Business Recovery and Continuity in a Mega Disaster: Cybersecurity Lessons Learned from the COVID-19 Pandemic

The COVID-19 pandemic has caused a significant shift to remote work, increasing cyber-attacks. Organizations need to have effective business continuity and disaster recovery plans, including secure remote workforce, penetration testing, threat hunting, endpoint security, and a zero-trust framework. This book provides practical coverage to prepare information security professionals for future disasters.

Format: Paperback / softback
Length: 214 pages
Publication date: 21 April 2022
Publisher: Taylor & Francis Ltd

The COVID-19 pandemic has brought about a multitude of unprecedented consequences, one of which is the significant global shift from office work to remote work. This transition has posed significant challenges for information security professionals, as office workers are often provided with equipment that may not be properly secured or are required to use personal devices for office work. Moreover, the proliferation of videoconferencing has opened up new avenues for cyber-attacks, as hackers exploit vulnerabilities in these communication platforms.

When the pandemic struck, many organizations found themselves ill-prepared for the challenges that lay ahead. Many lacked comprehensive business continuity and disaster recovery plans, which left them vulnerable to the impacts of the pandemic. This lack of preparedness exposed organizations to a range of risks, including data breaches, system outages, and financial losses.

In response to these challenges, Business Recovery and Continuity in a Mega Disaster: Cybersecurity Lessons Learned from the COVID-19 Pandemic has been written. This book provides a comprehensive review of the pandemic and related information security issues. It then develops a series of lessons learned from this review, aimed at helping organizations prepare for the next global mega disaster.

Some of the key lessons learned from the book include:

The lack of vetting for third-party suppliers and vendors: Many organizations rely on third-party suppliers and vendors to provide critical services and products. However, the pandemic has highlighted the need for thorough vetting of these suppliers to ensure that they are reliable and have adequate security measures in place.

The lack of controls surrounding data privacy: With the increase in remote work, there has been a growing concern about the protection of personal identifiable information (PII) data sets. The pandemic has exposed the vulnerability of organizations to data breaches, as hackers target remote workers and their devices.

The intermingling of home and corporate networks: Many office workers are now using personal devices and home networks to access corporate resources. This intermingling of networks can create security vulnerabilities, as hackers can exploit weaknesses in one network to gain access to another.

The lack of a secure remote workforce: Remote work requires a secure and reliable workforce. However, the pandemic has highlighted the challenges of maintaining a secure remote workforce, as workers may be using unfamiliar devices and networks, and may be susceptible to social engineering attacks.

The emergence of supply chain attacks: The pandemic has also brought about the emergence of supply chain attacks, where hackers target organizations through their suppliers and vendors. These attacks can have far-reaching consequences, as they can compromise the security of an entire organization.

To address these issues, CISOs and their security teams must have tools and methodologies in place to address the following lessons learned. These include:

The need for incident response, disaster recovery, and business continuity plans: Organizations must have comprehensive plans in place to respond to incidents, recover from disasters, and ensure business continuity. These plans should include measures to protect critical assets, identify potential risks, and develop strategies to mitigate those risks.

The need for effective penetration testing: Penetration testing is a critical tool for identifying vulnerabilities in an organization's systems and networks. CISOs and their security teams should regularly conduct penetration testing to identify potential weaknesses and ensure that they are addressed promptly.

The importance of threat hunting: Threat hunting is a proactive approach to identifying and mitigating potential threats before they become a problem. CISOs and their security teams should invest in threat hunting programs to identify emerging threats and develop strategies to address them.

The need for endpoint security: Endpoint security is essential for protecting devices and networks from malicious attacks. CISOs and their security teams should implement robust endpoint security solutions, such as antivirus software, firewalls, and intrusion detection systems.

The need to use the SOAR model: The SOAR model is a framework for responding to incidents and managing threats. CISOs and their security teams should use the SOAR model to automate response processes, improve collaboration, and reduce the response time to incidents.

The importance of a zero-trust framework: A zero-trust framework is a security model that assumes that no user or device is trusted by default. CISOs and their security teams should implement a zero-trust framework to ensure that only authorized users and devices have access to sensitive resources.

This book provides practical coverage of these topics to prepare information security professionals for the challenges of the future. It is a valuable resource for CISOs, security managers, and anyone else who is responsible for protecting their organization's assets from the threats of the digital age.

Dimension: 234 x 156 (mm)
ISBN-13: 9780367685737