The purpose of these instructions drawn up by the National Cyber Security Centre Finland of the Finnish Transport and Communications Agency Traficom is to offer advice to organisations on how to prepare for information security incidents involving cloud services and how to act in situations in which an information security incident involving a cloud environment is suspected. The instructions are focused on the handling of the special characteristics of cloud environments in terms of incident management.
In order to resolve the situation completely, the organisation should maintain the incident management plan it has drawn up in case of information security incidents and follow it.
These instructions offer guidance on a general level on how to act in case of an information security breach and recover from it. It is recommended that the organisation should draw up a separate guide for its own use that takes its technological and operational environment into account in more detail. The project is funded by the National Emergency Supply Agency.