Cybersecurity Crisis Management: Business Continuity, Remote Working & Disaster Recovery during the Coronavirus Pandemic
You may have spent the last week or two rapidly transitioning your business online and setting up your whole workforce (where possible) to work remotely from home. If this has gone smoothly, you’re probably feeling a huge sense of relief right now.
But organisations undergoing rapid change face increased cyber-risks. Cybercriminals love chaos as it gives them additional opportunities to exploit vulnerabilities. Cybersecurity crisis management is, therefore, more important now than ever, during this global pandemic.
Earlier this week, IoT World Today highlighted a number of areas of concern for those adopting new business practices driven by the Coronavirus pandemic. Here are just some of the anticipated issues:
- Pandemic stress will leave some people more susceptible to social engineering, eg being manipulated to share confidential information.
- The rapid shift to remote working opens up threats from expanded network access, with employees commanding operations from home where there may be minimal security measures.
- Consumers put “a lot of trust” in a growing number of vulnerable devices that are “internet-enabled and don’t even have any means of proper user administration.
- The health care industry is likely to see a surge in ransomware attacks. A hospital in the Czech Republic has already had to suspend operations this month after a purported ransomware incident, which delayed surgeries and testing of dozens of coronavirus samples.
- Healthcare and manufacturing organisations looking to maximise outputs are more likely to pay ransoms in the event of ransomware attacks, as they focus on continuing operations of critical services.
- Local governments and critical infrastructure must also contend with strained communication channels.
- As remote-working infrastructure is rapidly established, corporate assets are placed on the same wifi networks of Internet of Things (IoT) devices with minimal consumer-level security, creating a new entry point for attackers to reach corporate targets.
What can you do right now to protect your organisation?
Does your company have a robust business continuity plan in place?
Clients often ask us to review their existing business continuity plans and help them identify any gaps within their current business continuity strategy. In some cases, we have also worked with clients straight after a disaster to ensure all their critical business systems are back up and performing as quickly as possible.
Drawing on the common issues and themes from these situations, we shared some general tips and advice in our blog posts:
- Five things you should cover in your business continuity plan and
- Five more things you should cover in your business continuity plan.
- Additionally, here are two things you must avoid as part of business continuity planning.
In light of the new threat from pandemics, Gartner has also just released a helpful briefing webinar on Business continuity management: pandemic planning that you may find helpful.
Remote working and security
Here are some general best-practice cybersecurity measures your organisation should be taking, particularly with so many people working remotely:
- Logging in to your business email account with 2-factor authentication over just using a single password
- Using encryption on your laptops over trusting on the standard Windows login
- Using a secure browser to increase your privacy protection over just using google to search the web for you
- Using Zero-Knowledge encryption to secure your data in the cloud over sharing your encryption key with your cloud provider by default.
- Using a Virtual Private Network (VPN) over just browsing the internet through unsecured public WiFi networks
How secure is the software you are now using for file sharing?
Now is the time to review the security level of your file-sharing software. If considering different options, take a look at Nimbox. This file-sharing software was built around optimum security. Due to the current COVID-19 crisis, Nimbox has extended its 14-day trial to 30-days, to help organisations collaborate remotely, and securely.
Disaster recovery and backup
We’ve written extensively on disaster recovery and backup, so do take a look at our general best practice advice:
- Simple five-step disaster recovery process for SMEs
- Disaster recovery FAQs
- The right disaster recovery solution saves time and money
- Your disaster recovery plan could be missing a vital element
- The office 365 backup gaps you didn’t know about
- 6 reasons to backup Microsoft Office 365
We’ve made our technical support team available, for free, for any organisation with questions or concerns around remote working.
To help employees work elsewhere during this difficult time, we’re offering Microsoft Teams free for 6 months. Chat, meet, share files, and work together with ease and no obligation.
We are helping businesses RIGHT NOW to get through this current Coronavirus crisis and build a robust IT infrastructure with adequate security.
We want to help you plan for the worst, as we all hope for the best.
Contact us online today or call us on +44 (0)3453 888 327.