A Peek into Corporate Cyberwarfare – And How SMBs in the US Have Become Sitting Ducks

Corporate Cyberwarfare on Small Businesses

The FBI predicted in 2012 that organized cybercrime against corporations would soon overtake terrorism as the biggest threat to the United States. In the digital battleground ten years later, cyberwarfare is a constant, and we witness it in real time. Early in 2022, as tensions between Russia and Ukraine reached a breaking point, cyberattacks came under intense scrutiny from the security community—and for good cause.

The largest fixed-line telecommunications provider in Ukraine, Ukrtelecom, was the target of a destructive and sophisticated cyberattack in March 2022 that severely disrupted its connectivity on a countrywide level. The Computer Emergency Response Team (CERT) of Ukraine conducted research at the time that showed there had been 60 coordinated cyberattacks, the majority of which had been aimed at information collection and disrupting communication systems. Cyberespionage will continue to exist.

But first, what is Cyberwarfare?
Attacks on computer systems of nations or institutions are considered cyberwarfare and are done with the goal of destabilizing, destroying, or harming infrastructure.

What Kinds of Cyberwarfare Exist?

Sabotage
Once sensitive information has been identified, companies must ascertain any potential threats to this data. Insider threats or malicious insiders like angry employees or careless employees are examples of third parties who would wish to steal the data, competitors who could gain an advantage by stealing information, and other parties.

Espionage
Spying on another nation to obtain secrets is referred to as espionage. In terms of cyber warfare, this can entail utilizing a spear-fishing assault or botnet to infiltrate a computer before obtaining crucial data.

Attack via Denial-of-Service
In a denial-of-service (DoS) assault, a website is bombarded with fictitious requests, compelling it to respond to them and rendering it unavailable to legitimate users. This type of attack could be used to take down a crucial website that is used by users such as citizens, soldiers, first responders, scientists, and others to disrupt important operations or systems.

Grid of electrical power
An attacker might cripple infrastructure and risk disrupting the livelihoods of thousands of people by hacking the electrical power grid and disabling vital systems. The ability to use services like text messaging or telephone might also be disrupted by an attack on the electrical power system, which would prevent them from functioning. (Predicted way back in the movie Die Hard 4(2007)

Propaganda
Attacks using propaganda aim to influence the thoughts or feelings of those who reside in or support the targeted nation. The employment of propaganda can be used to reveal embarrassing truths or disseminate falsehoods that make people doubt their nation or even harbor animosity toward the adversary.

Economic Upheaval
The majority of contemporary economic systems rely on computers to run. Hackers may gain access to finances by attacking the computer networks of financial institutions like banks, payment systems, or stock exchanges, or they may deprive their targets of the money they require for subsistence or to wage cyberwarfare or other types of conflict.

Unexpected cyberattack
These cyberattacks are the kind that would have the same impact as Pearl Harbor or 9/11: enormous assaults that catch the adversary off guard and compromise their defenses. They could be employed in hybrid warfare to debilitate the adversary before a physical assault.

How does cyberwarfare appear? Several forms of cyberwarfare are possible:

    • Attacks on the financial system
    • Attempts to damage public infrastructure, such as electrical systems or dams
    • Attacks on the safety infrastructure, such as early warning systems or traffic signals
    • Attacks against military organizations or resources

In conclusion, we will reiterate that organized cybercrime is now the biggest threat to the United States, and we witness it in real-time. Cyberwarfare appears in several forms, such as attacks on the financial system, public infrastructure, or safety infrastructure. The goal of these attacks is to destabilize, destroy, or harm innocents. To defend against cyberwarfare, we must be constantly vigilant and upgrade our computer systems regularly. In all honesty, no one institution or individual can claim to be 100% safe! That’s an open secret in the cybersphere. What the smart organizations and businesses rather do -with the help of frameworks, regulations, and modern innovative security solutions- is just to reduce their risk exposure! Staying on top of their game…that’s it!

– – –

If you’re new to this (cybersecurity) or feel overwhelmed with the thought of what you must do as a business owner to protect your company (keep safe from cyber threats) then you’ve come to the right place. Book a call with one of our ISACA and ISO certified IT Risk Analysts today. Remember you don’t have to fight alone… no reward in that.

 

How Fewer & Shorter Meetings Can Lead to More Productivity and Less Stress for Cybersecurity Professionals

Fewer & Shorter Meetings Leads to More Productivity
how to have fewer meetings cybersecurity
    Meeting schedule (courtesy: atlascompany)

As cybersecurity professionals, meetings are at the core of our day-to-day work. However, without paying attention to the final outputs and metrics our efforts are to produce, we can easily become inefficient with a lot of overwhelm. Today we’re going to look at the role of meetings in our workplaces and how to make the most out of this necessary but not sufficient component of any organization today.

