Last week, ISSP CEO Roman Sologub and Chairman of the Board Oleh Derevianko participated in a roundtable in Washington, D.C., titled “Cybersecurity Challenges in Ukraine and Globally – Lessons learned from recent cyber-attacks in Ukraine.” The roundtable was organized by the U.S.-Ukraine Business Council (USUBC) in partnership with ISSP.
During the discussion, Roman Sologub and Oleh Derevianko shared what ISSP learned as an investigator of and the first responder to some of the most devastating cyberattacks against critical infrastructure in Ukraine. Oleh Derevianko also presented to participants the Cybersecurity Preparedness Framework (CPF) – a holistic approach to cybersecurity, resilience, and countering cybercrime that is applicable at the level of individual organizations, industries, and nation-states.
CPF is a management and technology framework developed by ISSP cybersecurity experts to reduce short- and long-term cybersecurity vulnerabilities, build cybersecurity capacity, and strengthen the cybersecurity resilience of critical infrastructure operators. The framework is aimed at creating a collaborative, safe, and trusted environment to accelerate the development of people and processes and to effectively implement technologies in support of cybersecurity at all levels: organizational, sectoral, and national.
360 Cybersecurity Incident Preparedness Assessment
One of the core components of the ISSP CPF is the 360 Cybersecurity Incident Preparedness Assessment, which comprises six stages: compromise assessment; vulnerability assessment; self-assessment based on the Cybersecurity Maturity Model; skills assessment of top management, the IT/security team, and users; ISO/NIST gap assessment; and benchmarking.
The Cybersecurity Preparedness Framework was developed based on experience from 12 years of work in the cybersecurity domain, including on the frontlines of modern cyber war in Eastern Europe, as well as experience from hundreds of projects ISSP has implemented with customers and partners in the private and public sectors globally.\
Who joined the roundtable discussion
Participating in the roundtable were experts from MITRE, the organization that created the world-famous ATT&CK Framework to document attack tactics and techniques based on real-world observation; Mr. Paul de Souza, the founder of the Cyber Security Forum Initiative (CSFI), which is comprised of a large community of nearly 81,000 cybersecurity and cyber warfare professionals from the government, the military, the private sector, and academia; other cybersecurity experts; and representatives of the Embassy of Ukraine in the United States of America.
“At ISSP, we have been fighting cyber threats every day for more than 12 years. We believe that our experience can and should help others, and we know that Ukraine has something to offer to our partners from the United States in this area,” says Roman Sologub. “We are honored to be the co-organizers and keynote speakers of the first business event at Ukraine House in Washington, D.C., in partnership with the U.S.-Ukraine Business Council. And we are very grateful to the organizers and hosts of the event for this opportunity. It is quite symbolic that the first business meeting at Ukraine House in Washington was dedicated to the topic of cybersecurity, because today the sustainable development of any business, industry, and economy as a whole is impossible without properly organized and effective cybersecurity.”
During their visit to Washington, ISSP leaders also met with Ukrainian Ambassador to the United States Oksana Markarova and discussed the prospects of Ukrainian cybersecurity companies in the United States as well as plans for ISSP business development in the US market. We are grateful to the Ambassador and the Embassy of Ukraine in the United States for their work in the field of economic diplomacy. It is very important that it has become one of the priorities of Ukrainian diplomacy around the world.