There is an increased amount of cybersecurity concerns as the conflict in Ukraine continues. We have received many questions from our customers about this matter and we wanted to put together a list of helpful resources and suggestions and to share them with you.
.png?width=1400&name=Cybersecurity%20Ukraine%20(1).png)
1. Ensure that your Intelligence and IT teams work closely together
Cybersecurity is in fact connected to overall business security and risk, so instead of working in silos, teams involved in cybersecurity, geopolitical risk assessment, and physical security should be working closely together.
Besides the basic defenses you should already have, including installation of critical security updates from Microsoft and your browsers, you should use anti-virus and Endpoint Detection and Response tools and making sure no users have local administrator access will make it more difficult for attackers to install malware on your computers.
Actions you can take right now:
✔️ Restrict all connections from all non-essential countries if your network firewall supports blocking data traffic by country. Specific addresses might be allowed if one of your providers has a data center in another country.
✔️ Configure Conditional Access by Country to only accept users logging in from countries where your employees or users are located. This only applies to certain Office365 licenses so an upgrade might be necessary.
✔️ Configure firewalls on your websites and web applications to only accept connections from countries where your business operates. But before doing so, ensure that your web developers aren’t using tools hosted in other countries. Your web applications might crash if you end up not allowing connections from those specific companies.
✔️ Turn off all unnecessarily exposed ports on your firewall, including remote management.
✔️ Spam filters should be configured to block email messages from all countries not essential for your business.
✔️ To help block fraudulent emails and messages, utilize the email protection features SPF, DKIM, and DMARC.
✔️ Uninstall all the programs you do not use. This will minimize your risk of being affected should a foreign attacker take over a software company, as they have recently.
2. Instill a security mindset in your employees
Cybersecurity is not just a technology problem. As a matter of fact, your end-users are your best defense against cyber-attacks. Human factors play a major role in most if not all incidents. Attackers take advantage of people’s willingness to provide information or to carelessly click on links or open unsafe attachments.
Remembering that phishing is still the number one course of attack, even for sophisticated adversaries, can contribute to better overall security. Warn your users of the heightened threat and inform them to be cautious of fake news.
Actions you can take right now:
✔️ Implement Multi-Factor Authentication (MFA) for your VPN, Microsoft Office 365, your privileged user accounts, social media accounts and anywhere attackers could inflict damage if they gain access.
✔️ If your users get fooled by a fraudulent email message, immediately block access to websites in other countries except those essential for business.
3. Review your Business Continuity Plan
Have a backup plan ready for what you’ll do in case you are attacked. Consider how you’ll respond if you’re unable to access business critical data or tools. Planning will allow you to have systems in place if unlikely events do occur.
Actions you can take right now:
✔️ Verify that the backups of your cloud data are in place should attackers delete your Office 365 or other cloud data and render the cloud provider’s backups useless.
✔️ Be sure your whole disaster recovery process is quick enough to meet your return to operations (RTO) requirements. You might prioritize which services need to be running at the earliest and make recovery point objectives (RPOs).
- 4. Assess your Supply Chain
You might be surprised to find out that your business may face the risk of hidden dependence upon Ukrainian-based software engineers, code writers, or hosted services. More than 100 of the world’s Fortune 500 companies rely at least partially on Ukrainian IT services, with several Ukrainian IT firms being among the top 100 outsourcing options for IT services globally, according to reports from Ukraine’s Ministry of Foreign Affairs.
5. Start seriously considering a comprehensive cybersecurity roadmap
If your business has not yet taken action to properly assess your cybersecurity risks and create a roadmap to address them, it is time to start considering your next steps. We understand it can be daunting and there are many other priorities requiring your attention. Cybersecurity, given the environment that our businesses are operating in – the connectivity and dependency – is and should be one of the top priorities for all organizations. To help organizations assess and create a plan that is digestible and actionable, we offer a security assessment and roadmap session. Contact us at cloud@proserveit.com if you’d like to chat about it.
