MIT Sloan Management Review Article on Building Cyber Resilience Before the Next Attack Occurs

Before the tensions between Russia and Ukraine escalated into full-blown war, cyber activity in both countries surged. As Ukraine was bracing for an invasion, cyberattacks targeted the country’s banks and government agencies, and Russian hackers attempted to bring down the power grid. Russia, in turn, found itself a target of Anonymous, a “hacktivist” collective, which in the first days of the invasion played the Ukrainian national anthem on Russian state TV along with footage from the war.

The surge in cyber activity surrounding the invasion of Ukraine, documented in a Microsoft report, stoked concerns among governments and enterprises fearful of getting caught in the digital crossfire. In 2017, a cyberattack on a Ukrainian tax preparation program led to disabled airports, railways, and banks within Ukraine and spread to a host of global companies, eventually causing more than $10 billion in economic damage).

About the Authors

Manuel Hepfer, Ph.D., is a research analyst at ISTARI, a cybersecurity platform established by the investment firm Temasek to help companies build cyber resilience. He is also a research affiliate at Oxford University’s Saïd Business School. Thomas B. Lawrence is professor of strategic management at Saïd Business School. Julian Meyrick is managing partner and vice president for Security Strategy Risk & Compliance at IBM. Pompeo D’Urso is a global cybersecurity and incident response expert. He previously worked at IBM, where he provided executive training at the company’s Security Command Center.