This post have been sitting on my draft inbox for about 3 weeks, when things werent bad as it is right now. The public data for UK, death numbers are in excess of 9500 as of 11th April 2020. No news of vaccine or way to contain the virus, but my hopes are high and to play my part I follow what the UK government advises us to do.
So back to our little infosec/cybersec world, I think there is more we can do to help from defense side, including make sure the bad guys are not taking this difficult moments to get better of the people and the organisations e.specially the hospitals and medical care communities.
This post is more about what we can learn from this pandemic, and I will update the lessons as we go along.
How you prepare for the event
This maybe the the time when you thing of your DR , BCP and IRP plans, and wish you could have tested them as frequent as possible. The sad truth, these plans are hardly tested or when tested at least annually to satisfy some regulatory requirements. So there you go, increase the frequency of testing these plans, you may not know when you will need them.
How you respond to event
-Now you have your plan, and you get them tested once a year, but how do you test them? table top? one scenario? excuses might be thrown in saying you dont have resource nor time, but when disaster come you will need time and resources, hence test the plan as if your life depends on it, because how you are going to respond.
Controls do not always work
You should be able to test your security control effectiveness and establish how much you rely on them and improvement to meet the stated business requirements.
With the coronavirus disaster, a lot of business have suffered or other are going under, like those in leisure and airline industries, and form other businesses they needed to reinvent on the way they work, engage their customers.
Move faster than the attack
We are in the war against the corona virus, while all the protocols have been followed to contain the virus to some extent, in the business world, the defense teams should be able to move fast to contain attacks in the same way in order to defend the businesses otherwise the attacker would have upper hands, and completely paralyse your businesses. Think like an attacker, so move faster than them.