Elisa’s security management team is responsible for strategic steering and decision-making for Elisa’s security operations. Cyber security is part of normal business operational responsibilities, and the line organisation is responsible for implementing it. Cyber security is internalised as part of the development of business operations, processes and services.
Elisa’s Chief Information Security Officer is responsible for leading and developing cyber security.
The development of cyber security is steered all the way from strategy to practical measures. Elisa’s unit-specific strategy is updated every year and deals with the subsequent three years. With regard to cyber security, we follow strategic objectives derived separately from the strategy.
Targets related to cyber security are embedded in unit-specific roadmaps. During planning, we take account of identified and recognised risks affecting business operations as well as their possible effects over the next three years.
In steering everyday work, we use deployment plans derived from the strategy, strategic targets and roadmaps.
We monitor and direct how actions are implemented in Elisa’s security management team. Elisa’s Executive Board monitors the implementation of the strategy at the unit level. The goal is to be able to react rapidly and flexibly and implement the measures required in the situation.
Elisa’s Cyber Security & Service Operations Center (cSOC) is responsible for monitoring for and steering recovery from operational information security incidents in problem situations. Elisa’s cSOC experts monitor the situational picture of information security using information from a variety of sources. The experts are ready to react rapidly to changing situations.
We regularly share up-to-date and topical information about the situational picture (Cyber Security Outlook and Cyber Threat Intelligence) with our important stakeholders. This information is gathered from both external and internal sources and deals with the most critical issues for the organisation. We make use of this information in our operations at various levels in different parts of the organisation, and we share appropriate parts of it with our customers as well.
Elisa offers its corporate customers Security Operations Centre services 24/7. These services give our customers access to a broad range of expert services in various aspects of cyber security. Elisa’s services make it possible to have comprehensive monitoring in different operating environments, as well as continuously developed, secure services for long-term development and strengthening of information security. Customer organisations can take advantage of our versatile IT and network management services and complementary expert and training services. Our certified experts have received security clearances from the Finnish authorities and are Finnish citizens.