Cybersecurity experts warn that conflict in Ukraine presents ‘perhaps the most acute cyber risk U.S. and western corporations have ever faced.’ Even without a direct cyberattack on a Western nation, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that the effects of Russian cyberattacks could still be felt on U.S. networks.
What does this mean for your organization? For one, it’s important to acknowledge that the cybersecurity threat landscape will continue to expand as the conflict escalates. Security and intelligence teams at several major banks have admitted that they are anticipating attacks and analyzing the projected impact on their operations. Ukrainian government systems and banks have already been targeted by Russian cyber attackers.
The time to take cybersecurity seriously is now. Being unprepared for these looming risks can have profound consequences for your organization’s continuity. Business leaders need to address cybersecurity risk internally and throughout their vendor networks to tighten up any vulnerabilities.
The steps below provide a critical look at how your organization can improve its cybersecurity preparedness:
Review Your Cybersecurity Controls
Whether or not you’ve aligned with a particular cybersecurity framework, your organization’s adherence to its controls will dictate its strengths. Your controls are in place to lessen the shock waves after a cybersecurity incident – it’s imperative to validate that they are effective before an incident occurs.
First, work to understand your control library: do you have complete control coverage for every regulation and standard that applies to your organization? Do you have any duplicate controls that can crosswalk to multiple regulations and standards? Working through questions such as these will help your team to drive efficiency around key control activities, allowing you to gain better insight into their performance.
Once you’ve gained an understanding of your controls, you should evaluate and test their effectiveness. Distribute assessment questionnaires to control owners that interrogate the control’s performance over time. The responses can inform remediation areas and drive control improvements ahead of an issue.
Lastly, work with your cybersecurity team to determine if additional controls are needed as the conflict escalates.
Evaluate Cybersecurity with Your Third Parties, Vendors and Suppliers
In today’s hyperconnected cyber landscape, third-party risk is the organization’s risk. It’s been said before, but you’re only as strong as your weakest link when it comes to weaknesses in your cybersecurity posture. It’s likely that your organization shares access to important data, connectivity points and assets – all of which are frequently targeted during a cyber-attack – with an external organization. Do you know that they are taking the right precautions with these vulnerable aspects of your organization?
There’s only one way to be sure: assess, and then monitor. Identify every vendor that takes part in your extended cyber network. Depending on their access level, service type and incident history, evaluate their cybersecurity practices and policies to verify that they align with your organization’s standards. Be sure to address and remediate any issues with the vendor as quickly as possible. The assessment results should give you data on how closely to monitor the vendor, helping you stay on top of threats.
When assessing your vendor base for cybersecurity risk, consider:
- Which vendors are most exposed to geopolitical risk?
- Which vendors may be high risk for a cyberattack due to the conflict?
Additionally, your team should prepare to rapidly deploy event-driven questionnaires to your vendor network should a cyberattack arise. Keep a pulse on which vendors access critical aspects of your organization and be ready to distribute bulk assessments to the appropriate recipients.
Tip: Often, it is difficult to get a comprehensive, up-to-date picture of a vendor’s cybersecurity health. This is because point-in-time assessments only capture a snapshot of the vendor’s risk. ProcessUnity Vendor Cyber Intelligence embeds real-time BitSight cybersecurity ratings into TPRM (Third Party Risk Management) workflows to provide a complete picture of risk that can validate a vendor’s responses.
Develop a Cybersecurity Continuity Plan
How would your business weather a direct or indirect cyberattack? You may not have the answer now, but this question can help you consider how well prepared you are for disaster. Begin with the assumption that your organization will feel at least some of the effects of cyberattacks in the coming months. Consider:
- Which aspects of your cyberinfrastructure are critical to day-to-day operations?
- Who needs to be involved in an incident response plan?
- How quickly can normal operations be restored in the aftermath of an event?
- What data, assets and applications are most vulnerable?
Use the answers to these questions to help you take a proactive approach to cyberattacks. Remember, cybersecurity is no longer the sole responsibility of the cybersecurity team. It falls on every individual throughout the extended enterprise to uphold the organization’s cybersecurity principles. Internal actors and vendors alike should be briefed on the organization’s cybersecurity priorities. This transparency can help develop vigilance around possible cyber threats.
Gain Enterprise-Wide Visibility into the State of Cybersecurity with ProcessUnity Cybersecurity Program Management
The rapidly evolving nature of today’s cybersecurity landscape demands a proactive approach to cyber risk throughout your vendor network. ProcessUnity Cybersecurity Program Management delivers a centralized platform for your organization to understand your program’s performance across controls, assets and third parties. Automation and standardization streamline key processes within the platform, allowing your team to better mitigate emerging cyber risks. To learn more about ProcessUnity Cybersecurity Program Management, click here.