Security

Global Events Are Raising Cyber Risks for American Businesses

State-aligned threat actors are on the rise. Here’s what security leaders should do.

JEFF POLLARD is a vice president and principal analyst with Forrester. This article was adapted from a research report he wrote with several colleagues, “Russia’s Invasion has Permanently Altered the Cyberthreat Landscape.”

The cyberthreat landscape confronting businesses has changed permanently as a result of recent global events, including (but not limited to) the situation in Ukraine. Whether you’re a government agency or retailer, you must prepare for a permanently altered threat landscape; no organization will be immune.

In a recent report, my colleagues and I detailed why and how every organization must prepare for a new era of cyberthreats.

Certain Business Factors Increase the Level of Risk

There are several factors that increase a business’s degree of vulnerability. The first, of course, is the nature of the business. Any company involved in the nation’s infrastructure — especially utilities, energy providers such as gas and oil firms, and financial services companies — will be targeted. Likewise, any company, regardless of industry, that has a well-known public profile is also at higher risk.

A company might also increase its risk level with its public stances on global issues. Your public communication makes you a target for cyber retaliation or cyberespionage, today and long into the future.

Moreover, businesses in this new threat landscape will have to defend themselves against several types of adversaries, including those sponsored by, affiliated with or merely tolerated by nation-states. These malicious actors may have similar political and ideological motivations, but their goals, tactics, techniques and procedures can differ.

Click the banner below to unlock exclusive cloud content when you become an Insider.

Why Incident Response Strategy Is Critical to Cyber Defense

When cybersecurity incidents make the news, executives and board members at unaffected companies become alarmed, which can result in a cascade of questions to IT leaders and their teams. To avoid drowning in a deluge of panic and requests:

Relentlessly and proactively update your executives. Prepare a brief in advance and make it factual to avoid further fear. Include your external threat reporting, but enrich it with internal context, highlighting the potential impact on your organization and the overall risk to the business. Take the opportunity to remind your executives what tactical activities you’re undertaking to deal with the immediate issues, as well as how your strategy will serve to prepare for such events, now and in the future. Be clear on when you will update the executives next and what topics you’ll cover. Reassure them that if there is a major incident, you’ll update them in line with the major incident processes of the organization.

Develop a FAQ document for your board and executives. In many organizations, security is a new and scary topic for executives and board directors. Make their lives easier by creating reference materials, such as a FAQ, to guide discussions. This will help them ask the right questions about the implications of global conflict, such as “What is the current advice from our government?” or “What is our current level of risk?” Not only will you get the opportunity to guide the discussion, but you will invite an open line of communication with your stakeholders and give them the opportunity to engage with you in a meaningful and safe way.

Consider secure communications tools for security, privacy and reliability. Firms concerned about the security and privacy of business communications — such as eavesdropping, communications metadata exposure, data loss or noncompliance — should take steps to protect corporate communications. Enterprise-class encrypted messaging and calling solutions work in low-bandwidth environments. And these tools aren’t one-off investments; you can use them to protect everyday communications, as out-of-band communications channels during incident responses, and to provide traveling executives with enhanced security.

WATCH: Learn how to simplify your security strategy in a shifting threat landscape.

The use of cyberoperations as a precursor to and a tactic of military operations, as well as a tool of retaliation, is here to stay. In future conflicts, great and small, expect both sides to spread and amplify disinformation, soften targets with preemptive cyberattacks on government and critical infrastructure, sow chaos and fear with cyberattacks on allies and supporters, raise funds through ransomware, and steal intelligence with cyberespionage. This is our new reality.

Getty Images/ cokada