Cybersecurity Pros Fear Ukraine Invasion Cyber Fallout
In other cybersecurity news …
A new ISC2 poll shows cybersecurity professionals globally are worried about an escalation of cyberattacks stemming from the Russian invasion of Ukraine.
More than 260 ISC2-certified cybersecurity professionals from 41 countries participated, including Ukraine and the Russian Federation. They represent 33 different industries, with the most in financial services, followed by IT services and health care.
Clar Rosso is ISC2’s CEO.
“The most surprising finding is the commonality of concerns across 41 countries and 33 industries,” she said. “Most respondents are worried about cyber threats to critical infrastructure and supply chain, and secondary concerns are also quite similar. Respondents urge their peers to prepare for the worst and sense that organizations are ill-prepared. ISC2 and many others are warning organizations that massive cyber threats are imminent and everyone should be on high alert. “
The top concern across the board was the immediate threat to critical infrastructure and essential supply chains that would put lives at risk anywhere in the world. A member of the German military was concerned that “hacktivist efforts against Russia will be incorrectly attributed to the U.S. and will lead to an escalation such as a large-scale cyberattack on U.S. critical infrastructure and/or the banking sector.”
In addition to being concerned about how attacks could shut down critical functions of society, respondents were also concerned about the level of preparedness that exists to combat such attacks. “Operational capacity and readiness” was the top concern for a member of the U.S. military.
Cybersecurity professionals also worry about threats to businesses and how their customers could be impacted financially.
“The workforce shortage certainly doesn’t help cybersecurity teams feel as prepared as they would like to be,” Rosso said. “With 60% of cybersecurity teams dealing with a cybersecurity workforce shortage in their organization, most teams are trying to do more with less. The best course forward is to remain vigilant and do everything possible to limit cyber exposure, such as deleting ghost accounts, patching software and hardware, resetting passwords, implementing multifactor authentication (MFA), backing up data and testing those backups.”
Respondents looked beyond the current wave of attacks to the future and questioned whether cyberwar tactics would become a global norm.
Some respondents foresaw the possibility of non-related attacks taking advantage of the worldwide attention on Ukraine to sneak by undetected.
What’s clear is cyber professionals everywhere are concerned about the ramifications of the invasion. Even as cyber threats are weighed, some respondents sent a reminder that it’s important not to lose sight of the fact that human lives are at stake in Ukraine.
