In reaction to the COVID-19 pandemic, entirely new ways of interacting are rapidly impacting business operations. Addressing cyber threats and privacy and security concerns has gone the way of usual processes — i.e., becoming something of a scramble. Gaps in protections are opportunities for sometimes accidental, often purposeful, breaks in cybersecurity, privacy and operational security. Employees and associates make mistakes, and hackers are more than ready to exploit, as evidenced in recent attacks on a popular video conferencing platform and a COVID-19 virus research company. The solution is strengthening defenses through awareness, assessment, mitigation and judicious collaboration.
1. Be aware of heightened vulnerabilities.
Governmental, institutional and organizational measures taken in the COVID-19 crisis, while generally considered necessary, create cyber, privacy and security challenges:
2. Assess new situations and take mitigation steps.
Verification of social distancing, quarantine and self-isolation
- Contact tracing
Identification of contacts of patients who tested positive
- Health data disclosures
Making personal data of COVID-19 patients and their contacts accessible in crowdsourced, nongovernmental databases
- Restrictions and requirements
Imposing travel restrictions, limiting visitors and requiring medical exams, thereby potentially sharing information
- Remote work
Monitoring employee activities including data use
As your organization stabilizes its new operating models, assess how your cyber risk posture may have changed. Then determine definitive mitigation.
Usage of new devices and tools
Remote work environments introduce bring-your-own-device approaches and cloud-based collaboration tools for web-based conferencing, file shares and instant messaging. Many of these devices and platforms don’t have the same security in place as company-owned and -managed systems.
User access controls
- Utilize end-point control software and remind users of the appropriate systems and processes to use to secure sensitive information.
- Implement data loss protection software to prevent sensitive data from being shared over unsecured channels.
With work-at-home, access that was traditionally contained within the corporate network is pushed out to unsecured networks. In addition, furlough activities strain normal processes for timely revocation of access. These access issues are creating an opportunity for entitlements becoming out of alignment with what is necessary for operations.
Phishing emails and malware
- Consider increasing the use of multifactor and risk-based authentication.
- Perform ad hoc access certifications to verify that a least-privileged approach is being applied.
- Review logs, and conduct user behavior analytics to compare current access patterns to previous ones to identify where compromises might have already occurred.
Email attacks have increased as fraudsters attempting to extract security credentials pose as corporate helpdesk and IT teams. Attacks are easier because users are distracted by establishing new work routines.
3. Raise collaboration levels.
- Remind users through quick-hit trainings about their roles and responsibilities, as well as the actions they can take to help secure corporate systems and data.
- Ensure anti-virus software is installed and up to date on all devices.
An unprecedented collaboration among cyber, privacy and security functions is critical. A coordinated focus can reduce the probability and impact of incidents:
- Increase frequency of awareness campaigns for your workforce, e.g., a weekly data security communication explaining processes for secure remote access and how to recognize business email compromise, along with a quick response process for alerts about suspected incidents.
- Identify how personal and sensitive data is being shared and used beyond the normal course of business. Toughen safeguards, e.g., increase monitoring of data exports and data sharing with outside parties and repositories.
- Perform a walk-through of the incident response process, e.g., distribute communication templates and containment processes for critical and business-sensitive applications.
- Work together to address urgent questions:
Track business developments related to COVID-19
- Do existing systems and processes need to be altered to account for the change in work locations and how users interact in order to secure your organization’s data?
- Do new systems and corporate relationships that were introduced need to undergo a risk assessment?
- Do policies and procedures, and how they impact the configuration of systems (e.g., password policies) need to be updated to reflect the increased distributed nature of the work environment?
- How does the new operating model align with your compliance requirements?
Visit our dedicated resource center
for up-to-date insights and information, and contact our professionals with questions and needs.
Managing Director, Cyber Risk
+1 312 754 7219
Principal, Cyber Risk Advisory Services
+1 312 602 8940