4 Cybersecurity Lessons from the Front Lines of Pandemic Preparation
Ten years ago, I helped create a national pandemic plan outlining how the U.K. would respond to a potential outbreak. While the exercise was largely theoretical, we are now seeing the need for these preparations in real time.
Today, I am helping cybersecurity leaders develop tactics to safeguard their organizations. During my tenure with the UK Pandemic Flu Service, our goal was to create a resilient IT service and support function to operate during a pandemic outbreak. That goal is the same for any organization right now. Instead of helping evaluate vaccines and screen patients, those processes may be applied to keep businesses up and running.
The cybersecurity impact of this pandemic is already apparent. Hackers have started leveraging the crisis for phishing and other forms of attack. For example, in March, a major COVID-19 testing hub suffered a ransomware attack that disrupted operations and caused surgery postponements. There are likely other security implications to come. As a remote work force continues to broaden the attack surface, many corporate networks and IT assets must be secured from afar.
In every case, the best thing you can do is to be prepared. This is true whether it’s a health crisis, a tornado, an earthquake, or a cyber incident. Hopefully organizations had proactively put some of these measures in place, like business continuity and security controls, but it’s not too late to start implementing best practices to protect remote employees and secure your business.
Here’s key lessons from my time preparing for a global pandemic.
1. Scarcity of Resources
Prepping for a potential pandemic outbreak requires planning for the inevitable scarcity of resources – be it healthcare supplies, testing kits, or even qualified people. Understanding what you have available is one of the first steps towards dealing with this challenge. For instance, how many laptops do you have to deliver to newly remote employees? Knowing how many you have to allocate, then efficiently delivering those resources, is difficult but an important part of ensuring productivity.
2. Unprecedented Scale
Remote work isn’t new for most companies, but the sheer current scale of it certainly is. For CIOs, that means not only quickly enabling tools that can make that scale possible, like video conferencing and allocating new devices, but also making sure those tools are secure.
VPNs, for instance, can ensure that employees are able to securely connect to the corporate network. But further tools are also needed to ensure the security of the device itself, as well as what corporate systems and applications that user has access to once connected. That means also evaluating tools like antivirus, network segmentation, and Intrusion Detection Systems & Intrusion Prevention Systems. Many of these tools can now be implemented in a cloud-based fashion, which means that CISOs can add them to their existing security portfolios even while remote.
3. Don’t Forget the Foundational Elements
Part of managing through crisis is not only addressing the crisis itself, but also ensuring that existing operations are able to continue as smoothly as possible. When you think of that in terms of an IT network, that means not only ensuring your employees are able to do things like work remotely in a secure way, but also that the corporate network is secure while employees are away.
To do that, CISOs can also consider tools like automation to develop and enforce policies to take action based on activity seen on the network. They can also implement tools like network segmentation, which would automatically limit the spread of an attack if it were to hit the network.
4. Learn from this Crisis
It is tempting at this extremely busy time to just focus minimizing the impact of the pandemic to your business. However, when things are back to normal, it will be a great time to reflect on what worked well and what didn’t. What wasn’t documented and took unexpected effort to provide?
As IT professionals, we pay good money and dedicate significant time to business continuity exercises, and they are never as realistic as we would like. Don’t miss this opportunity: you have just had a worldwide business continuity test that included your government and all of your supply chain. We all hope this is a once in a lifetime event, but it’s also a great opportunity for continual improvement.
We are certainly in unprecedented times and navigating to a new reality where business is largely being conducted remotely. While I worked on preparing us for this time for more than 10 years, it is still surreal that many of those theoretical implications are now coming true.
The key, in times like this, is to adapt quickly. CISOs should consider what’s working well now, what could be better, and build their plans accordingly. Prioritize triaging what needs to be done now, versus what can wait until later in the year.