When military actions in late 2019 and early 2020 sent the Iranian cyber threat meter soaring in the US, every media outlet carried stories warning of the critical and imminent nature of an Iranian cyber attack. But truth be told, Iran has been among the top three nation-threats against US cyber security for years.
Without a doubt, Iran has a sophisticated and growing cyber arsenal. If they are going to retaliate, pundits say Iran actors will likely target vital US industries such as finance, energy, healthcare or defense, which would in turn disrupt other industries. However, it could be months before they put a plan into action. (In the meantime, players around the world – including cyber actors on our own turf – continue to escalate their barrage of hacking, ransomware and other disruptive behavior.)
The net-net of the not-so-new Iranian threat? Increase your cyber security vigilance and maintain it indefinitely. It’s not new advice, but it’s certainly underscored by current events. Not too long ago, experts indicated that the cybersecurity spending bubble was about to burst, but this might prolong the growth curve. Current projections have global spending on cybersecurity topping out at $133 billion by 2022.
If you’re like most compliance-sensitive and data-sensitive organizations, you already have safeguards in place to limit your vulnerability. The pressing question is, how do you know if you’re doing enough? To assess how well your security strategy stacks up, you have to consider the three primary security gateways: people, processes and technology.
People: A simple click on a malicious link or a misstep in data handling can open the door to all kinds of havoc. There’s really no way to eliminate human error, but you can mitigate its results. Rigorous employee training, password policy enforcement and anti-malware protection are critical to diminishing the chance of internally-enabled data breaches.
Processes: Your organization can respond to threats in a calm and methodical manner only when all the players know what they need to do and have the access they need to do it. Work hard to minimize personnel coverage gaps, outline security standards and have incident response plans in place.
Technology: In their January 6 alert, Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) outlined a handful of high-priority recommendations for the IT department:
We agree with their recommendations, with an added emphasis on backups. If your data is breached, backups become the key to business continuity. By adding cloud backup or disaster recovery as a service (DRaaS) to your cybersecurity strategy, you can restore data from the point right before the breach and continue business as usual.
Anxious to increase your cybersecurity vigilance? Need assurance you’re doing everything possible to protect critical operations? Otava can help. As a secure, compliant provider of hybrid cloud solutions, our experts are trained to detect vulnerabilities in your environment in all aspects, including people, processes and technology. To learn more, contact us or call us today at 877-740-5028.
Otava provides the secure, compliant hybrid cloud solutions demanded by service providers, channel partners and enterprise clients in compliance-sensitive industries. By actively aggregating best-of-breed cloud companies and investing in people, tools, and processes, Otava’s global footprint continues to expand. The company provides its customers in highly regulated disciplines with a clear path to transformation through its effective solutions and broad portfolio of hybrid cloud, data protection, disaster recovery, security and colocation services, all championed by an exceptional support team. Learn more at www.otava.com.