How CISOs can best assess geopolitical risk factors

A recent report on Russian-affiliated advanced persistent threats provides a template to help CISOs evaluate risk from nation-state actors.

Global geopolitical vectors
Matejmo / Getty Images

Though they make up a small percentage of the overall threat landscape, attacks by nation-state-affiliated actors are among the most damaging. Some in the cybersecurity community believe these threat actors are too determined, sophisticated and unpredictable for most organizations to defend against.

A new report from Booz Allen Hamilton, however, suggests that actions taken by threat actors associated with Russia follow a series of predictable patterns and principles. That gives at-risk organizations a chance to better prepare for an attack. The research principles outlined in the report can apply to other state-affiliated advanced persistent threat (APT) groups.

The politics behind nation-state attacks

Knowing why you might be a target is the first step in defending against a nation-state threat. Most APT groups are affiliated with governments, and most governments make their long-term strategic goals publicly available. 

“The specific significance of geopolitical developments on cyber operations is a blind spot in threat intelligence,” says Brad Stone, senior vice president in Booz Allen Hamilton’s cyber practice. “Organizations should see the value in thinking more critically about how geopolitical factors are impacting their cybersecurity and the need to integrate geopolitical intelligence into their cybersecurity capability.”

To continue reading this article register now

Make your voice heard. Share your experience in CSO's Security Priorities Study.