Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Enterprise ServicesSecurity Leadership and ManagementCybersecurity News

3 Ways to Fortify Cyber Resilience amid COVID-19

By Anil Markose
SEC0819-Cyber-Feat-slide1_900px
April 28, 2020

The COVID-19 pandemic has created an environment in which malicious cyber actors thrive. They are exploiting today’s uncertainty and anxiety through ransomware attacks, phishing campaigns, social engineering and financially-motivated scams. Although we are living in unprecedented times, the cyber threats we face and the malicious actors we defend against are not new. But the globe’s singular focus on COVID-19 may make us the proverbial fish in a barrel for bad actors.

These attackers understand and target our thirst for information to help us navigate this pandemic. A sudden, intense focus on specific topics such as local coronavirus case data or where to find face masks makes it easier than ever for bad actors to design a phishing email, scam, or other attack. At the same time, organizations scramble to adopt remote-working best practices as employees move en masse from working inside a traditional office to remote environments practically overnight.

IT and security leaders understand how to defend against the types of cyber-attacks we’re seeing, but need to adapt their defenses to the current environment of uncertainty and social distancing. Below are three ways leaders can fortify their cyber resilience amid COVID-19.

 

Adapt Ransomware Response Playbooks

In today’s threat landscape, IT and security leaders cannot simply focus on preventing ransomware attacks; they must also have a robust strategy for how to react to such attacks. In addition, organizations should adapt their ransomware response playbooks for the current remote working environment. 

For example, in the event of an attack, convening an organization’s key decision-makers in one room to strategize on response is not likely to be an option. Simple measures such as compiling the contact information and backup phone numbers for key decision-makers can go a long way. Ransomware response playbooks should also outline topics such as whether or not the organization would pay the proposed ransom, the legal teams the organization will work with for counsel and mitigation, and considerations for engaging with legal counsel other key players remotely.

 

Consider Network Visibility & Secure Devices

Most likely, few organizations had plans to shift from in-office work to most staff working remotely in a matter of days. Network monitoring protocols that works in a traditional office setting may leave you in the dark in a remote working reality. A foundational step in understanding the risk profile is to first understand the network visibility available and adjust enterprise protocols as necessary to protect in today’s environment.

To uncover gaps in the defenses, embrace expanded threat hunting activities. Though not a perfect solution, red teaming and penetration testing are key levers to pull to help find vulnerabilities or threat actors lurking in the system. Another key tool at the disposal of security leaders is the trusted network list. In these unprecedented times, reducing the number of trusted networks and restricting user access to hinder credential escalation attacks.

 

Maintain Employee Engagement

The coronavirus pandemic has already caused significant swings in global markets, with a possibility of the steepest economic downturn since the Great Depression, according to the International Monetary Fund. Given the current financial volatility, we have already seen layoffs, furloughs and reductions in work hours, with other difficult decisions ahead.

In this uncertain time, critical in these times of increased emotional and economic stress that can lead to increased insider threats – intentional or otherwise. In addition to internal communications plans, security leaders should evaluate their more traditional purview, refreshing insider threat programs and response plans to ensure they can locate and quickly address any threats in a new, remote working environment.

Although our global response to COVID-19 poses significant cybersecurity challenges, leaders must not lose sight of the transition at the end of this pandemic. IT and security leaders alike should look at the technology and processes put in place during the pandemic response and consider how these might help the organization leapfrog forward. Are there aspects of the network that were once considered critical to be “on-prem” that can now migrate to the cloud? Is there sufficient infrastructure in place to enable more advanced remote work options than what is in place today?

IT and security professionals, in partnership with other enterprise leaders, can and should chart out upgrades today and consider the organizational changes that will empower the enterprise to become more agile and more secure in the future.  

KEYWORDS: business continuity COVID-19 cyber security ransomware risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Anil markose

Anil Markose is an Executive Vice President and leader in Booz Allen’s commercial business, focused on helping Fortune 500 and Global 2000 clients prepare for and respond to a shifting threat landscape.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Columns
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • malware detection

    3 ways to build cyber resilience post-ransomware attack

    See More
  • Technology, New Use Cases Drive Progress in Video Analytics - Security Magazine

    Security technology proves to be vital amid COVID-19

    See More
  • cyber_lock

    Companies need to enhance cybersecurity amid the continuation of COVID-19 in 2021

    See More

Related Products

See More Products
  • 1119490936.jpg

    Solving Cyber Risk: Protecting Your Company and Society

  • 9780367339456.jpg.jpg.jpg

    Cyber Strategy: Risk-Driven Security and Resiliency

  • physical security.webp

    Physical Security Assessment Handbook An Insider’s Guide to Securing a Business

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing