With the situation between Russia and Ukraine, business leaders at organizations of all sizes should review the U.S. Cybersecurity & Infrastructure Security Agency’s (CISA) guidance and doing what they can to have a ‘Shield’s Up’ posture as it relates to the probability of a rapid increase in Russian cyber activity.
The Russian government has used cyber operations, directly and indirectly, as a key component of their cyber warfare strategy, typically focusing on critical infrastructure providers and their partners. Not only is Russia very capable in the cyber space, but they are willing to use their capability against adversaries, perceived or actual. We have seen how disruptive and destructive Russia-based attacks can be having lived through NotPetya and, more recently, Solarwinds. Russian actors have become far more opportunistic in the way that they perpetrate attacks. We saw this with the attacks on Colonial Pipeline and JBS Foods.
So, what can business leaders do to protect their organizations?
- Ensure that you are openly communicating to all staff regarding the rising likelihood of a Russian-based cyber-attack.
- Share your concerns with your managed service providers and other key partners and discuss the measures being taken to protect your organization and your most valuable assets.
- Watch your perimeter. Monitoring perimeter security is critical to stop malicious hackers from entering your company’s network.
- Have an incident response plan ready.
- Improve rigor around patching and vulnerability management.
We encourage everyone to remain vigilant, aware, and remember, if you see something, say something.