Recent developments in the Middle East and rising political tensions due to the early 2020 US killing of Iranian military leader Major General Qassim Suleimani are leading military and cyber experts to focus on the beginning of a new risk in cyber warfare.
On January 4, 2019, the US Department of Homeland Security issued a National Terrorism Advisory Bulletin summarizing recent developments and highlighting Iran’s “robust cyber program”. It also highlighted the possibility of Iran launching cyber and cyber-enabled attacks against the United States. That same day, New York State’s Department of Financial Services (DFS) released alerts about the need for heightened cybersecurity precautions. In response to the Iranian government’s promise to retaliate following the death of Qassem Soleimani, the DFS stated: “Given Iranian capabilities and history, US entities should prepare for the possibility of cyber-attacks.”
Of all of the likely retaliations resulting from the recent US actions in Iran, a significant and destructive cyber-attack would, in many ways, be more effective than a physical armed response. As has previously been proven, well-planned attacks on critical IT systems can cause sustained damage to physical assets, data and supply chain.
Previous Iranian attacks have focused on weak defenses and known vulnerabilities. This could lead us to think that an attack may not necessarily focus on large banks and financial institutions (where, typically, cyber defense plans are mature) but, rather on other sectors (the public sector, for example) where IT and security budgets are not where they should be, in many cases.
In light of the heightened threat of a cyber-attack, what should you and your teams be doing to proactively build up defenses and prepare for the worst during this time of uncertainty? The usual rules apply here – most attacks today rely on human error and the attack paths of all types of data, email and social media. Therefore, it is vital to ensure that your staff are well-trained, alert and are motivated about taking responsibility for keeping themselves and your company safe. Your data is your business lifeline and it is crucial to protect it.
Through a dedicated, multi-layered approach to security and data protection, including backup and disaster recovery, organizations can improve resilience to cyber-attacks and quickly respond in the event of data loss or data theft. In today’s competitive environment, the consequences of data loss for your business are dire: downtime, lost productivity, and long-term reputational damage.
At iland, security is part of our DNA. It’s not just one thing we do, or one specific solution we offer, it’s native to everything we do. Security is part of our technology, processes, and our culture. While choosing a cloud provider requires due diligence on many levels, the core tenants that we follow represent iland’s security capabilities. These tenants include robust security processes, as well as independent third-party compliance audits and certifications.
In this volatile period in geopolitics, your business needs to align your cloud security needs with a secure cloud provider who can help you plan to be prepared for an attack while also helping you quickly recover your data should something occur. iland is that cloud provider.
To learn more: