The Department of Homeland Security (DHS) via the Cybersecurity Infrastructure and Security Agency (CISA) has set up a virtual war room to remain alert and on the lookout for suspicious cyber activity now through the end of December when the election results are expected to be certified according to the Washington Post. While this remains a sincere concern, we encourage all businesses and individuals alike to also remain vigilant in protecting themselves from a far more nefarious kind of cyber threat, disinformation.
Disinformation is a tactic that involves threat actors using social media to spread bad information about companies to tarnish their reputation with the public and stakeholders alike. In turn, these attacks can have an instantaneous and irrevocable impact on a business’s stock price, reputation, and bottom line. There should be concern for election booths and machines being hacked, as we know that the Internet of Things (IoT) makes every connected device a possible target. But on a day when the country is likely to be more active on social media than most other days of the year, it’s important that companies foster collaboration and open dialogue between their communications department, marketing department, and information technology and security department.
Threat actors have proven that their means for disruption are diverse and clever. This means a company’s crisis communication plan will need to include working hand in hand with their information security teams to stop the attacks of disinformation in the social and public arena. For the U.S. specifically today, and over the next few weeks until the election is complete, it is important for companies and security providers to monitor their digital footprint from an infrastructure perspective, as well as all related digital mechanisms they use to reach their constituents. A country divided and anticipating social unrest gives way to exposure for threat actors to use disinformation as a way of harming an individual or a company’s reputation when people are looking for any reason to be angry or throttled by messaging.
Evaluating an organization’s vulnerability to cyber threats is typically a comprehensive battery of tests, exercises, and assessments. One in particular, a tabletop exercise, focuses on simulating an emergency situation or breach and gathering key personnel that are assigned emergency management roles and responsibilities to discuss and practice their responses. Working with a professional cybersecurity advisor, the team reviews the actions and responses to refine and professionalize the company’s response to an attack. At CyberClan, we believe that tabletop exercises that engage everyone from the C-suite executives to social media coordinators to the information security officer can help strengthen your “human firewall” and spot these attacks at the onset.
Now, more than ever, company’s need to see their cybersecurity protocols and systems as completely interconnected with all facets of the business. Recognizing that when their security posture is strong, their enterprise is secure, and when the people are strengthened and knowledgeable, the human response is active and resilient.