As cybersecurity threat actors look to targets beyond the immediate conflict zone in the Ukraine and Western Intelligence warns of impending cyberattacks against Critical National Infrastructural (CNI), it’s time to be proactive and improve your security posture. But where do you start?
The threat landscape ranges from quirky to outright scary
Cyberspace is a strange place. The stories making the news from the cybersecurity frontline over the last few weeks range from the quirky to the outright scary.
An online gift card retailer Funky Pigeon was forced to stop trading over the Easter weekend (presumably one of its business times) after becoming victim of a cyberattack and the likely compromise of personal data.1 Within the same 24 hours, Pro-Iranian groups targeted the Israel Airport Authority, attempting to DDoS the organization’s website.2
Cyberattacks on infrastructure
For many months, the so-called “Five Eyes” intelligence agencies (United States, Britain, Australia, Canada and New Zealand) have reported that Western Critical National Infrastructural (CNI) services (energy, water, telecommunications, transport, etc.) would become the target of cyberattacks by pro-Russian threat actors. The western governments also warned that CNI would be targeted in response to international sanctions.3
Full visibility and context of your attack surface
Against the backdrop of such a volatile threat landscape, governments and advisory bodies have been at pains to provide best practice advice but much of this has focused on the importance of sharing information on attempted cyberattacks and the need for openness and honesty with customers and stakeholders when attacks succeed.
All good and proper but in the current climate, what’s needed above all is comprehensive visibility and understanding of the organization’s attack surface. This enables the organization to focus on prevention and prioritize actions based on the extent to which vulnerabilities expose it to compromise or attack.
Without full visibility, there’s a tendency to become reactive, making defensive decisions without sufficient context. For example, periodic patching or periodic remediation, though it might be good at that moment in time, is typically costly and leaves the organization exposed during those very large windows between activity. With full visibility and context, it’s far easier to improve your security posture.
Get a unified View across your IT, Hybrid, multi-cloud and OT infrastructure
Of course, to achieve this, you’d need a unified view, across the entire technology estate. Across all the IT assets, on premise and in cloud. Across Operational Technology (OT) assets and Industrial Internet of Things (IIoT) devices. You’d need knowledge from the field on the latest threats and you’d need the ability to identify and prioritize what matters most in terms of vulnerabilities and their remediations. In short, you’d need to able to “see everything”. In my forthcoming blogs, I’ll share how you can act proactively and use the Skybox Security Posture Management platform to achieve exactly this.
Watch this video to learn how you can reduce your cyber exposure
- Funky Pigeon suspends orders after cyberattack, The Telegraph, April 19,2022
- Pro-Iranian group targets Airports Authority site with cyberattack, Jerusalem Times, April 20,2022
- West warns of Russian cyberattacks on critical infrastructure, Reuters April 20,2022