West Asia conflict: Nasscom warns IT firms of cyber threats, activates contingency frameworks

Companies are reviewing and activating contingency frameworks to ensure operational continuity and uninterrupted service delivery in the event of regional disruptions, IT body Nasscom said on Monday.

. It has issued another advisory to member companies, urging heightened vigilance and preparedness across business continuity and cybersecurity frameworks.

Nasscom said its member companies have taken steps, including prioritising employee well-being by enabling remote work arrangements and closely monitoring the situation for employees located in affected geographies.

Last week, drones hit three of Amazon's cloud computing businesses in the UAE and Bahrain . The IT industry body said firms are evaluating alternate infrastructure routing to ensure cloud and data centre resilience and safeguard critical systems. Also, companies are advising employees to limit non-essential travel through the region and explore alternative transit routes when required.

. Organisations are also engaging with clients to communicate preparedness measures and ensure continuity of services. Nasscom also highlighted that periods of geopolitical uncertainty often see a rise in coordinated cyber threats, disinformation campaigns, and infrastructure targeting. It has advised organisations to strengthen their cybersecurity posture.

.West Asia conflict's short-term impact will be modest-to-none for IT firms. As an immediate priority, Nasscom has recommended the rotation of credentials organisation-wide and applying patches for critical CVEs (Common Vulnerabilities and Exposures). It has asked organisations to enforce multi-factor authentication on all external access paths (VPN, RDP, SSH, cloud admin) and implement conditional access controls to counter token-theft and adversary-in-the-middle attacks.

. "Assess all third-party vendors with Middle Eastern exposure. One compromised vendor can cascade into sector-wide disruption," it warned.

. It has also asked organisations to engage ISPs (Internet Service Providers) and cloud providers for DDoS (Distributed Denial of Service) scrubbing capacity. Maintain air-gapped backups for ICS/OT, core banking, and healthcare systems.

. Nasscom has also stressed conducting employee awareness on social engineering attacks themed around a possible war-like situation, government alerts with the intent to cause harm.

. The IT body continues to monitor the evolving situation in parts of West Asia and remains in regular contact with the Middle East Council to assess developments on the ground and extend support where required. It is also coordinating with relevant authorities wherever possible to assist member company employees who may be currently in the region.

West Asia conflict: Nasscom warns IT firms of cyber threats, activates contingency frameworks

Follow us on :

Follow Us