{"id":5963,"date":"2025-05-18T05:36:15","date_gmt":"2025-05-17T21:36:15","guid":{"rendered":"https:\/\/cicserver.com\/keep-your-network-safe-from-double-trouble-cyberattack-weather-event\/"},"modified":"2025-05-18T05:36:15","modified_gmt":"2025-05-17T21:36:15","slug":"keep-your-network-safe-from-double-trouble-cyberattack-weather-event","status":"publish","type":"post","link":"https:\/\/cicserver.com\/de\/keep-your-network-safe-from-double-trouble-cyberattack-weather-event\/","title":{"rendered":"Keep Your Network Safe from Double Trouble Cyberattack + Weather Event"},"content":{"rendered":"


\n<\/p>\n

\n

As if the escalating threat of a cyberattack or natural disaster alone weren\u2019t enough to make businesses sweat, they also have a very real two-headed monster to deal with: a cyberattack purposely timed with a natural disaster or extreme weather event to prey on businesses and infrastructure when they\u2019re especially vulnerable.<\/span><\/p>\n

This phenomenon, a \u201ccompound physical-cyber threat,\u201d where a cyberattack is intentionally launched around a heatwave or hurricane, for example, would have outsized and potentially devastating effects on businesses, communities, and entire economies, according to a <\/span>2024 study<\/a><\/span> led by researchers at Johns Hopkins University.<\/span><\/p>\n

\u201cCyber-attacks are more disruptive when infrastructure components face stresses beyond normal operating conditions,\u201d the study asserted.<\/span><\/p>\n

Businesses and their IT and risk management people would be wise to take notice, because both cyberattacks and weather-related disasters are increasing in frequency and in the cost they exact from their victims. In the US, <\/span>cyberattacks have risen by 56% year-over-year<\/a><\/span> in 2024, according to Check Point. At an <\/span>average cost of almost $4.9 million<\/a><\/span> per data breach in 2024, 10% higher than in 2023, according to IBM and the Ponemon Institute, the financial risk associated with a cyberattack is also growing.<\/span><\/p>\n

Related:<\/span>The Network Impact of Cloud Security and Operations<\/a><\/p>\n

It\u2019s a similar story with the physical side of the two-headed monster. Through October, the US already had recorded <\/span>24 billion-dollar weather and climate disaster\u00a0events in 2024<\/a><\/span> at a total cost that\u2019s expected to exceed $160 billion once damage from hurricanes Helene and Milton is fully tabulated.<\/span><\/p>\n

In a risk-fraught landscape like this, now is the time for organizations to ensure their cyber defenses are sophisticated enough to protect their business operations, IT infrastructure, data and other assets from the disruption that weather-related disasters can invite, and the damage the two-headed cyber-physical threat can inflict. Follow these five best practices to guide you during the process:<\/span><\/p>\n

1. ASSESS: Conduct a risk analysis to gauge your organization\u2019s current level of protection<\/span><\/span>.<\/span> <\/span><\/span>Your first step should be to evaluate the state of your company\u2019s cyber defenses, including communications and IT infrastructure, and the cybersecurity measures you already have in place\u2014identifying any vulnerabilities and gaps. One vulnerability to watch for is a dependence on multiple security platforms, patches, policies, hardware, and software, where a lack of tight integration can create gaps that hackers can readily exploit. Consider using operational resilience assessment software as part of the exercise, and if you lack the internal know-how or resources to manage the assessment, consider enlisting a third-party operational resilience risk consultant.<\/span><\/p>\n

Related:<\/span>NVIDIA Beefs up its AI Security Capabilities with DOCA Argus<\/a><\/p>\n

2. PLAN: Develop an operational resilience blueprint.<\/span><\/span> Take what you learn from the risk assessment to develop a detailed plan that outlines the steps your organization intends to take to preserve cybersecurity, business continuity, and network connectivity during a crisis. Whether you\u2019re a B2B or B2C organization, your customers, employees, suppliers and other stakeholders expect your business to be \u201calways on,\u201d 24\/7\/365. How will you keep the lights on, the lines of communications open, and your network insulated from cyberattack during a disaster? Your plan should identify and prioritize protective strategies for on-premises hardware and brick-and-mortar IT infrastructure (like data centers) as well as digital infrastructure. And because an organization\u2019s risk profile will tend to shift over time, be sure to revisit that plan annually, updating it as needed.<\/span><\/p>\n

3. SHIFT: Consider a move to the cloud. <\/span><\/span>Aging network communications hardware and software, including on-premises systems and equipment, are top targets for hackers during a disaster because they often include a single point of failure that\u2019s readily exploitable. The best counter in many cases is to move the network and other key communications infrastructure (a contact center, for example) to the cloud. Not only do cloud-based networks such as SD-WAN, (software-defined wide area network) have the resilience and flexibility to preserve connectivity during a disaster, they also tend to come with built-in cybersecurity measures.<\/span><\/p>\n

Related:<\/span>Edge Computing and the Burgeoning IoT Security Threat<\/a><\/p>\n

4. FORTIFY: Shore up your cyber defenses. <\/span><\/span>Phishing, ransomware, third-party associate attacks\u2014the cyber threats that businesses must protect against are growing more nefarious and persistent. And that means a business isn\u2019t fully protected without multiple cyber defense layers in place. Those layers could include, for example, a next-generation firewall, zero-trust network access (ZTNA) and\/or cloud access security brokers (CASBs). Even small and midsized businesses are putting measures like this in place.<\/span><\/p>\n

In some cases, the risk analysis could suggest an even stronger security stance is warranted. Indeed, many businesses today are embracing a multi-layered, enterprise-level cybersecurity strategy that incorporates a software stack based in the cloud, such as SASE (secure access service edge) or SSE (security service edge) to secure all endpoints, users and applications on their network.<\/span><\/p>\n

As a fully converged, cloud-based package that bundles network connectivity (via SD-WAN) with multiple security layers into a single managed service, SASE is perhaps today\u2019s cybersecurity gold standard for a business. SSE is similar to SASE with one big difference: It\u2019s network-agnostic, meaning it can be integrated with an existing network without requiring a shift to SD-WAN.<\/span><\/p>\n

Also as part of the fortification effort, you may want to consider enlisting a third-party cybersecurity expert. As managed services, SASE and SSE come with an expert built-in that serves as an extension of your own internal IT and cybersecurity teams and a first responder should disaster strike\u2014someone to integrate, configure, implement, monitor, update and troubleshoot the entire security package for you. That\u2019s important nowadays, with IT teams running lean and challenged to attract and keep cybersecurity talent.<\/span><\/p>\n

5. TEST: Conduct a simulation to stress-test your plan and your network.<\/span><\/span> Now it\u2019s time to see how your operational resilience plan, network and cybersecurity measures perform under simulated disaster and cyberattack conditions. Conduct a simulation (perhaps using incident simulation software and\/or a third-party cybersecurity expert), then address any remaining deficiencies.<\/span><\/p>\n

This final step is a crucial one, because the day soon may come when the dreaded two-headed monster tests your organization\u2019s cyber defenses. Here\u2019s hoping they\u2019re up to the task.<\/span><\/p>\n<\/div>\n