How Many Companies Are Ready for a Cyber War?
The war in Ukraine is playing out on the ground. But like many 21st century conflicts, it’s also taking place online. Indeed, Ukraine has long experienced coordinated cyber-attacks from its powerful neighbour. But now analysts are concerned that Russia’s cyber offensive might move west. Read on to learn why you need to be ready for cyber war.
Is cyber war our future?
Reporting from The Guardian points to relentless cyber attacks on Ukrainian cyber targets, particularly government-linked and government-controlled websites.
For Ukraine, the cyber attacks aren’t new. In 2015 and 2016, its electric grid was shut down by coordinated attacks, which government officials accused Russia of perpetrating.
The attacks took down three distribution centres, leaving nearly a quarter of a million people in the dark, according to reporting from Wired.
In the words of former U.S. Air Force Cyber Warfare Operations Officer, Robert M. Lee, the synchronisation of the assault was “brilliant”:
In terms of sophistication, most people always [focus on the] malware [that's used in an attack]. To me what makes sophistication is logistics and planning and operations and ... what's going on during the length of it. And this was highly sophisticated.
And it’s not as if control systems in Ukraine weren’t up to scratch. Many analysts point to the fact that systems in Ukraine were surprisingly more secure than some in the U.S. (in comparison), with robust firewalls segmenting them from control centre business networks.
The implication, though, is that those controls weren’t enough. What then can companies in the West do to protect themselves and their customers?
Taking corporate security to the next level
Protocols matter. Western governments have put their respective critical infrastructure entities on high alert, especially after the Colonial Pipeline shutdown last year.
Non-critical sectors need to heed those warnings, as well. Investing in corporate security technologies to stay ahead of the threat.
Not all technologies are created equal, though. The capabilities that matter include those that enable organisations to manage all aspects of their security operations proactively – from anywhere, on any device.
That solution should be based on ISO standards, such as ISO 27001, streamline your operations using workflow automations to guide information capture, enrichment, follow-up tasks, and notifications, as well as validate threats and risks to drive better investment of your resources.
When it comes to specific capabilities, consider the following:
- Security threat assessments. Conduct security threat assessments at any level, on any device, while in the field. Use the data to inform where resources need to be deployed as the security incident evolves.
- Incident management. Increase security incident reporting by making forms easy to access via QR codes and public forms. Within the form, provide reporters with a simple and streamlined experience using intuitive forms, with voice-to-text dictation to eliminate reporting barriers.
- Planned events. Understand security resourcing requirements ahead of time by capturing planned event details from organisers. Use this information to make sure you can deliver on the services expected then use analytics to analyse performance.
Finally, the war in Ukraine only highlights the cyber war risk facing corporations around the world. As such, preparatory measures implemented by operational security management software are crucial.
Those same platforms should also provide sterling cyber incident event management capabilities. To learn more, download our guide to Improving Cyber Incident Response and Management.