CISOs and their teams in Europe and worldwide are either already experiencing cybersecurity impacts from the war in Ukraine and the sanctions imposed on Russian and Belarusian actors — or they soon will. If you haven’t already, here are the cybersecurity-related steps to take right now, plus some pitfalls to avoid.
At the risk of stating the obvious, follow current advice from your national cybersecurity authority. The US Cybersecurity and Infrastructure Security Agency (CISA) has already warned of increased attacks on critical infrastructure and defense industrial bases through their Shields Up initiative. This is the best place to receive up-to-date information from CISA on the current state of the conflict. In the UK, the National Cyber Security Centre (NCSC) has published specific steps to undertake in the current heightened threat landscape. Other agencies such as the European Union Agency for Cybersecurity (ENISA), the Federal Office for Information Security (BSI) in Germany, and the National Cybersecurity Agency (ANSSI) in France have warned of the situation, and an EU cyber unit has been deployed to assist Ukraine. The Australian Cyber Security Centre also provided guidance via an urgent alert when the Australian government placed sanctions on Russia on February 23. In the absence of specific information from