Cybersecurity Best Practices During War in Ukraine
Marianne Bailey of Guidehouse brings her experience in government to bear on the private sector. In this interview, she offers insight on Ukraine and security best practices. She talks to Richard Pallardy from InformationWeek about how companies can most effectively fortify their defenses, especially in light of the novel cyberwar occurring between Russia and Ukraine -- and Ukraine’s allies. She also offers detailed advice on how to renegotiate agreements with third-party providers, ensuring the highest possible level of response to an attack.
How has the security landscape changed in light of the Ukraine crisis? Are there aspects of security that companies should be more concerned about in the current moment?
There has been a low-level cyber war going on for decades. At NSA or in the DoD, I've been in positions where I got to see a lot of them from a classified perspective. Cyber adversaries are very, very different depending on what they're after. There are a lot of things that happen that aren't brought out into the public eye. Ukraine just made it very visible for many more people. It made it very, very clear that if there was going to be some type of physical conflict like Ukraine, the country that is trying to dominate is going to use cyber warfare as a further tool. It shouldn't be surprising to anybody. But it always seems to be surprising, which really surprises me. Let's say I have the ability to cause major damage. I can do it from my own country. It's a pretty darn low cost of entry, and it's going to have a phenomenal impact. Why am I not going to use it? Cyber is now a weapon of war.