Share this article on:
Rohan Langdon from ExtraHop explains how organisations can shore up their defences in preparation for a global outbreak in conflict.
The sad and inhumane events which have unfolded in Ukraine have reminded people of the physical cost of armed conflict. Thousands of deaths and billions of dollars in damage have occurred and there is no immediate indication of an end.
What has also become clear is that the parameters of modern warfare have changed. As well as being fought on land, sea, and in the air, they’re also increasingly taking place in the digital realm. IT systems, data, and critical infrastructure are being attacked as fervently as cities and towns. Companies of all sizes are at increased risk of attacks from nation-state actors.
ACSC guidance
The Australian Cyber Security Centre (ACSC) has issued guidance for how to stay secure, including a range of technical and operational recommendations such as monitoring for vulnerabilities, patching applications and devices, prioritising monitoring for internet-facing and critical network services, securing inventory, and rapid detection and response to destructive attacks.
These offer clear, straightforward, and actionable recommendations for corporate leaders and executives about how they can best support security teams and prepare their organisations for a worst-case scenario.
Together, they ensure visibility and support for CISOs and SecOps teams, lowering reporting thresholds for threat activity, and testing plans and capabilities around incident response and business continuity. Steps taken now could make a significant difference if cyber attacks occur.
The IT department and the business
However, as the conflict continues, it has never been more important for an organisation’s IT team to have a close working relationship with the rest of the business. Communication must be constant, of high quality, and a two-way process.
Senior managers need to ensure that everyone within their organisation understands the importance of strong cyber security. IT security teams need to be given full support and the level of resourcing they require to effectively carry out their roles.
To ensure this critical, two-way communication pays dividends, there are a number of things that senior managers should do. They include:
Remember the wider security ecosystem
As senior executives undertake this detailed communication with their IT teams, they should also remember there is a wider ecosystem of parties involved in achieving effective security.
This includes systems integrators, managed services providers, channel partners, and technology vendors. Each brings a different element to the mix and all play an important role in ensuring security is as robust as possible.
The threats posed by cyber criminals are only going to continue to increase. Taking thorough, preventative steps now can help to avoid significant disruption and damage in the future.
Rohan Langdon is the vice president, Australia and New Zealand, at ExtraHop