Cyber Daily Report

None--Security Boulevard
published date: 2022-03-23 12:46:00 UTC

None

Russia’s invasion of Ukraine and the resulting global instability the war has unleashed will have a lasting impact on the cyberthreat landscape, one which will also require <a href="https://securityboulevard.com/?s=enterprise+risk+management" target="_blank" rel="noopener">enterprise risk management</a> (ERM) leaders to reassess previously established organizational risk profiles.Two reports published earlier this month, one from Forrester <a href="https://go.forrester.com/wp-content/uploads/2022/03/Forrester_Russias-Invasion-Has-Permanently-Altered-The-Cyberthreat-Landscape.pdf?utm_source=pr_pitch&utm_medium=pr&utm_campaign=tech&_gl=1*11pfgkr*_ga*MTg0MDM2MzQyMi4xNjQ3NzcyMjM5*_ga_PMXYWTHPVN*MTY0Nzc3MjIzOC4xLjAuMTY0Nzc3MjIzOS4w" target="_blank" rel="noopener">focused on</a> the overall cybersecurity readiness of organizations, and a Gartner report targeted at ERM leaders noted the need for a fundamental rethinking of IT security practices. Gartner’s report targeted at least four key areas across which ERM professionals must reassess long-standing risk profiles, including talent risk, cybersecurity risk, financial risk and supply chain risk.<h2>Russia’s Invasion Increased Velocity of Risks</h2>The report, “Responding to the Russian Invasion of Ukraine: A Guide for Audit and Risk Leaders” also noted that Russia’s invasion of Ukraine has increased the velocity of many risks Gartner has tracked on a quarterly basis in the analyst firm’s Emerging Risks survey.In addressing cybersecurity risks, the report recommended an increase in tabletop exercises along with ongoing reviews of protocols to defend against ransomware and other malware attacks.Gartner also recommended ERM workers take the lead in defining high-value assets and developing a response plan to ensure that triage and decision-making are not made on-the-fly during an attack.“As ERM leaders reassess their organizational risk models, they must also ensure a high frequency of communication with the c-suite as to the critical changes that require attention now,” Matt Shinkman, vice president with the Gartner risk and audit practice, said in a statement. Regarding the enhanced risks to supply chains, the report cautioned that ERM leaders must ensure their organizations update their supplier contingency plans to reflect the current environment.Those with direct financial exposure to Russia should prepare mitigation strategies at more frequent intervals, and the report noted that ERM professionals should keep in close communication with third-party service providers regarding alternate payment plans that don’t violate current sanctions policies.The talent risk is the fourth area that concerns ERM leaders, with the report pointing out the multiple layers of effects the war could be having on employees. These range from the topline risks to employees from the war itself down through second- and third-order effects including employees with family and close friends at risk in the region.“Internal communications addressing employee well-being and outlining counseling services will need to be carefully calibrated and distributed at a higher frequency,” the report noted. “At an organizational level, talent risks can manifest through productivity constraints in the affected region, as well as disrupting access to the large amount of IT talent concentrated in the countries impacted by the war.”<h2>Preparing for Increased Cyberattacks and Cyberespionage</h2>The Forrester report warned CISOs from every industry should be preparing for increased cyberattacks and cyberespionage, a call that has been echoed by IT security firms and government agencies since the start of the conflict. Among the key recommendations was an investment in the breadth and depth of incident response capabilities, as well as creating and running simulations for targeted attacks, which should be varied by region.The report also called for bolstering essential security defenses, specifically highlighting vulnerability and patch management. Organizations also need to take another look at their DDoS protection capabilities and incident response plans, as well as pay closer attention to device and software hygiene. Determining the threat of insider risks was also highlighted as a priority for organizations, and the report advised monitoring of users who may sympathize with Russia and could have access to data or data systems that could be sabotaged. “Russian operatives may also be reaching out to users to convince them to share authentication credentials or plant malware in your systems,” the report warned. “Have a plan to render useless any devices and data departing users may still retain.”All of the above recommendations must be supported by clear and constant communication between security teams and executive management. These conversations should highlight the potential impact on the organization and the overall risk to the business.<h2>War FAQ</h2>With international news coverage heightening everyone’s alert level and contributing to a sense of instability and unease, it will be important for IT security leaders to develop a “Ukraine/Russia War FAQ” document for the board and executives.“Whether you’re a government agency or retailer, you must prepare for a permanently changed threat landscape; no organization will be immune,” the report noted. The Gartner and Forrester reports joined a steady stream of advisories rolling out as the fighting in Ukraine continues to <a href="https://securityboulevard.com/2022/03/fighting-in-ukraine-raises-prospect-of-us-cyberattacks/" target="_blank" rel="noopener">raise the prospects of U.S. cyberattacks</a>. In February, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a <a href="https://www.cisa.gov/uscert/ncas/alerts/aa22-057a" target="_blank" rel="noopener">joint advisory</a> to help organizations detect and protect their networks from cyberattacks.