return to research

Managing Cyber Threats During Periods of Instability

riskemerging threatsransomwaretechnologypeople
Managing Cyber Threats During Periods of Instability
Download to share with your network

Seven Proactive Steps Towards Stabilisation

The digital world is not immune from impact during periods of real-world instability and conflict. Indeed, many governments and defence think-tanks regard cyberspace as an emergent parallel battlefield in times of conflict. As organisations continue to digitally transform, their dependency on cyberspace – and thus the impact of any disruption to it – continues to grow.

1. Determine if you are a target

Does your organisation’s purpose, prominence and relationship to any conflict or dispute make you a direct target for attack? Make it clear that indirect attacks remain a possibility for any organisation. Determine how this affects your risk profile and agree a mitigation plan.

2. Conduct regular testing

Conduct cyber simulation exercises to ensure the preparedness of the workforce and security systems for identifying, responding to and recovering from an an attack upon your organisation.

3. Monitor the developing situation

Ensure access to timely and accurate intelligence regarding current and predicted threats caused by developing events. If possible, focus these feeds to prioritise those relevant to your organisation, particularly if any threat of direct action has been identified.

4. Do you have digital assets in the destabilised regions?

Clarify what infrastructure – both cloud and on-premise – resides in any potential conflict area. Understand your organisation’s dependency upon these and consider any immediate steps that could be taken to bolster business resiliency in the event they became unavailable.

5. Build an asset isolation plan

How would you isolate high-risk environments and/or assets from the network should an attack or immediate threat be observed? Devise a plan to do this, make sure it is regularly tested and validate that your business continuity plans enable your business to operate in their absence.

6. Hone your extinction level attack preparation and planning

Direct and unintended consequences of hostile cyber activity associated with periods of instability are a credible threat. The ISF report, Extinction Level Attacks: A survival guide, provides actionable plans to help organisations prepare, respond and resume business operations from such types of attack.

7. Maintain engagement with stakeholders

Use tools such as the ISF Threat Radar to facilitate ongoing conversations with business leaders regarding the current and predicted threat landscape associated with the period of instability. Mutually understand how this could challenge the successful delivery of your business outcomes, and agree remedial actions.