IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Businesses need to be more aggressive with their cyber security, Cisco warns

Government warnings of Ukraine-Russia cyber war spillover must be heeded in order to stay safe

Abstract image of a skull inside computer code

Businesses have been advised to be more “aggressive” with their approach to restricting network access to devices in the wake of the cyber war between Ukraine and Russia.

Governments have published numerous advisories warning businesses of the increased risk of spillover cyber attacks from the ongoing cyber war. Being aggressive with security can help keep out adversaries that are currently scanning businesses for weak points that have network access, Cisco’s experts said at Cisco Live 2022.

Related Resource

The state of brand protection 2021

A new front opens up in the war for brand safety

A log-in screen with a red background - whitepaper from MimecastFree download

Too many businesses are allowing old and disused products such as collaboration software to retain access to the network and exploiting these can lead to organisation-wide cyber attacks, they said.

An “aggressive” approach would also include the blocking of an entire origin network when malicious traffic is detected, rather than just the specific IP address from which it was sent.

“You have utilities that you don't use on your network block; you don't need them to be there,” said Nick Biasini, head of outreach at Cisco Talos. “These are the types of things that we constantly see adversaries doing and it really, really makes a difference if you go above and beyond. [Cisco] can't be that aggressive, but you absolutely can, so please do so.”

Governments have been warning of spillover attacks from the cyber war between Russia and Ukraine. The NCSC revealed at CyberUK in May that the Russian attack on Viasat was an unplanned by-product of efforts against Ukraine, and the US’ equivalent cyber authority CISA has also issued warnings to unprotected organisations.

Biasini added that businesses should avoid using ‘out-of-the-box’ default protections and be far more stringent in what devices and applications are allowed onto the network.

JJ Cummings, managing principal at the threat intelligence and interdiction team at Cisco, said businesses still need to be aggressive with the basics of cyber security too, which are not currently being applied across the board.

Multi-factor authentication (MFA) products “make a big difference” in preventing attacks like data breaches, he said, while doing the ‘boring’ tasks like manually monitoring logs are also essential for maintaining visibility over a corporate network.

He said that committing to carrying out the necessary, yet time-consuming tasks, “is a thing that has to continue” to keep businesses safe from cyber threats. If a business can’t afford to purchase an endpoint detection and response (EDR) product, then log auditing should be a fundamental part of their security.

“In some cases, in the larger firms, I think that's where the sexiness factor comes in,” he said. “We just want to do the fun things… we want to build a threat intelligence programme because that's what everybody's doing today. So, I think there's just not enough focus on those basic programmes.”

Another often overlooked shortcoming of businesses is the poor maintenance of institutional memory, the experts said. Many businesses aren’t keeping up-to-date documentation and leaving knowledge with just one person in the IT team who, when they leave the company, takes that crucial information with them.

“I used to be a defence contractor, [and] when I left it was about two years later, they actually reached out to me and said ‘how can we do this, this, and this?’ and I said, well, what about the documentation I left? ‘Oh, that was you, oh, we shredded that’. Fantabulous,” said Dave Lewis, global advisory CISO at Cisco.

“There's so much institutional knowledge that just lives in people's heads in security organisations and that that is not a good place to be when they leave,” said Biasini. “It's just lost.”

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Cisco to exit Russia, Belarus in business wind-down
Business operations

Cisco to exit Russia, Belarus in business wind-down

24 Jun 2022
WAN Insights is Cisco’s first foray into predictive network intelligence
Network & Internet

WAN Insights is Cisco’s first foray into predictive network intelligence

16 Jun 2022
Cisco unveils new ‘intelligent’ approach to networking with brace of product launches
Network & Internet

Cisco unveils new ‘intelligent’ approach to networking with brace of product launches

16 Jun 2022
Deepfake attacks expected to be next major threat to businesses
phishing

Deepfake attacks expected to be next major threat to businesses

16 Jun 2022

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

7 Jun 2022
Attracting and retaining talent through training
Sponsored

Attracting and retaining talent through training

13 Jun 2022
The top programming languages you need to learn for 2022
Careers & training

The top programming languages you need to learn for 2022

23 Jun 2022