Ukraine crisis: Guidance on strengthening your cybersecurity

UK businesses warned to strengthen their cyber defenses

The National Cyber Security Centre (NCSC) has given a stark warning to organizations to strengthen their cyber defenses since the DDoS attacks on Ukraine, and ahead of any forthcoming cyberattacks. The Cybersecurity and Infrastructure Security Agency (CISA) also issued ‘Shields Up’ guidance to all organizations in the US with recommendations to increase their cybersecurity posture. The guidance includes advice for organizations on how to reduce the risks of a data breach by maximising their cyber resilience, taking swift action to detect cyber intrusions, and preparing incident response teams ahead of potential attacks.

Defense.com has already noticed some of our customers in financial and insurance sectors being targeted with attempted attacks since the rise in tensions between Russia and Ukraine. When threat levels are raised, it’s advised to be proactive in securing systems to reduce exposure and minimize the risk of a cyber attack. Here are some fundamental actions organizations should prioritize to ensure their security posture is robust:

Actions to avert cybersecurity risks

Assess your vulnerabilities

Assess and prioritize vulnerabilities that need to be fixed immediately and could have the biggest impact on the organization if exploited. Consider the costs and availability of resources required to fix issues to avoid prolonged system downtime. For a more comprehensive assessment of your threat landscape, a penetration test will enable you to understand where your vulnerabilities lie and provide guidance on how to fix any flaws before a threat actor can take advantage of them.

Review your access controls

Stronger access controls should be implemented to prevent unauthorized access to your IT network. If third parties have access to your systems or cloud, it is essential you understand their level of privilege and what they can access to safeguard against the threat of a breach that impacts your data. Every employee needs training to understand the importance of strong passwords and how critical these are to the security of business and personal data. Implementing multi-factor authentication (MFA) is advised to further strengthen your security posture and reduce the risk of hackers gaining access to privileged accounts.

Incident response plan

The damage from a cyber attack can be minimized with a well-structured incident response plan. If you already have an incident response plan in place, ensure that it is up to date, the roles and responsibilities of key personnel are clearly defined, and that both the escalation methods and contact details for key stakeholders are listed and accurate.

System patching

Manage your risk by ensuring all devices, operating systems, and applications are patched. Unpatched systems are at risk of being exploited by hackers using known vulnerabilities. If systems and applications are not updated, businesses are highly susceptible to cyberattacks and data breaches.

Back up data

Regularly back up data to avoid cyber threats such as malware and ransomware. Storing backup data offline for example, is a way of isolating it from its live environment while keeping it protected from cyberattacks. This means that any cybersecurity incident threatening your live environment will not affect the backup data, giving you greater peace of mind that business-critical data can be restored in the event of a cyber attack.

Brief your organization

Inform your employees and wider organization, including partners, customers, and third-party suppliers on how current events could pose a risk to the business and what the company is doing to protect business-critical and customer data. This will give all stakeholders greater peace of mind that your business is proactive in dealing with potential threats and that your cybersecurity is robust.