NetWitness Incident Response Team Urges Enterprises to Prepare for Potential Cyberattacks Related to Russia/Ukraine Conflict

Recent Warnings from the Biden Administration Point to Potential Cyber Threats Aimed at Critical Organizations

BEDFORD, Mass.--()--NetWitness, an RSA business, and globally trusted provider of cybersecurity technologies and incident response services, today released guidance from its Incident Response team urging global enterprises to take measures to prepare for potential cyberattacks related to the ongoing conflict between Russia and Ukraine.

“The world has been bracing for potential large-scale cyberattacks stemming from the conflict for weeks, and recent developments indicate that enterprises should take proactive measures to shore up their cybersecurity postures and capabilities,” said David Gaik, Senior Director of Services for NetWitness. “We are strongly recommending that enterprises concerned about incidents should make a plan now, and where appropriate, secure a retainer for incident response services from a trusted cybersecurity vendor. Whether that is with NetWitness or another vendor, having a plan in place should be a high priority.”

The Biden Administration released a statement on March 21 urging companies to strengthen their cybersecurity capabilities and protections in the face of potentially damaging cyber activity perpetrated by threat actors as part of the ongoing conflict. The Administration also urged organizations to execute a number of best practices for bolstering cyber defense capabilities.

The NetWitness Incident Response team is available to assist organizations with enacting these recommendations, as well as several other services, and does not require organizations to be existing NetWitness customers or have NetWitness technology in place. These services include:

  • Incident Response Retainer: The NetWitness IR team stands by to help mitigate the impact of an incident through proactive response, leveraging the NetWitness Platform and third-party solutions already in use by the customer.
  • Incident Response Rapid Deploy: The IR team mobilizes following a breach to minimize damage and gather intelligence using NetWitness solutions.
  • Incident Discovery: The IR team proactively uncovers potentially malicious activity and delivers specific remediation steps for identified threats.
  • Controlled Attack and Response Exercise: The IR team conducts a comprehensive assessment of cybersecurity capabilities to respond to a real-world attack scenario and recommendations of how to improve them using available resources.

Learn more about NetWitness Incident Response services here.

If you need immediate help responding to a data breach or suspected cybersecurity incident, contact NetWitness here.

ABOUT NetWitness

NetWitness, an RSA® Business, provides comprehensive and highly scalable threat detection and response capabilities for organizations around the world. The NetWitness Platform delivers complete visibility combined with applied threat intelligence and user behavior analytics to detect, prioritize, investigate threats, and automate response. This empowers security analysts to be more efficient and stay ahead of business-impacting threats. For more information, go to

©2022 RSA Security LLC or its affiliates. All rights reserved. RSA and the RSA logo are trademarks of RSA Security LLC or its affiliates. For a list of RSA trademarks visit Other trademarks are trademarks of their respective owners. RSA believes the information in this document is accurate. The information is subject to change without notice.


Andy Rodger

Release Summary

NetWitness today released guidance urging enterprises to prepare for cyberattacks related to the ongoing conflict between Russia and Ukraine.


Andy Rodger