As I sit in bed writing this article, cocooning myself from the dangers of the outside world, I ponder the impact that the novel coronavirus will have on the world around me. I also think about the positive steps we’ve taken as a nation to slow the spread of the virus. However, it has also exposed how ill-prepared we really are. There are many that won’t work at all for an extended period. I would consider myself one of the lucky ones because I have a job in which I can easily work from home. As a Cyber Defense Analyst, it is very easy to work from almost anywhere. I think there are many lessons to be learned from COVID-19 that can be applied to cybersecurity, the biggest one of all, preparedness.
Education. This is one of the most important aspects in getting you or your organization ready to prevent a cybersecurity incident. Not every accountant or marketing intern needs to be an expert in cybersecurity, but they should know the basics in protecting themselves and ultimately, the organization they are a part of. Wash your hands, cough and sneeze into your sleeve, avoid large crowds. This information is crucial to limiting danger and may seem like basic knowledge, but so do basic cyber hygiene practices to the professionals. Educating organizations to watch for suspicious emails, not to enter suspicious or untrusted websites, and to enable MFA in conjunction with strong passwords is a crucial step in keeping users as safe as possible. Education is an incredibly powerful way to prepare for an incident.
Policies. With the right policies in place we can decrease the likelihood of an incident or decrease the impact it can have on an organization. If there are no policies in place for when an incident occurs it can lead to a sense of panic, confusion, and even intense purchasing of toilet paper. Some examples of policies are change management policy, physical security policy, email policy, etc. The policies put into place can dramatically decrease the effect of the incident, they also increase the supply of toilet paper.
Protection. What are we doing to protect ourselves? Do we have hand sanitizer? It is crucial to have adequate protection from the viruses and other threats that intend to damage and exploit. This is where SIEMS, firewalls, and endpoint protection come into play. This might be one of the hardest aspects of preparedness to fill because these tools can cost a lot of money. However, it is an investment in the security and overall health of an organization.
Let us all spend this time locked away in our houses to contemplate how we can prepare ourselves more adequately for a world that is ever more dependent on the internet. If we are not prepared to handle an inevitable incident, the road to recovery will be a lot longer than it needed to be.
Author: Chris Tuliloa is a cybersecurity professional that works with organizations in the Emergency Services sector.