The COVID-19 pandemic’s impact on business is far reaching. Today’s post is a follow-up to yesterday’s blog, “Coronavirus Forces a New Approach to Crisis Management,” and last week’s post, “Leading Remote Teams in Times of Uncertainty,” both offering additional food for thought on how to manage in these challenging times. You may also be interested in these recent Protiviti blogs, “COVID-19: Is Your Business Immunized Against Supply Chain Disruption?” and “Working Remotely? Microsoft Teams Can Help.”
The current novel coronavirus epidemic is impacting global markets, businesses, and individuals. Right on cue, threat actors are taking advantage of the chaos and uncertainty by unleashing a torrent of social engineering and phishing scams. Further complicating matters, businesses were not ready to move to a fully remote workforce, modifying both technology and working locations simultaneously. This situation has made it easier for threat actors to compromise the security of your users and organization. The health and safety of our workforces must be our priority; only after that, organizations should consider the following activities. Here are steps to take today to secure your organization’s assets, including your most valuable asset – your people.
Formal Communication Path
We cannot emphasize this enough: communication is more critical now than ever. Every organization should have a documented and official communication path for organizational change announcements during the pandemic. Threat actors are taking advantage of the rapid organization and technology changes through phishing and social engineering. Establishing a communication path that involves both e-mail communications and an internal blog post, updated regularly, enables the workforce to verify changes in how and where they work. This simple act makes it harder for threat actors to take advantage of the situation. While we are on this subject, make sure to communicate with your workforce, both on an established cadence and ad hoc, when there are significant developments. Be sure you prime this communication channel with an executive-level sponsor sending a statement like, “all our official statements will be posted on our [intranet site]. Beware of phishing attempts and check anything suspicious against [intranet site].”
Accelerate Cloud-Based Web Proxy Deployments
Securing and defending a remote workforce requires companies to change from an old fortress style of defense to adopting zero-trust and modern architectures, but let’s face it — we’re not going to make this change overnight. However, now is the time to investigate and accelerate deployments of cloud-based web proxies. Solutions that enable organizations to protect user devices whenever they are on to the internet should be considered. Having this capability in your arsenal is good for an effective security program long-term. These solutions can also enable you to expose internal web applications securely, without the need for a VPN.
Create Targeted Awareness Campaigns
Now is also the time to empower users with targeted awareness campaigns about working remotely. Focus on reinforcing the organization’s acceptable use policy to ensure users are not allowing children and roommates to use company devices and potentially exposing company data or intellectual property. Discuss the privacy and security concerns related to digital assistants, open windows and working in communal spaces. Finally, now is not the time to conduct phishing campaigns. Users will feel taken advantage of, and these campaigns will reinforce the “us vs. them” mentalities.
Plan Now for Incident Response
Cybersecurity organizations should have a plan in place for how they are going to perform investigations, containment, eradication, and recovery processes in a distributed working arrangement. Now is also the time to ensure a rough succession plan is in place in the event a critical staff member is ill or needs to care for loved ones. Teams should also check with their legal counsel to ensure a coordinated response plan exists and is executable with remote staff. Threat actors are actively sending out phishing e-mails and calling your users. They know this as the time when security organizations are strained, and they want to take advantage of this opportunity.
Finally, take ample notes about what worked well and not so well in this transition to remote work. We will all be going back to the office at some point and this is a learning opportunity. Take these lessons learned and incorporate them into your business continuity plans. Adjust strategic plans to ensure security organizations have the right capabilities to cope with a remote workforce. Most of all, embrace the concept that users can be productive no matter where they are working.
For more information on how Protiviti can help you during the COVID-19 pandemic, contact us.