#MillenniumLive , CIO , Healthcare , Millennium Staff
As tensions between the US and Iran rise and the threat of major cyberattacks becomes more imminent, the Department of Homeland Security warns businesses to be extra vigilant. Experts expect Iran’s retaliation to involve widespread digital attacks that could affect businesses, mainly in the utility sector, as the goal is to disrupt American infrastructure. However, this is no time to panic. There are steps that can, and should, be taken to prepare for these attacks and ensure that they result in minimal damage.
All cybersecurity executives are aware that vigilance is always key, but during a time of heightened foreign threat, extra steps should be taken, especially by industries related to infrastructure. Experts say Iran will target heavy industry, oil and gas, electrical generation and other infrastructure industries in an attempt to cause disruption while avoiding a “shooting war”, according to CIO Dive. While these attacks can be extremely damaging, Iran’s cyber capabilities are limited, and nation-wide attacks or large scale electrical blackouts will most likely not occur. Attacks like these are highly unlikely due to their level of difficulty, which requires cyber capabilities that Iran currently does not have. Robert M. Lee, Founder of the cybersecurity firm Dragos, told the Washington Post that his major concern is not the attacks themselves, but the potential overreaction and widespread fear resulting from the attacks.
The Cybersecurity and Infrastructure Security Agency (CISA) says cyberattacks will affect finance, energy, and telecommunications organizations, as well as industrial control systems and operational technology, as other sources have predicted. The US has significant intelligence on other types of threats as well, including government databases, for example, but CISA’s report aims at educating businesses on attacks that will affect them directly, while the Department of Homeland Security works on protecting government databases. Attacks on businesses can range from “cyber-enabled espionage and intellectual property theft” to “disruptive and destructive cyber operations”. These threats are not unlike ones CISOs encounter on a daily basis from foreign and domestic cybercrime and hacker groups. It is also worth noting that Iran has been able to gain access to these companies’ networks in the past, but they have yet to cause any disruption once the networks have been hacked. This time, however, the intent is to disrupt infrastructure, which is why businesses are urged to take extra precautions.
So what does this all mean?
There will likely be a cyberattack affecting businesses in various sectors, but cybersecurity executives are not powerless against them. CISA has provided specific steps that CISOs can take today to ensure prevention or minimal impact of digital attacks.
1. Prepare your organization for rapid response by adopting a state of heightened awareness
2. Increase organizational vigilance
3. Confirm reporting processes
4. Exercise your incident response plan
5. Confirm offline backup
In addition to taking these immediate steps, companies should also assess and strengthen various aspects of their cybersecurity practices. In particular, CISA suggests reevaluating the following:
2. Incident Response
3. Business Continuity
4. Risk Analysis
5. Staff Training
6. Account Protections
7. Vulnerability Scanning and Patching
8. Network Traffic Monitoring
9. Application Whitelisting
At a time where foreign cybersecurity threats are more probable than ever, companies are depending on CISOs and CIOs to protect valuable information from being used to cause damage to utilities and infrastructure. As the old Benjamin Franklin saying goes, an ounce of prevention is worth a pound of cure, and in this case, the cure could be time-consuming and expensive. With a little extra vigilance and strengthening of current security practices, prevention is a real, and important, possibility for businesses.
Transformational CISO West
We’re thrilled that you’re interested in Transformational CISO West Coast in January 2020. With the instances of cyber attacks increasing, businesses of all sizes are working tirelessly to secure their networks, devices, and data. Fortune 500 organizations are especially vulnerable as they have big data pools and thousands of people who need access. CISOs need to plan for worst-case scenarios, stay ahead of the latest IT Security transformation technology, and maintain their company’s information assets, all without losing sight of the corporate culture.
Are you interested in attending this event? Inquire here today to find out if you qualify for Millennium Membership >>
Reach thousands of C-Level
Executives every month.
Do you have content that you feel will
resonate with our audience? We'd love to
welcome you as a guest contributor!
Premium content to our readers
interested in all things business.
Millennium Membership offers Fortune 1000 C-Level executives, leading public sector/government officials, and thought leaders across a variety of disciplines unique and exclusive opportunities to meet their peers, understand industry developments, and receive introductions to new technology and service advancements to help grow their career and overall company value.About Millenium Alliance
Launched in 2017, Digital Diary was created to provide premium content to our members interested in executive education and business transformation. With C-Suite executive and top academic contributors, interviews with industry leaders, and digital transformation insights from technology experts, Digital Diary has all of the professional development tools you need to stay ahead of the curve.
We are dedicated to distributing meaningful opportunities for our reader to increase their personal knowledge, simplify business initiatives, and to have the right information to build their capabilities and leadership skills at every level.
In the midst of disruption across all industries, our members are given the tools they need to digitally transform their organizations.
Joining Mill All is an opportunity unlike any other to connect with the best professionals in your industry and be a part of a community to become the best leader you can be.
500 Companies Attend Each Year