Over the last six months, organisations in Ukraine have faced threats including massive distributed denial-of-service (DDoS) attacks, increased malware activity, targeted and persistent phishing attacks, disinformation campaigns and attacks on cyber-physical systems.
Paul Proctor, distinguished vice president analyst at Gartner explains it’s likely that cyberthreats will continue at least as long as the physical conflict does.
“The ‘fog of war’ can challenge situational awareness and panic will increase the risk of mistakes, creating an advantageous situation for bad actors. While the impacts of individual attacks will vary, the broader effects of a heightened threat environment will be felt by organisations worldwide.”
Proctor said that it important to remember that cyber warfare does not have geographical boundaries in the way that physical conflict does.
“For example, at least three energy companies in Germany have been targeted in cyberattacks since the invasion began. We’ve also seen cyber actors in other regions, such as China, taking advantage of the situation to propagate threats, as well as involvement from non-state actors, like the Anonymous hacking group engaging in an offensive against the pro-Russia Conti ransomware gang,” he explained.
Preparing for the future
The Russian invasion of Ukraine was the latest crisis demonstrating that enterprise security and risk cannot be managed in a vacuum by the CISO and their team, Proctor said.
“Crises place an additional premium on risk-based decision making, and business leadership must be involved at every level. Executives who make defensible, risk-informed choices are more likely to navigate their organizations with resilience, from response through recovery,” he explained.
“Geopolitics and cybersecurity have become inextricably linked. Therefore, as security leaders, you need to be looking at the global threat landscape from a business lens. Every business decision made in this environment has security implications, and vice versa.”
Proctor said leaders should consider how current events are impacting enterprise risk levels.
“What is the business’s appetite for that risk, and is it changing in the context of these events? Modern enterprise security leaders cannot just focus on vulnerabilities or security technologies.
“Rather, they must lead the enterprise to make informed decisions about its cyber-related risk exposure, and understanding the security impacts of global events is a key component of that new role,” he ended.
No comments:
Post a Comment