#5MinSecurityRead: Security and Business Continuity…what lockdown is teaching us

News and information from the Advent IM team.

Advent IM security blog

During our podcast last week, we touched on the relationship between security and business continuity.  The speed with which many organisations and businesses had to shift workforces to homeworking exposed a wide range of unexplored vulnerabilities, at least for many. Whilst IT shortages or loss  of IT has been very high on the Business Continuity Institute Horizon Scan year after year, many businesses faced the difficulty of providing equipment to staff. The circumstances also meant that many would also struggle to securely configure the equipment prior to issue. The rise in attempted cyber attacks* since lockdown shows the speed with which criminals have adapted to the first stage of a ‘new normal’, as does the rise in ransomware attacks**. Training and awareness that has perhaps been given a small degree of attention will be found wanting now as employees are also recording that they feel the level of security protection they have for their new work from home set up is inadequate.***

So what have we learned so far in lockdown? Well, criminals share information and capitalise on opportunity very fast, even thousands of deaths, with impunity . That isnt really new but watching it unfold against the backdrop of COVID-19 has been grim. There is evidence to suggest a new ransomware strain was even named Coronavirus.

  • We have learned that an integrated Business Continuity Plan that works with Security, seamlessly, is the ideal. It makes us agile and responsive, giving us time to refine circumstances in response to a dynamic situation.
  • We have learned that organisations that have already embraced remote or flexible working, have fared best so far in the crisis. Of course, this has not included supply chain vulnerabilities or challenges; no business is an island and the flow of business has been severely impacted by these supply chain interruptions. Many businesses do not carry out supply chain audits and are therefore largely unaware of what kind of risk awaits them, or that they represent to their downstream ecosystems.
  • We have also learned that security awareness and training is vital to an effective agile response and that it also plays a part in assuring remote teams that they can handle challenges that impact organisational security through their devices.

 

* Huge rise in hacking attacks on home workers during lockdown

** Ransomware on the rise as home working increases

*** 49% of workers feel vulnerable due to the insecurity of the devices they are using, such as corporate laptops and PCs.

 

Share this Post