By Morten Kjaersgaard, CEO, Heimdal Security
- How are cybersecurity companies reacting to the Russia-Ukraine conflict and what would be the best approach, in your opinion?
Reactions really seem to vary with the focus of the business. Intelligence companies are scrambling to find actionable threat intelligence on Russian activity, whilst SOC teams are staying readily attentive to the increased number of alerts coming through.
As for Heimdal, we are really focused on continuing to stay proactive, which we also strongly believe is the right approach. Hence, my opinion remains the same – companies need to focus on proactively increasing the defensive posture of their infrastructure, rather than waiting for their adversaries to find gaps in it. Our current product development also tries to support just that, with technology that continuously makes it easier to manage your environment and easier to prevent attackers from penetrating it in the first place.
- How are cybercriminals reacting to this conflict? Who are they targeting most now?
State-sponsored actors are increasingly targeting each other at the moment and the objective is to have the upper hand in actionable intelligence on the other party. We clearly saw that with the imposter situation against UK parliament members, but it is certainly something we also see happening for all major EU countries.
However, there is also a heavily increased number of attacks on private businesses, which are a key source of potential technological secrets, as well as financial means to funding a war. Attacks on businesses have already quadrupled from 2021-Q4 levels and we expect this is only the first wave.
- Do you believe that cyberattacks, that have become a part of modern warfare, can have a direct, decisive impact on the battleground? What’s your opinion about the hackers that “turn good” and target Russia?
There is absolutely no doubt that cyber warfare can have a direct impact on slowing ground advances, so cyber warfare is now a direct part of war planning. As you can imagine, it would be tremendously difficult to get aircraft off the ground if control systems are not working and also hard to communicate rapidly if your infrastructure is not working optimally.
As for “hackers turning good”, I think we can all only applaud those who stand up for those who are less capable of protecting themselves in any situation, and that also applies here.
- How does this conflict affect local markets and their spending?
Overall, we are currently seeing increased cybersecurity spending across the board. Governments across EU and the United States are increasingly pushing both state, municipals, and private businesses for increased security measures and rightly so. The current security situation is drastic and requires heavy investment and overhaul, as the IT Security area is not always the first priority when budgets are made.
- What do you think will be the long-term consequences of this conflict for the cybersecurity market? Is Heimdal Security preparing for possible consequences, cementing existing products or maybe anticipating the need for something new?
Heimdal is continuously trying to focus on our proactive approach, which in the current state is highly beneficial, as CIOs scramble to get in front of what is happening at the moment. A lot of security vendors are reactive, which both apply to Intelligence players, antivirus vendors, and SOC teams.
Our focus has always been to close the gaps before they are exploited or predict attacks before they happen – as we do with our unique AI-driven Predictive DNS. More recently we have been focusing on making IT management even easier for IT admins and giving them tools to work faster than the attack will ever be, even on a mass scale. We can’t disclose more than that at the moment.
About the Author
Morten Kjaersgaard is the CEO of Heimdal Security, a leading European provider of cloud-based cybersecurity solutions based in Copenhagen, Denmark. He has a degree in Corporate Marketing and prior to Heimdal, he spent his years at the top of the IT industry as CCO of BullGuard LtD and CEO of a large Danish IT Reseller. Morten has previously been on several company boards and is a frequent event speaker and an Internet Security evangelist. He can be reached online at https://www.linkedin.com/in/kjaersgaardmorten/ and on our company website, at https://heimdalsecurity.com/blog/author/morten/ .