Ukraine crisis: Guidance on strengthening your cyber security

UK businesses warned to strengthen their cyber defences

The National Cyber Security Centre (NCSC) has given a stark warning to organisations to strengthen their cyber defences since the DDoS attacks on Ukraine, and ahead of any forthcoming cyber attacks. The Cybersecurity and Infrastructure Security Agency (CISA) also issued ‘Shields Up’ guidance to all organisations in the US with recommendations to increase their cyber security posture. The guidance includes advice for organisations on how to reduce the risks of a data breach by maximising their cyber resilience, taking swift action to detect cyber intrusions, and preparing incident response teams ahead of potential attacks.

Defense.com has already noticed some of our customers in financial and insurance sectors being targeted with attempted attacks since the rise in tensions between Russia and Ukraine. When threat levels are raised, it’s advised to be proactive in securing systems to reduce exposure and minimise the risk of a cyber attack. Here are some fundamental actions organisations should prioritise to ensure their security posture is robust:

Actions to avert cyber security risks

Assess your vulnerabilities

Assess and prioritise vulnerabilities that need to be fixed immediately and could have the biggest impact on the organisation if exploited. Consider the costs and availability of resources required to fix issues to avoid prolonged system downtime. For a more comprehensive assessment of your threat landscape, a penetration test will enable you to understand where your vulnerabilities lie and provide guidance on how to fix any flaws before a threat actor can take advantage of them.

Review your access controls

Stronger access controls should be implemented to prevent unauthorised access to your IT network. If third parties have access to your systems or cloud, it is essential you understand their level of privilege and what they can access to safeguard against the threat of a breach that impacts your data. Every employee should understand the importance of strong passwords and how critical these are to the security of business and personal data. Implementing multi-factor authentication (MFA) is advised to further strengthen your security posture and reduce the risk of hackers gaining access to privileged accounts.

Incident response plan

The damage from a cyber attack can be minimised with a well-structured incident response plan. If you already have an incident response plan in place, ensure that it is up to date, the roles and responsibilities of key personnel are clearly defined, and that both the escalation methods and contact details for key stakeholders are listed and accurate.

System patching

Manage your risk by ensuring all devices, operating systems, and applications are patched. Unpatched systems are at risk of being exploited by hackers using known vulnerabilities. If systems and applications are not updated, businesses are highly susceptible to cyber attacks and data breaches.

Back up data

Regularly back up data to avoid cyber threats such as malware and ransomware. Storing backup data offline for example, is a way of isolating it from its live environment while keeping it protected from cyber attacks. This means that any cyber security incident threatening your live environment will not affect the backup data, giving you greater peace of mind that business-critical data can be restored in the event of a cyber attack.

Brief your organisation

Inform your employees and wider organisation, including partners, customers, and third-party suppliers on how current events could pose a risk to the business and what the company is doing to protect business-critical and customer data. This will give all stakeholders greater peace of mind that your business is proactive in dealing with potential threats and that your cyber security is robust.