Incident management: what we can learn from a crisis
In information security we have a saying: ‘never waste a good crisis’. As grim as this may sound, there are valuable lessons to be learned from situations like the recent corona outbreak. As seen in the news a lot of companies close down their offices to limit the transmission of the virus. However, this can impact your efficiency or introduce new risks. What can you do to assess this?
Business continuity plan
One of the essentials your business should already have in place is a business continuity plan. You should know what hurts your company whether it’s a systems malfunction, decreased productivity due to the inability to work remotely, or due to illness among employees. A simple risk assessment is already a great start! Be creative and don’t rule anything out on beforehand, as unusual circumstances will test your business resilience on different fronts.
For example, take a good look at your capabilities to facilitate ‘working from home’. Often VPN connections and remote workplaces are in place to keep on going. While this looks like a no-brainer, it comes with it’s own challenges if the system wasn’t designed to be used by all employees at the same time. Especially in a stressful situation, you want everything to work as smoothly as possible.
Even when capacity is not an issue you still might have other challenges. Often employees have more restrictions and less access when working remotely, especially if working remotely is designed as a backup scenario. Due to these restrictions, there might be blocking processes which can severely hinder productivity. Map these in time, so you are not surprised in a stressful situation and you can take precautions.
Mind the hackers
The above measures maintain continuity of the business in an unusual situation. However, from an attacker perspective this is also an ideal situation to conduct social engineering attempts. This will put additional strain on the processes and personnel that provide support to your business. The knowledge and training of your support staff becomes crucial for spotting these attacks. Unusual circumstances cause unusual problems; with additional pressure to keep the business running smoothly, it’s hard to keep a clear head.
In summary, with all the different events going on during a crisis, it is of essence to have the right measures in place to keep moving forward. What can you do, now that you’ve almost finished reading this blog post?
- Review your business continuity plan for completeness
- Verify if your remote working solutions can handle the extra load
- Identify blocking processes due to limited authorizations
- Train your support staff to be aware of social engineering attempts that might come your way