Companies need to be on high alert from Iran cyber attacks, says TrustedSec CEO David Kennedy

Cybersecurity Threat Landscape - Iran's cyber capabilities are on par with other nation states and are leveraged as a direct extension of military force [2] - DHS and CISA have issued advisories for private sector corporations and government entities to be on high alert for cyber attacks [3] - Iran can inflict substantial damage in the US across manufacturing, supply chain, retail, and critical infrastructure without necessarily crossing the red line of loss of life [4] - Iran typically targets user accounts through phishing or social engineering, directly attacks external perimeters, and increasingly targets cloud infrastructure and SaaS providers [6] - Over 85% of critical infrastructure is privately owned, making it a vulnerable target [7] - Iran has been attempting to conduct operations for this type of event, potentially having undetected footholds in organizations and critical infrastructure [9] - Iran is specifically targeting industry verticals, which is not typical [10] Market Impact - Cybersecurity stocks such as Fortinet, CrowdStrike, and Zscaler are up by about 1.5% to 2.5% [5] - Palo Alto is up about 1.7% [6] Defensive Recommendations - Companies should be on high alert and diligent in putting up defenses and monitoring for specific issues to minimize damage [4][8] - Companies should be very diligent due to the current times [10]