“Shields Up”: Ukraine War Raises Threat of Russian Cyberattacks

The federal Cybersecurity & Infrastructure Security Agency (CISA) and the FBI issued a “Shields Up” warning this week. Here’s what that means.

U.S. businesses are at a heightened risk of cyberattacks following the Russian invasion of Ukraine.

The federal Cybersecurity & Infrastructure Security Agency (CISA) and the FBI issued a “Shields Up” warning last week regarding the potential for Russian cyberattacks against U.S. organizations. CISA advised that although there currently are not any specific credible threats to the United States, it recommends that all organizations—and particularly U.S. critical infrastructure including the financial services industry—adopt a heightened cybersecurity posture.

The agency recommends taking actions that will reduce the likelihood of a damaging cyber intrusion, quickly detect a potential intrusion, ensure the organization is prepared to respond if an intrusion occurs, and maximize the organization’s resilience to a cyber incident.

Senior leaders can take several steps to mitigate the risks:

1. Empower chief information security officers (CISOs).  In nearly every organization, security improvements are weighed against cost and operational risks to the business. In this heightened threat environment, senior management should empower CISOs by including them in the decision-making process about mitigating risk to the company and ensure that the entire organization understands that security investments are a top priority in the immediate term.

2. Lower reporting thresholds.  Every organization should have documented thresholds for reporting potential cyber incidents to senior management and to the U.S. government. Senior management should establish an expectation that any indications of malicious cyberactivity, even if blocked by security controls, should be reported to the CISA or FBI.

3. Test response plans.  Cyber incident response plans should include not only security and IT teams but also senior business leadership and board members. Senior management should participate in a tabletop exercise to ensure familiarity with how their organization will manage a major cyber incident.

4. Focus on continuity.  Recognizing finite resources, investments in security and resilience should focus on those systems supporting critical business functions. Senior management should ensure that such systems have been identified and that continuity tests have been conducted.

5. Plan for the worst.  Senior management should ensure that measures can be taken to protect the organization’s most critical assets in case of an intrusion, including disconnecting high-impact parts of the network if necessary.

“As the nation’s cyber defense agency, CISA stands ready to help organizations prepare for, respond to, and mitigate the impact of cyberattacks,” the agency said. “When cyber incidents are reported quickly, we can use this information to render assistance and as a warning to prevent other organizations and entities from falling victim to a similar attack.”

Free cybersecurity services and tools are available at: Free Cybersecurity Services and Tools | CISA. (https://www.cisa.gov/free-cybersecurity-services-and-tools).

From: BenefitsPRO