Cyber Incident Response & Operational Resilience—COVID-19 Era Long-Haul Strategies

cyber incident responseBy and large, we have made it through the initial crunch of the coronavirus pandemic. In incredibly short order, many organizations provisioned countless laptops and mobile devices and configured cloud networks and VPNs to facilitate work-from-home on a scale most of us never fathomed.

Typically, business continuity plans call for running a business under an emergency protocol for a limited period, after which normal operations are restored. However, the COVID-19 pandemic has resulted in an unknown period of remote working and severely altered modes of operation. To make matters even more challenging, organizations should anticipate the possibility, and according to many infectious disease experts, the likelihood, of cycles of employees fluctuating between working on-premises and home-based work, as the virus infection activity peaks, declines, and peaks again.

Due to high levels of remote working, most organizations’ security postures have been weakened. Cybercriminals are aware of the opportunity and the increase in phishing, ransomware, and other cybercriminal attacks certainly reflects this awareness.

To manage the crisis, many companies are invoking large portions of their business continuity plans. But, never in my career have I seen a business continuity plan that anticipated this scenario; however, here we are. How should we ensure cybersecurity protocols, incident response readiness, and ultimately, resiliency in our organizations in the face of a protracted crisis where uncertainty is more the rule than the exception?

To bring clarity to the remainder of this discussion, I need to characterize three terms: cybersecurity, incident response, and operational resilience.

Cybersecurity is the convergence of people, processes, and technology to protect organizations, individuals, networks, devices, and data from digital attacks and theft.

Cyber incident response is directed by an incident response plan, a set of instructions to allow an IT team to detect, respond to, and recover from network security incidents including cyberattacks, data theft, and network or system outages.

Operational resilience is a carefully assembled assortment of approaches that allow people, processes, and information systems to adjust when confronted with changing business conditions. Typically, an effective business continuity plan directing the quick return of a company’s systems to functionality is critical to operational resilience. Though many organizations have great business continuity plans to address fire, floods, storms, and other acute emergencies, few have addressed the evolving crisis inflicted by the COVID-19 pandemic.

In short, cybersecurity measures protect your organization, incident response plans enable an effective response to inevitable cyber incidents, and operational resiliency ensures recovery when unpredictable emergency strikes. By asking yourself the right questions and developing the right action plans, you can better secure your organization come what may.

Cybersecurity, Cyber Incident Response, and Operational Resilience Preparedness Questions

 

Cybersecurity Questions

The following are a few cybersecurity questions to ask yourself. For a more complete cybersecurity question list, click here.

  • Have I acquired and internalized the necessary at-home working guidance?
  • Do I understand the remote environments in which employees are operating?
  • Does my business have a means of authenticating communications with employees?

 Incident Response (IR) Questions

These are just a few important IR questions. For a more complete cyber incident response list, click here.

  • Does my IR readiness plan fully account for a largely or completely remote workforce?
  • Have I tested my cyber incident response plans? Is the test still valid, given the current operational context and modes of working?
  • How will I maintain critical communications with my staff, customers, and other stakeholders?

Operational Resilience Questions

Ask yourself these sample operational resilience questions. For a more complete operational resilience list, click here.

  • Do I understand what my business-critical processes and operations are and where the single points of failure or stress points are for each?
  • Do I understand how my staff is working and what tools, systems, and networks they are using—both official and unofficial?
  • Does my current business continuity plan cease to work at some point? What is the plan as we approach that point? How might the remote working constructs in the supply chain (upstream and downstream) affect my business?

 

These are complex times, requiring a great deal of thought and technology resources. If you need help improving your cybersecurity, cyber incident response, and operational resilience SilverSky is here for you. Don’t hesitate to reach out to us at 1-800-234-2175 or learn@silversky.com.

Angela Gunn Editor
Professional Services Team Lead , SilverSky

Energized by leading the effort to help clients create the approaches, policies, and procedures needed to evolve and advance their cybersecurity postures. 

follow me

Previous

Next

Managed Detection and Response

Comprehensive solutions to detect, prioritize, and address security incidents.

Managed Security Services

24 X 7 X 365 monitoring, management, and system maintenance.

Email Protection Suite

Monitor and manage your email environment with advanced email security and compliance protections.

Cloud Email and Collaboration

Cloud office productivity enhanced with proven security and compliance protection.

How does SilverSky's integrated stack of solutions meet your needs?

Compliance and Risk Services

Assess your program and controls, benchmark and identify areas for improvement. Develop your security roadmap for investment and improvements. Effectively measure ROI and impact on your security posture

Incident Response Readiness

Incident Response Plan Development / Review. Incident Response Readiness Review. Emergency Incident Response.

Discuss your compliance, risk management and incident response readiness needs.

Schedule Free 1-on-1 Consultation

Financial Services

1,500+ small & mid-sized financial institutions rely on SilverSky to meet and exceed FFEIC, GLBA and PCI DSS requirements and overall cybersecurity needs.

Healthcare

Hundreds of small & mid-sized healthcare organizations rely on SilverSky to address HIPAA and other regulatory requirements and serve overall cybersecurity needs.

Retail

Small and mid-sized retail organizations count on SilverSky to maintain PCI DSS requirements, secure customer data and reduce cybersecurity threats.

How Exposed Are You?

Take the test to see how your security program compares with other businesses like yours.

Resources

White papers, guides, tools, on-demand webinars, case studies and more. Explore a range of topics. 

Events & Webinars

Blog

Product Sheets

SilverSky product and services information at your fingertips. Product data sheets, compliance matrixes, & brochures.

How Exposed Are You?

Take the test to see how your security program compares with other businesses like yours.

Become A Partner

Partner with SilverSky to tap into the approaching $300 billion+ cybersecurity market.

Talk to one of our partner managers and consider expanding your cybersecurity offerings.

Schedule Partner Exploration Discussion

Share This