What to Expect When You're Expecting a Cyber Attack

Trisha Alexander, Andrew Del Rosario, Laurie Weaver, Nader Zaveri
Apr 28, 2022
2 min read
|   Last updated: May 09, 2022
Threat Intelligence

If you’re a “Trekkie” you know that “shields” refer to advanced technology to protect starships, space stations, and entire planets against attacks from the bad guys. The security community has adopted—thanks to the Cybersecurity and Infrastructure Security Agency (CISA)—the “Shields Up” adage during this critical time for preparing for potential cyber attacks to critical infrastructure here in the U.S. Russia cyber attacks against Ukraine continue, requiring vigilance and preparation here in the homeland if adversarial actions turn to Western allies.

CISA’s “Shields Up” campaign arms critical infrastructure owners and operators with a plethora of mitigation techniques to protect themselves against cyber attacks. Mandiant has worked to amplify this important guidance with a three-prong framework that cyber intelligence owners, cyber operators, and private and public sector organizations can immediately use to focus their cybersecurity efforts in the event of anticipated destructive or disruptive cyber attacks.

This staged approach aligns practical hardening and readiness and operational recommendations to three distinct phases of alarm. The goal of the framework is to help organizations move easily from one condition to another based on their assessed level of risk and perceived threats and vulnerabilities, thereby allowing flexibility to escalate, de-escalate, and maintain a steady state of active cyber defense.

Check out our reference guide, A Tiered Framework for Cyber Threat Levels, a valuable resource for defenders to identify levels of alarm and take appropriate decisive actions in response to cyber threats. Or as Captain Kirk would say, “Execute!”