By Matt Lindley, CISO and COO, NINJIO
Immediately before the Russian invasion of Ukraine, a form of “wiper” malware targeted the government and financial institutions across the country. Almost two weeks earlier, Ukraine’s defense ministry, army, and two major banks were hit with the largest distributed denial-of-service (DDoS) in the country’s history. While Russia hasn’t yet launched a full-scale cyber onslaught against the country, it’s clear that cyberattacks will be a significant element of this war and future conflicts to come.
Companies in critical infrastructure, financial services, and many other sectors are now on the front lines of an international cyberwar. This is why the U.S. government is calling upon all companies in the country – regardless of their size or industry – to be “prepared to respond to disruptive cyber activity.” This means ensuring that all software is updated, checking networks and systems for vulnerabilities, and making cybersecurity training a core priority for all employees. Just as every company is responsible for contributing to the nation’s cybersecurity, every employee has a role to play in keeping themselves and their companies safe.
We’ve entered a new era in cybersecurity – cyberattacks are more frequent and destructive than ever before, while the threat of cyber warfare is becoming more menacing all the time. Companies have an essential role to play in the national defense against cyberattacks – by defending themselves, they’ll defend the country.
Why open communication is vital for threat detection
One of the most effective ways to identify, thwart, and mitigate cyberattacks is to establish robust reporting mechanisms that will allow you to carefully monitor all your systems. Employees should always be incentivized to report suspicious activity or attacks in progress, even if they bear responsibility for a security breach. Companies should avoid punishing employees for honest mistakes, especially when they’re doing the right thing by proactively reporting potential or ongoing attacks.
Companies often take a reactive approach to cybersecurity, and this is extremely risky at a time when cyberattacks are surging and Russia is expected to wage a years-long cyber campaign against the United States and other countries that are supporting Ukraine. For example, 90 percent of companies provide employees with more cybersecurity training after an attack, but this is often when immense damage has already been done. According to IBM, the average cost of a data breach is $4.24 million and it typically takes 287 days to get one under control.
It’s crucial to develop an integrated approach to cybersecurity, which means establishing clear reporting mechanisms and data protection protocols across the company, training employees, facilitating cooperation and communication between departments, and consistently assessing the state of cyber readiness across your entire workforce. These assessments should inform your cybersecurity awareness training platform, which remains the most effective way to keep your company safe at a time when employees still account for the vast majority of breaches.
Use all the resources at your disposal
While sustainably changing employee behavior is the surest way to protect your company from cyberattacks launched from hostile governments or any other threat actor, there are many digital tools you can deploy to make cybersecurity a habit among your employees. It’s also important to monitor all the devices on your network and encourage transparency from your employees about the apps and other resources they’re using for work.
Companies should deploy password management software (which just 15 percent of Americans take advantage of, despite the fact that 75 percent struggle to keep track of their passwords), multi-factor authentication, VPNs when they aren’t on secure networks, and any other digital resources that make cybersecurity more streamlined. All software should have the latest security updates installed. Companies should adopt the same attitude toward unauthorized digital productivity tools as incident reporting – instead of punishing employees for disclosures, they should encourage honesty and figure out a way to integrate a wider range of tools into their existing security architecture.
At a time when large-scale cyber warfare is a real possibility, companies should conduct a full audit of their systems, networks, and devices. This means updating all software, identifying which resources are in use, establishing channels for employees to report and secure devices (which is particularly important with the rise of remote work), deploying digital security tools, and making sure employees know how to use those tools properly.
Build your cyber defenses around your people
Just as companies are the first line of defense against many cyberattacks from abroad, employees are the first line of defense for companies. According to the latest data from Verizon, 85 percent of breaches involve a human element, and there was a significant increase in successful phishing breaches from 2020 to 2021. These numbers demonstrate that social engineering is still the weapon of choice for threat actors, a fact that applies to government-sponsored attacks and non-state cybercrime alike.
According to PwC, 69 percent of companies already planned to increase their cyber budgets in 2022 before the invasion of Ukraine and the heightened risk of Russian cyberattacks. Companies have to make sure they’re making these cybersecurity investments wisely – while security awareness training is among the most cost-effective ways to prevent cyberattacks, it’s critical to confirm that employees are actually learning the necessary concepts and strategies to keep the company safe. This is why companies should consistently assess employees’ knowledge and identify any gaps and weaknesses that need to be addressed. There’s all the difference in the world between a cybersecurity training platform that exists to make a company look good on paper and one which actually teaches employees how to defend themselves and the organization.
Whether a cyberattack is launched by a lone wolf or a hacker sponsored by Moscow, the most reliable way to prepare your company is to build a culture of cybersecurity. We live in a hyper-connected and fully digitized era, and this has exposed companies to sleepless threats from cyber attackers around the world. The only way to defend your company against these threats is to be just as relentless in the maintenance of your cybersecurity platform.
About the Author
Matt Lindley is the COO and CISO of NINJIO, and he has more than a decade and a half of experience in the cybersecurity space. Prior to NINJIO, Matt was the CEO of REIN Cybersecurity, LLC., the senior technology manager and director of security services at Cal Net Technology Group, and the virtual CIO at Convergence Networks. He has held many other leadership positions in the industry, and he’s an authority on IT, security, and a range of other issues.
Matt can be reached at firstname.lastname@example.org.