Although the
scope of this blog is to remain as apolitical as possible, sometimes it’s not
just that easy to do, especially when you are talking about nation state threat
actors, such as those of Rusia, China, North Korea, Iran, etc.
I also have
to be honest and say that this year so far has been amongst the worst that I
have ever seen for geo-related conflicts.
For instance, there is the Ukraninan war, the Hamas war, and now even
possibly a war with Israel and Iran.
Although
these wars are bring fought with the traditional means to do so, there is yet
another angle to do this: The Cyber
Warfare that is taking place. Of course
we can’t feel it or hear it, because it is all taking place in the digital
world.
But believe it
or not, there are victims of this as well, as we have seen in the Ukraninan
war. For example, hackers from Russia have directly attacked its Critical
Infrastructure causing havoc to all of its resources.
An example of
just horrific this is, click on the link below:
https://www.darkreading.com/ics-ot-security/kyivstar-mobile-attack-ukraine-comms-blackout
So if you are
unfortunately in the midst of experiencing this kind of crisis, there are key
steps that you need to take to protect yourself and your business. Here are some of them that you can take:
1)
Employee
Safety:
First
and foremost, remember always that your employees and other subcontractors that
you may have hired are probably amongst the greatest assets that you have. Thus, you need to take every precaution that
is possible, at least from within the confines of your business. If you have a remote workforce, then check up
on your employees periodically to make sure that all is well. By taking this kind of approach, you will
truly show your employees that you care about them and their wellbeing.
2)
Backups:
Apart
from your employees, your Datasets are your next big assets. But as we know today, this is one of the
prime targets for the Cyberattacker.
Therefore, as I have written about many times for clients and even here
on my own blog (and even in my books), backups are totally essential. You cannot do without them. You need to maintain a regular schedule of doing
this for however it fits your security requirements, and always keep in mind
that you have to maintain multiple copies of your backups. If you have an On Premises Infrastructure,
then of course this will be much harder to do.
So, my advice to you in this regard is to use the Cloud, such as that of
Microsoft Azure. They have great tools
already available for you to use.
3)
Cybersecurity
Training:
This
is probably the next important item down the rung here. Your employees have to maintain the strongest
levels of Cyber Hygiene that are possible, and the only way you can do this is
by training them. So just like how you
do your backups, you also need to maintain a regular schedule here as
well. My recommendation is at least once
a quarter, and it should be given in person directly. But don’t make your training sessions as a “one
size fits all” approach. It needs to be
specific and tailored to the audience that you are teaching. For example, if they are members from your
finance and accounting departments, then you need to educate them more about the
tactics of Social Engineering, and how to spot BEC Phishing Emails (this is an
acronym that stands for “Business Email Compromise”, and it is a kind of attack
where the sense of fear and urgency is targeted towards these departments in
order to wire a large sum of money to a phony, offshore account).
4)
Perimeter
Security:
It
is imperative that you get away from this kind of security model. It assumes that you have one line of defense
circling and protecting your business.
But despite how fortified this is, once a Cyberattacker breaks through
it, they have complete reigns over your IT and Network Infrastructure. So to avoid this from happening, implement
what is known as the “Zero Trust Framework”.
This is where you segment all of your digital assets into different zones,
and each one has its own layer of defenses.
The thinking here is that if they can break through one zone, the chances
of them breaking through all of the others becomes almost statistically insignificant
because of all of the authentication mechanisms that are involved.
5)
Sharing:
In
order to keep ahead of the game, you need access to intelligence. The only way that you can get this is by
forming partnerships with others in your industry to share that level of
knowledge. Also, there is a greater
movement now in the Cyber industry for even more extensive partnerships to be
created between the academic, public and private sectors. I know for a fact that the FBI and Secret Service
already do this, as they offer seminars to the public so that such knowledge
can be shared. Also, you can contribute to
and get a wealth of information from such sources as the NIST, CISA, OWASP,
etc.
My Thoughts
On This:
Apart from
taking these above-mentioned steps, don’t forget this one last thing: Have your Incident Response, Disaster
Recovery, and Business Continuity plans in place and ready to go if they are
needed. Also, make sure that you take the
time to rehearse these as well, so all of the people that are involved with
these plans will know exactly what to do.
Many business
learned the hard way during the COVID-19 pandemic by not having these kinds of
plans in place. But make sure you are
not caught again “with your pants down” in these uncertain times.
No comments:
Post a Comment