As tensions between the US and Iran rise and the threat of major cyberattacks becomes more imminent, the Department of Homeland Security warns businesses to be extra vigilant. Experts expect Iran’s retaliation to involve widespread digital attacks that could affect businesses, mainly in the utility sector, as the goal is to disrupt American infrastructure. However, this is no time to panic. There are steps that can, and should, be taken to prepare for these attacks and ensure that they result in minimal damage.
All cybersecurity executives are aware that vigilance is always key, but during a time of heightened foreign threat, extra steps should be taken, especially by industries related to infrastructure. Experts say Iran will target heavy industry, oil and gas, electrical generation and other infrastructure industries in an attempt to cause disruption while avoiding a “shooting war”, according to CIO Dive. While these attacks can be extremely damaging, Iran’s cyber capabilities are limited, and nation-wide attacks or large scale electrical blackouts will most likely not occur. Attacks like these are highly unlikely due to their level of difficulty, which requires cyber capabilities that Iran currently does not have. Robert M. Lee, Founder of the cybersecurity firm Dragos, told the Washington Post that his major concern is not the attacks themselves, but the potential overreaction and widespread fear resulting from the attacks.
The Cybersecurity and Infrastructure Security Agency (CISA) says cyberattacks will affect finance, energy, and telecommunications organizations, as well as industrial control systems and operational technology, as other sources have predicted. The US has significant intelligence on other types of threats as well, including government databases, for example, but CISA’s report aims at educating businesses on attacks that will affect them directly, while the Department of Homeland Security works on protecting government databases. Attacks on businesses can range from “cyber-enabled espionage and intellectual property theft” to “disruptive and destructive cyber operations”. These threats are not unlike ones CISOs encounter on a daily basis from foreign and domestic cybercrime and hacker groups. It is also worth noting that Iran has been able to gain access to these companies’ networks in the past, but they have yet to cause any disruption once the networks have been hacked. This time, however, the intent is to disrupt infrastructure, which is why businesses are urged to take extra precautions.
So what does this all mean?
There will likely be a cyberattack affecting businesses in various sectors, but cybersecurity executives are not powerless against them. CISA has provided specific steps that CISOs can take today to ensure prevention or minimal impact of digital attacks.
1. Prepare your organization for rapid response by adopting a state of heightened awareness
2. Increase organizational vigilance
3. Confirm reporting processes
4. Exercise your incident response plan
5. Confirm offline backup
In addition to taking these immediate steps, companies should also assess and strengthen various aspects of their cybersecurity practices. In particular, CISA suggests reevaluating the following:
2. Incident Response
3. Business Continuity
4. Risk Analysis
5. Staff Training
6. Account Protections
7. Vulnerability Scanning and Patching
8. Network Traffic Monitoring
9. Application Whitelisting
At a time where foreign cybersecurity threats are more probable than ever, companies are depending on CISOs and CIOs to protect valuable information from being used to cause damage to utilities and infrastructure. As the old Benjamin Franklin saying goes, an ounce of prevention is worth a pound of cure, and in this case, the cure could be time-consuming and expensive. With a little extra vigilance and strengthening of current security practices, prevention is a real, and important, possibility for businesses.
Transformational CISO West
We’re thrilled that you’re interested in Transformational CISO West Coast in January 2020. With the instances of cyber attacks increasing, businesses of all sizes are working tirelessly to secure their networks, devices, and data. Fortune 500 organizations are especially vulnerable as they have big data pools and thousands of people who need access. CISOs need to plan for worst-case scenarios, stay ahead of the latest IT Security transformation technology, and maintain their company’s information assets, all without losing sight of the corporate culture.
Are you interested in becoming a sponsor for this event? Click here today to learn more >>
Are you interested in attending this event? Inquire here today to find out if you qualify for Millennium Membership >>