Cybersecurity threats have escalated, as bad actors take advantage of the COVID-19 pandemic. While organizations worry about newly pressing concerns—workforce well-being, finance availability, and the resiliency of operations and supply chains—cybersecurity focus is being overshadowed and risks are rising.
The tendency toward ad hoc decision making during crises only accelerates the opportunity to exfiltrate data or compromise business operations. The potential impacts are more dangerous, too. A distributed denial-of-service (DDoS) attack, for instance, can be far more damaging in an operational environment that is already strained for capacity than one launched when additional capacity is readily available.
In this report, we identify key steps security leaders can take now to manage discrete, high-impact events that may arise in this environment and to prepare for additional unforeseen scenarios. Every cybersecurity crisis has a three-part lifecycle:
- Planning and detection
- In-the-moment response and remediation
The first step is for leaders to identify where they are in that lifecycle and prioritize their actions accordingly. We have created recommended actions for each phase as a guide. In particular, the current pandemic environment demands increased attention to response and remediation. Drawing on lessons learned from incident response drills in security operations centers (SOCs) and cyber ranges (virtual environments for testing security capabilities), we have found that highly resilient organizations do three
things well: organize and deploy resources, communicate regularly, and coordinate responses.
The potential for continued disruption during this pandemic is high, making cyber resilience crucial. Business continuity and crisis management plans can become major strategic assets. Download the full report below and check out the supplemental action guide: