Editor's note: This article was originally featured in Security Boulevard.
Companies may not be interested in international conflict, but international conflict takes a deep interest in disrupting companies. Russia’s attack on Ukraine, ongoing since February 24, changed the world of data security almost overnight, quickly escalating the already well-established likelihood of Russian cyber aggression against the private sector to an imminent and visible threat and underscoring the need for companies to reassess their security posture.
In response to the escalated threat, the White House, in coordination with the Cybersecurity and Infrastructure Security Agency (CISA) recently released a detailed cybersecurity fact sheet that outlined several steps companies should take to bolster security and protect against attacks, such as backing up and encrypting mission-critical data, mandating multi-factor authentication on their systems and deploying other modern security methods. Business leaders should assess the rapidly evolving cybersecurity landscape and its impact on their business and heed the U.S. government’s recommendations.
For companies to bolster their security profile, CISOs should do the following:
- Determine their company’s risk by understanding the type of data they have and whether it is regulated and appropriately protected
- Consider their company’s international footprint/scope of operations and to what extent they may be caught in the crossfire or deliberately targeted in a geopolitical struggle
- Implement the security measures outlined by CISA and other industry guidelines, which include backing up data
Taking these actions will help you ensure you are best positioned to weather shifting geopolitical currents.
Understanding your data
To accurately assess your exposure to hostile geopolitical actors, you must understand the type of data your company has and to what extent it is currently protected. Is it regulated under the EU General Data Protection Regulation (GDPR) or U.S. Health Insurance Portability and Accountability Act (HIPAA), or by financial services authorities? Is it personally identifiable information (PII)? Would it pose a threat to the company or others if it were exploited by an adversary? These are all important questions to ask as you classify and assess your data and ultimately determine its susceptibility to sabotage.
Assessing geopolitical risk
In the face of international conflict, company leadership also needs to assess the scope of the business’ international operations to calculate exposure to geopolitical threat actors. To do so, consider the following questions:
- Does your company operate data centers in countries or regions facing threats of attack or occupation?
- Do you do business with governments/countries that are caught in the crossfire or top targets of adversarial actors?
- Are you susceptible to insider threats?
The answers to the above will help determine your level of risk to international cyberattacks.
Take steps to strengthen your cybersecurity posture
While there are many steps organizations should be taking to strengthen security against international threat actors, data backups play an especially pivotal role. Having backups foils cybercrime by letting you restore your systems to a recent point in time before it was infected. CISA themselves suggest that companies should make data backup a key priority in order to minimize the impacts of a cyber attack.
To ensure backup capabilities are effective and seamless, companies should implement a backup strategy with the help of a solutions provider that allows for regular, automated backups that are stored off-platform for the data in case a cloud provider suffers an outage or data incident. In addition, an effective backup solutions provider should also have the capacity to backup metadata, files and attachments and the ability to centrally manage backups across geographies. By incorporating all of these elements into your backup strategy, you will maximize your protection against data loss and provide much-needed peace of mind in a time of geopolitical tensions.
In today’s threat environment, the lines between businesses and nation-states are blurring. Belligerent entities see companies as an extension of the governments and countries they seek to disrupt, and they will not hesitate to target your business if they believe it advances their cause. To avoid becoming a casualty in the ever-escalating cyber world war, CISOs need to take action to classify existing data and ultimately fortify it against potential attack. By taking the actions outlined above to understand your data, assess your geopolitical risk and implement a data backup strategy, in addition to implementing the steps advised by the White House and CISA, companies will be well-suited to bolster defenses against hostile geopolitical threats and protect against harmful attacks.