Wed, Mar 11, 2020
Right now, the world is watching to see how the coronavirus (COVID-19) spreads and how governments react to prevent and respond to infections. We don’t know how much more the disease will impact normal day-to-day, but it has already inflicted material consequences on travel and several other factors that are important to IT managers and technologists.
With COVID-19 recognized as a pandemic, it’s time for every information technology group in the world to look at key “what if” questions—what if COVID-19 (or something like it) directly impact regions where our people or facilities are located? How will governments respond, and how will that response impact our IT operations?
Depending on your industry, your management may have the expectation that you will continue to support the business as usual. While they may have that expectation, you may or may not be ready to fulfill it.
Thinking about this problem in advance is vital. Hackers understand the problem and see this as an opportunity to compromise public and private sector organizations who are not able to maintain their usual level of security.
For example, one frequent recommendation in epidemic/pandemic conditions is to have workers stay home and, if they can, work from home. For many businesses this is possible—at least in part. For others, where having workers at an office, store, warehouse or other specific location is a requirement, working from home may be impractical or impossible.
Regardless of that, every IT manager must focus on the question of how their organization is going to function. Consider these questions as a starting point:
Even the best preparations may not be enough, depending on local conditions. But what is certain is that IT organizations that take the time now to plan for remote pandemic operations will be in a better position to respond—and to provide a true picture of capabilities to management—than those who sit back and use a “management by hoping for the best” approach.
Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.
Kroll's cyber risk assessments deliver actionable recommendations to improve security, using industry best practices & the best technology available.
Kroll's data privacy team provide DPO consultancy services to help you become and stay compliant with regulatory mandates.
Kroll’s Virtual CISO (vCISO) services help executives, security and technology teams safeguard information assets while supporting business operations with augmented cyber expertise to reduce business risk, signal commitment to data security and enhance overall security posture.