ع
,
Amman, JO
Rain
10 C
COVID-19 Opens the Eyes On Cyber Security Roles for Business Continuity

Just like Hollywood movies, in few days, the world has completely changed from a connected network to a distanced entity (at least in personal space terms). Most of the world’s population is in self-quarantine. Organizations and individuals are being forced to adapt rapidly and embrace new practices such as online services and remote working.

This huge dependency on the internet and online services around the world, has created vulnerabilities and more opportunities for cyber criminals. In this digital era, the world is facing as much of a threat from cybercriminals as it is facing physical danger from the pandemic.

 

Increased security risk from remote working/learning

With many employees working from home and students learning virtually, Internet and virtual private network (VPN) servers have now become a lifeline to companies/schools, and their security and availability will be a major focus going forward. To try to achieve this, there is a possibility that an organization’s unpreparedness will lead to security misconfiguration in VPNs thereby exposing sensitive information on the internet and exposing unpatched services to the internet.

In addition to this, the dependency on BYOD (Bring Your Own Device) to perform business work could also pose a great amount of risk to organizations. Organizations should ensure VPN services are safe and reliable as there promises to be a lot more scrutiny against these services. Furthermore, employees should be advised against using personal computers for official purposes

Questions to be asked:

  • Do our employees have enough security awareness to work on their own devices without violate organization security policies?
  • How do we make sure that our employees are using secure unfractured internet to access the organizations resources?
  • Do we perform the correct security measures to evaluate the current security posture (e.g. vulnerability scan, penetration test, threat assessment, … etc.)?

 

Poor cyber-attack detection and response

Many organizations have not implemented a functions of security monitoring, detection and response and rely this job to IT team or they have these functions but with no high skilled resources to deal with hard situation which making detection of malicious activities difficult and responding to these activities even more complicated. Updating patches on systems may also be a challenge if security teams are not operational. Organizations should evaluate the security defenses in place and explore the use of co-sourcing with external consultants especially for areas where key man risks have been identified.

 

Questions to be asked:

  • Do we have 365x7x24 security monitoring?
  • What are the required skills for the Company to be able to response to different type of cyber-attacks (e.g. Ransomware, DDOS, .. etc.)
  • Are we clear with the current company’s security posture?

 

Business Continuity Plans (BCP) to feature global pandemics

Many organizations have business continuity plans, but it is obvious the impact of a global crises like COVID-19 was not considered in many BCPs. With the widespread impact of the COVID-19, organizations need to re-visit their Business continuity program and incident response plans specially to feature such pandemics that affect many countries and critical elements of supply chains at the same time. A revised risk assessment should be conducted on critical processes to identify the various options in ensuring these processes can still be maintained at an acceptable level and an effective fail over is achievable.

 

Questions to be asked:

  • Do we have real BCP or it is just compliance requirements?
  • Did we train the team to execute the plan? If no, we are in trouble and if yes, is it partial or complete and under which situation.
  • Do we have enough polices, processes and procedures to run the business under the emergency situations?

 

Finally, The COVID-19 pandemic has caused a huge tenseness on the global economy with some experts predicting the aftereffects of the pandemic. Organizations Post COVID-19 pandemic strategy might include downsizing by cutting off business lines considered as non-critical which may include cyber security operations. This short-term plan might however increase the impacts on the pandemic in the long haul as this will further increase the impact of attacks on the organization.

Organizations are advised to update at their BCPs and remote working policies/practices whilst prioritizing cyber security.

 

Mohammad Al Rawabdeh
Security Architect - Cloud & Advanced Solutions
COVID-19 Opens the Eyes On Cyber Security Roles for Business Continuity