Published on November 9, 2023, 4:12 am
With the ongoing conflict between Ukraine and Russia extending into cyberspace, it is not just the two countries involved that are at risk. The Singapore Cybersecurity Agency (CSA) has highlighted that non-state actors have also been participating in the conflict, increasing the potential for a broader and more intense cyber conflict.
The involvement of private individuals and groups on both sides of the conflict poses a risk to companies, organizations, and even entire nations. These non-state actors may indiscriminately target entities in retaliation, and cybercriminals could exploit the situation for their own malicious activities.
To help companies bolster their cybersecurity defenses, the CSA has issued guidelines to strengthen their cybersecurity posture. Some of these recommendations include implementing multi-factor authentication for remote and administrative access to systems, keeping software and applications up-to-date with the latest patches, and closely monitoring network traffic for suspicious activity.
In particular, monitoring network traffic is crucial because solutions like log-based and agent-based approaches can create visibility gaps in a company’s digital infrastructure. These gaps leave room for threat actors to exploit vulnerabilities undetected. However, network detection and response (NDR) solutions provide full visibility throughout an organization’s digital infrastructure, eliminating these gaps. NDR solutions leverage machine learning and AI to identify normal system behavior and flag any suspicious activity in real time. This combination of advanced technology allows for faster threat detection and resolution.
While implementing robust cybersecurity measures is essential, it is equally important for IT departments to collaborate effectively with other departments within an organization. Geopolitical tensions make it imperative for organizations to foster better communication between IT teams and senior management. Senior managers should ensure that strong cybersecurity practices are understood by everyone in the organization while providing IT teams with necessary resources and support.
To enable this collaboration effectively, senior managers need complete visibility in key areas:
1. Existing security posture: Understanding strengths, weaknesses, and plans to address vulnerabilities will allow executives to support security teams adequately.
2. Planned responses: Executive leadership should be briefed on incident response, crisis management, and business continuity plans to minimize operational disruptions during an attack.
3. Security infrastructure: Full visibility into policies regarding software updates, backup strategies, identity management and multifactor authentication processes, endpoint monitoring and protection, risk management for cloud applications, as well as the effectiveness of security teams in addressing potential cyberattacks.
Additionally, leaders should also consider the wider ecosystem involved in achieving effective cybersecurity. Systems integrators, managed services providers, channel partners, and technology vendors all play crucial roles in ensuring robust security.
As businesses continue to adopt multi and hybrid-cloud solutions, the attack surface for cybercriminals expands significantly. Therefore, business leaders must prioritize full visibility of their organization’s security posture and infrastructure and take preventive measures to avoid significant disruption and damage.
In conclusion, the involvement of non-state actors in cyber conflict presents a risk to individuals, organizations, and governments beyond Ukraine and Russia. By implementing robust cybersecurity measures, fostering collaboration between IT teams and other departments within organizations, and ensuring full visibility across security ecosystems, entities can enhance their cyber resilience in an ever-evolving threat landscape.