As conflicts plays out in both the kinetic real world and the arena of cyber space, the potential invasion of the Ukraine by Russia is prompting leaders to anticipate the possible repercussions to their organisations across a wide range of cyber scenarios.
The often touted ‘Patch now’ and ‘Ensure backups are in order’ are worn. But it’s good advice, and compliments the well understood defence in depth overall approach to security management.
However, what happens if a nation state releases a zero-day exploit? By its definition, up-to -date patching will provide little-to-no protection – very little will. Even though it is unlikely your organisation will be a direct target, there is a possibility one of your third-parties will get caught in the internet crossfire.
Plan and prepare
An effective way to address this issue is to prepare your cyber security incident response processes, and to ask your most risky key suppliers to do the same. Knowing these key suppliers and partners is crucial to managing the cyber risk precipitating from the current international tensions.
Improving incident responses processes can be practically improved in two ways:
- Firstly, write down, socialise and exercise your key incident response processes as ‘run books’, these will be called into action should a cyber event occur. Having run books will ensure processes are outlined and followed no matter what time of the day (or night) an incident happens.
- Secondly, perform numerous round table cyber exercises with senior leadership based on different cyber incident scenarios. This will help test both the organisations scenario planning should the Eastern European situation deteriorate as well as provide an effective way to check and update your incident response run books.
Through effective incident response planning and round table exercises, you, your organisation and your key third parties will be prepared for situations where cyber security controls and simple patching may not be good enough.