In light of the evolving geopolitical situation in the Middle East, NASSCOM has issued an advisory to member companies urging heightened vigilance and preparedness across business continuity and cybersecurity frameworks.
While business operations currently remain stable, organizations are proactively reviewing contingency plans and strengthening resilience measures to mitigate potential disruptions should the situation evolve further.
Member companies have initiated the following measures:
Business Continuity Preparedness:
Companies are reviewing and activating contingency frameworks to ensure operational continuity and uninterrupted service delivery in the event of regional disruptions.
Employee Safety Measures:
Organizations are prioritizing employee well-being by enabling work-from-home arrangements and closely monitoring the situation for employees located in affected geographies.
Cloud and Data Centre Resilience:
Firms are evaluating alternate infrastructure routing and backup options to maintain cloud and data centre resilience and safeguard critical systems.
Travel Advisory:
As the region is a major international transit hub, companies are advising employees to limit non-essential travel through the region and consider alternative routes where required.
Client Communication:
Organizations are proactively engaging with clients to communicate preparedness measures and ensure continuity of services.
At the same time, periods of geopolitical uncertainty often see a rise in coordinated cyber threats, disinformation campaigns, and attempts to target critical infrastructure. Organizations are therefore advised to strengthen their cybersecurity posture and treat the following as immediate priorities:
Credential Reset and Accelerated Patching:
Rotate credentials across the organization and apply patches for critical vulnerabilities (CVEs) without delay.
Zero Trust and MFA Enforcement:
Ensure multi-factor authentication is enabled on all external access paths including VPN, RDP, SSH, and cloud administration systems. Implement conditional access policies to mitigate risks such as token theft and adversary-in-the-middle attacks.
Supply Chain Risk Review:
Assess third-party vendors with operational exposure in the Middle East. A single compromised vendor can trigger wider sector-level disruptions.
DDoS Preparedness:
Engage internet service providers and cloud partners to ensure sufficient DDoS mitigation and traffic scrubbing capacity.
Offline and Immutable Backups:
Maintain air-gapped and immutable backups for critical systems, particularly for industrial control systems (ICS/OT), banking infrastructure, and healthcare systems.
Disinformation and Social Engineering Awareness:
Conduct employee awareness programs to help identify and report social engineering attempts that may use themes related to conflict, emergency alerts, or government notifications.
NASSCOM continues to monitor developments across parts of the Middle East and remains in close coordination with the Middle East Council to assess the situation on the ground and extend support where required.
The industry body is also working with relevant authorities to assist member company employees who may currently be in the region.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
