UNDER ATTACK? GET HELP NOW!

How to Protect Your Business Amid World Conflict

As CISO at an eXtended Service Provider (XSP), I have been receiving a lot of questions about what our clients should be doing to protect themselves amid the conflict taking place in Ukraine, as everyone is on high alert. My first response is that you as a business shouldn’t have to do anything differently if you have already taken the proactive measures necessary to protect your business, including suggested security hardening processes and services such as:

  • Multifactor Authentication
  • Next-Generation Endpoint Security
  • Next-Generation Firewall
  • Endpoint and Network Segmentation
  • Comprehensive Managed Detection & Response including 24/7 SOC
  • Email and Cloud Protection from Phishing and Malware
  • User Security Awareness Program
  • Password Complexity (16+ characters)

Take Comprehensive Action

It has always been imperative that businesses take a holistic and multi-layered approach to protecting their network. Security solutions are not pick one or the other; you must pick multiple that cover every aspect of your business. For example, a country protects itself on the ground, in the air, with intelligence and in both defensive and offensive manners. Think of your business needing to be protected in the same way, except you must include users and their devices, your perimeter network such as firewalls, your internal network of servers and switches, and all of your cloud applications. In order to protect all aspects of your business, you need to protect it with comprehensive solutions. Adding services that include intelligence (eSentire, Red Canary, Crowdstrike, Palo Alto, for example) to your defense will allow your systems to take advantage of what businesses across the world are seeing in real-time. It is imperative that you have or are in the process of implementing these solutions in order to best protect your business.

New Threats on the Horizon

If you have a comprehensive approach to security, you may not need to do anything differently as new conflicts in the world arise. With that being said, much of the IT Security threat intelligence community is on high alert looking for trends and new threats to be aware of now more than ever. Those trends and threats that are being identified in real-time should automatically translate into further protection of your network, as many of your current services integrate technology automatically to perform activities such as blocking malicious IP from e-mailing, logging in, or communicating with endpoints and firewalls. For example, your business may implement custom rules blocking traffic and/or communication from high threat countries. Because this is easily circumvented, having a robust toolset is needed to automatically block known and confirmed threats whether they are based-on location or behavior, in real-time. This may include stopping the attempts to circumvent some more basic preventative measures.

Key Takeaways

If you remember only one thing from this blog know this: whenever there is a popular news story or something happening in the world that is attracting the attention of us humans, bad actors are ready to take advantage of that fact. This is why we are likely to see upticks in phishing emails that mention Russia or Ukraine, for example, and why many security breaches may take place within businesses in the coming weeks

We must continue to alert everyday users of this fact and keep everyone on their toes. The education of your users, and truly every citizen, is pivotal to the defense of your business. You must not only protect them from phishing and malware attacks, but also inform and empower them to report any instances of phishing/malware, or any threats that may be lurking in your environment.

It is imperative that you ensure your business is prepared for the worst. If you were to suffer a cyberattack this week, do you have a robust and complete Cybersecurity Incident Response Plan in place to respond? Do you have a strong Backup and Disaster Recovery Plan to ensure business continuity? Are you regularly testing those mechanisms? Outside of your business’ cyber security, are you prepared for how further supply chain issues will impact your business and global trade? You must be prepared to constantly protect your business regardless of what is happening in the world.

Think about how militaries and countries protect themselves as a metaphor for cybersecurity. What used to take place in the air and ground is now taking place across the global internet, and we are potential targets whether we want to be or not.

Additional Resources

If you have any additional questions, reach out to Entara by filling out this form and selecting, “Technical Question.” If you are a current client, contact your Account Manager for support.

Home | Entara (entaracorp.com)

Shields Up | CISA

Destructive Malware Targeting Organizations in Ukraine | CISA

Scroll to Top