Whether they are face-to-face, Zoom calls, Microsoft teams, or Google meetings, meetings always waste time. (Whether value was acquired is what determines if another 30 valuable minutes of work time were not lost.)

Given that meetings take up a significant portion of the time spent at work (especially in the era of remote work), let’s examine ways to increase productivity while holding fewer and shorter meetings:

  1. Have fewer meetings

Yes, this might sound strange but sometimes too many meetings can be counterproductive. One less meeting is one more hour of productivity ‘opportunity cost’ saved for your employees or team members. Their energies, efforts, and resources go elsewhere and like drops of water add to getting the bucket full.

The illusion that more meetings equal accountability have to be re-examined. 

A meeting is not a tool for accountability, it can be used for that, but it’s best fit for collaborative work, demos, timed brainstorming, decision-making (emergency or not), and education/training. 

Unfortunately, meetings are so prone to abuse, that one bad nut/stakeholder can turn a harmless 30min team huddle or budget review into an albatross of conflicting opinions, that most likely lead nowhere. 

A solution to this is to let the Facts (situated in the right context) do the talking. The one who has the undeniable facts or empirical evidence desired should be given the most prominent voice. When participants get used to that, you create a culture of rewarding well-researched and less emotional or parochial submissions during meetings.

 Productivity and accountability can rather be ensured using tools and techniques such as:  

    • Alarms & Timers
    • Remote work monitoring Software
    • Deliverables & Deadlines
    • KPIs & OKRs, whatever makes your organization’s productivity engine tick.

  1. Have as few attendees as possible: Just like an ordinary debate among friends or family at a party, every extra person is an opinion, angle, and perception to be factored in. As it is commonly said, opinions are like noses. Everyone has their own. A way to tackle this is as the organizer of the meeting is to single out the most important Goal(tangible outcome) for the meeting and pick out SMEs(subject matter experts). If there are more stakeholders then consider grouping them into smaller(nested) meetings and designated their head(s) to represent their view and outputs of their mini-meeting at the bigger meeting. 

  1. Adopt Mind Mapping Techniques: Here’s a quick tip from Jay Ripton on utilizing Mind Mapping effectively. 

Mind mapping is an effective method to discuss an idea and explore new possibilities related to it. Business meetings can significantly benefit from a mind map maker. Managers can use mind-mapping tools for the following benefits  

    • Managers and leaders can create engaging presentations for the meeting. Audience engagement is crucial to getting a positive outcome from the meeting 
    • Regular PowerPoint meetings can take minutes and even hours to discuss the plan. Mind mapping allows you to cover long meetings in just minutes without missing any essential details and remaining on the meeting agenda 
    • Mind maps make task assigning seamless. Team members and leaders can know their responsibilities without complex explanations 

    • Meetings can discuss the agenda in order and logical structure with mind mapping” 

Meeting Dos & Don’ts 

Now that we’ve figured out how to set up meetings to achieve more let’s look at what to do or not do during them to add an additional layer of induced productivity while reducing vulnerability to wasted time. 

  • Have warm-up intros especially if it’s a close-knit team and allow for off-topic social issues to be discussed. This allows for bonding, reduces the risk of animosity going into the meeting, and makes team members feel cared for. After all, people are the reason why your organization exists, and who best to cater to first than those in-house. 

  • Minimize Distractions/Disturbance. Though camera’s being on is preferred for optimum engagement it may be useful for attendees with distracting backgrounds to go off-camera. It’s the same with audio, if you’re not talking or actively involved in a topic best be on mute. Also reducing technical hitches is a good goal. 
  • End meetings when goals are met. Simple, not much explaining is needed. Hard stops are the best! 
the joy of fewer meetings
The joy of fewer meetings (courtesy DCStudio)

In conclusion, we’ll pick a leaf from the books of physicists who’ve taught us that: 

  • Efficiency = Output /Input.

Simply meaning if we want to get more value for our time and our organization’s money (i.e.. efficiency) then we need to focus on getting more output while not necessarily increasing the input denominator (time primarily). After all, the final denominator of World Records in any Sport is of course Time. 

Next week we’ll be sharing 3 Things to do to Advance your Cybersecurity Career in the next 3-6 months…, like our social media pages to stay updated on cutting-edge industry news.  

Credits: https://www.digitalmarketer.com/blog/make-meetings-more-meaningful-jay-ripton/