How to boost cybersecurity in the age of increased geopolitical tensions
GEOPOLITICAL tensions prevail and businesses need to navigate the terrain carefully.
Aside from economic considerations, geopolitical tensions also give rise to cybersecurity risks. It’s why the US Cybersecurity and Infrastructure Security Agency (CISA) recently issued a note to businesses advising they revisit their cybersecurity plans in light of the tensions with Iran.
“Review your organization from an outside perspective and ask the tough questions—are you attractive to Iran and its proxies because of your business model, who your customers and competitors are, or what you stand for?” said the document.
“CISA strongly urges you to assess and strengthen your basic cyber and physical defenses to protect against this potential threat.”
For businesses, irrespective of where they are, geopolitical tensions can increase risks faced in cyberspace. To prepare for this, here are some steps that CISA recommends:
# 1 | Adopt a state of heightened awareness
The first step to ensuring that the organization is able to defend itself in cyberspace is to review its security policies and emergency preparedness plans.
Also, organizations need to ensure that have access to all the relevant information such as new forms of attacks and threat vectors, to keep themselves more aware.
# 2 | Increase organizational vigilance
CISA recommends that companies ensure their security personnel are monitoring key internal security capabilities and that they know how to identify anomalous behavior.
“Assess your access control protocols. Flag any known Iranian indicators of compromise and tactics, techniques, and procedures for immediate response,” advised the government agency.
# 3 | Confirm reporting processes
Organizations that want to defend themselves effectively need to ensure that they know how to report an incident when it occurs — to all relevant stakeholders.
Doing so will not only help them but also other organizations in the industry, country, and region that want to guard against the same or similar threats.
# 4 | Exercise your incident response plan
“Ensure your personnel are familiar with the key steps they need to take during an incident,” said CISA.
Questions that the government body recommends asking are: Do staff have the accesses they need? Do they know the processes? Are various data sources being logged as expected?
“Make sure personnel are positioned to act in a measured, calm, and unified manner.”
# 5 | Revisit your offline backups
Finally, the reality is that despite best efforts, organizations sometimes helplessly succumb to attacks in cyberspace.
However, to mitigate the risks once they’ve fallen victim, organizations need to ensure they have the right backups are are able to restore company data — and, by extension, their operations.
While the advice has been issued by US government agency CISA, similar advice has been issued by Australia, China, as well as other countries in the APAC.
Businesses that want to ensure they’re well protected in the digital age need to engage with their national cybersecurity advisory body to understand the risks and plan to mitigate them while they’re ahead.