DOWNERS GROVE, Ill., and MANASSAS, Va. – Technology companies should take immediate action to review their cybersecurity readiness to strengthen defenses against potential cyberattacks stemming from rising geopolitical tensions around the world, two leading technology organizations urged today.
The CompTIA Information Sharing and Analysis Organization (CompTIA ISAO) and the Information Technology - Information Sharing and Analysis Center (IT-ISAC) said companies must take immediate steps to review and, if necessary, upgrade their cybersecurity defenses and to prepare for the potential consequences of a nation-state sponsored cyberattack.
“While we do not have any information to indicate any specific threat, we believe that we all need to be in a significantly heightened state of alert,” said MJ Shoer, chief community officer for CompTIA and executive director of the CompTIA ISAO. “We urge technology companies to elevate the monitoring of their networks, as well as those of their customers and partners for any sign of suspicious activity.”
Companies should prepare for a range of potential cyberattacks, including attacks on corporate networks; customer networks they secure; networks of critical partners or suppliers; critical infrastructure sectors; and platforms used by individual citizens.
“It is not our intent to be overly alarmist,” Shoer said. “We are not predicting that a nation-state adversary will launch a significant cyberattack. But it is prudent to prepare and plan for the possibility of disruptive cyberattacks.”
IT-ISAC Executive Director Scott Algeier added, “Nation state actors have a long history of attacking U.S. critical infrastructure. We need to be prepared for them to deploy additional capabilities throughout times of heightened tensions and potential conflict.”
The CompTIA ISAO and IT-ISAC teams will continue to provide updated reporting and share new threat information as it becomes available.
IT-ISAC members are leveraging the IT-ISAC’s intelligence management platform, adversary attack playbooks, and secure collaboration channels to share threat intelligence.
Members of the CompTIA ISAO are encouraged to monitor and share information via the organization’s Cyber Forum. The CompTIA ISAO has also opened a public thread to assist the entire industry in discussing and responding to any attacks that may stem from the current tensions. This resource is accessible to anyone by visiting https://forum.comptiaisao.org.
The Computing Technology Industry Association (CompTIA) is a leading voice and advocate for the $5 trillion global information technology ecosystem; and the estimated 75 million industry and tech professionals who design, implement, manage, and safeguard the technology that powers the world’s economy. Through education, training, certifications, advocacy, philanthropy, and market research, CompTIA is the hub for advancing the tech industry and its workforce. Visit https://www.comptia.org/.
Founded in 2000, the mission of the Information Technology-Information Sharing and Analysis Center (IT-ISAC) is to grow a diverse community of companies that leverage information technology and have in common a commitment to cybersecurity and to serve as a force-multiplier that enables collaboration and sharing of relevant, actionable cyber threat information, effective security policies, and practices for the benefit of all. The IT-ISAC global membership base consists of leading companies from three critical infrastructure sectors—IT, food and agriculture, and elections. Visit https://www.it-isac.org/.