Business Recovery and Continuity in a Mega Disaster: Cybersecurity Lessons Learned from the COVID-19 Pandemic

The COVID-19 pandemic has caused a significant shift to remote work, increasing cyber-attacks. Organizations need to have effective business continuity and disaster recovery plans, including secure remote workforce, penetration testing, threat hunting, endpoint security, and a zero-trust framework. This book provides practical coverage to prepare information security professionals for future disasters.

Format: Hardback
Length: 214 pages
Publication date: 21 April 2022
Publisher: Taylor & Francis Ltd

The COVID-19 pandemic has brought about a multitude of unprecedented consequences, one of which is the significant global shift from office work to remote work. This transition has posed significant challenges for information security professionals, as office workers are often provided with equipment that may not be properly secured or are required to use personal devices for office work. Moreover, the proliferation of videoconferencing has opened up new avenues for cyber-attacks, as hackers exploit vulnerabilities in these communication platforms.

When the pandemic struck, many organizations found themselves ill-prepared for the challenges that lay ahead. Many lacked comprehensive business continuity and disaster recovery plans, which left them vulnerable to the impacts of the pandemic. This lack of preparedness exposed organizations to a range of risks, including data breaches, system outages, and financial losses.

In response to these challenges, Business Recovery and Continuity in a Mega Disaster: Cybersecurity Lessons Learned from the COVID-19 Pandemic has been written. This book provides a comprehensive review of the pandemic and related information security issues. It then develops a series of lessons learned from this review, aimed at helping organizations prepare for the next global mega disaster.

Some of the key lessons learned from the book include:

The lack of vetting for third-party suppliers and vendors: Many organizations rely on third-party suppliers and vendors to provide critical services and products. However, the pandemic has highlighted the need for rigorous vetting of these suppliers to ensure that they meet security standards and are not vulnerable to cyber-attacks.

The lack of controls surrounding data privacy: With the increase in remote work, there has been a growing concern about the protection of personal identifiable information (PII) data sets. The pandemic has exposed the vulnerability of organizations to data breaches, as hackers exploit weaknesses in their systems and networks.

The intermingling of home and corporate networks: Many office workers are now using personal devices and home networks to access corporate resources. This intermingling of networks can create security vulnerabilities, as hackers can exploit weaknesses in one network to gain access to another.

The lack of a secure remote workforce: Remote work requires a secure and reliable workforce. However, the pandemic has highlighted the challenges of maintaining a secure remote workforce, as employees may be using unsecure devices or networks, or may be vulnerable to social engineering attacks.

The emergence of supply chain attacks: The pandemic has also brought about the emergence of supply chain attacks, where hackers exploit vulnerabilities in the supply chain to gain access to sensitive information or disrupt business operations.

To address these issues, CISOs and their security teams must have tools and methodologies in place to address the following:

The need for incident response, disaster recovery, and business continuity plans: Organizations must have comprehensive plans in place to respond to incidents, recover from disasters, and ensure business continuity in the event of a disruption. These plans should include measures to protect critical systems and data, as well as procedures for communication and coordination in the event of an emergency.

The need for effective penetration testing: Penetration testing is a critical tool for identifying vulnerabilities in systems and networks. CISOs and their security teams must regularly conduct penetration testing to identify weaknesses and ensure that they are addressed promptly.

The importance of threat hunting: Threat hunting is a proactive approach to identifying and mitigating cyber-attacks. CISOs and their security teams must use tools and techniques to identify potential threats and take action to prevent them from occurring.

The need for endpoint security: Endpoint security is essential for protecting devices and networks from cyber-attacks. CISOs and their security teams must implement robust security measures, such as antivirus software, firewalls, and intrusion detection systems, to protect their systems and data.

The need to use the SOAR model: The SOAR model is a framework for responding to incidents and managing cyber-attacks. CISOs and their security teams must use this model to identify, analyze, respond to, and recover from cyber-attacks.

The importance of a zero-trust framework: A zero-trust framework is a security model that assumes that no user or device is trusted by default. CISOs and their security teams must implement this framework to ensure that only authorized users and devices have access to sensitive information and systems.

This book provides practical coverage of these topics to prepare information security professionals for the challenges of the future. It is a valuable resource for CISOs, security managers, and anyone else who is responsible for protecting their organizations from cyber-attacks.

Dimension: 234 x 156 (mm)
ISBN-13: 9781032245324