – Supply chain attack Instructions – Leaked IDs Instruction - Incident response for cloud environments

Have you been subjected to a data breach or a data leak?

Guide in the Suomi.fi services: My personal data has been stolen or leaked

Instructions for social welfare and healthcare organisations

Information security and data protection requirements for social welfare and healthcare procurements Classifying the criticality of the functions and information systems of social welfare and healthcare organisations Maturity assessment of the ISO 27001 information security management system in social welfare and healthcare organisations Deployment of Cybermeter in social welfare and healthcare organisations

Cyber exercises

Cyber exercises aim at improving organisations’ preparedness and responsiveness to serious security incidences and to shorten and reduce the impact of actual cyber attacks. A simulated crisis situation will be created in the training session, and the organisation will learn valuable lessons to develop its own activities.

OTHER GUIDES AND INSTRUCTIONS

Protect your information: Tips for ensuring the security of your mobile phone What to do if you detect an information security incident Information security under exceptional circumstances - Instructions for organisations and companies Materials for securing critical infrastructure Secure development - towards approval Information exchange practices for cooperation groups

REPORT AN INFORMATION SECURITY BREACH

Private individuals, companies and organisations may notify the Finnish Transport and Communications Agency Traficom's Cyber Security Centre of any information security breaches that have been committed against them, such as phishing or denial of service attacks, as well as attempts to commit such breaches.

Report an information security breach

Page was last updated