4 strategies for balancing cybersecurity and business continuity planning during the coronavirus outbreak

Introduction

As cybersecurity conferences worldwide cancel events, the impact of the coronavirus (COVID-19) on the industry comes close to home. At least two people who attended the annual RSA cybersecurity conference were officially diagnosed with the virus, with one placed in a medically induced coma. Compounding this industry impact, many companies have started initiating new “work from home” requirements for nonessential employees, including Apple and Google.

While companies brace for the coming changes that COVID-19 seems to be bringing, cybersecurity and compliance professionals find themselves struggling to balance workforce, member and data security. With this in mind, organizations should consider the following business continuity planning and cybersecurity strategies as they create their coronavirus preparedness plans. 

What are the current governmental directives regarding COVID-19?

In late February 2020, the Centers for Disease Control (CDC) released its “Interim Guidance for Businesses and Employers.” This reads in part:

Important Considerations for Creating an Infectious Disease Outbreak Response Plan

All employers should be ready to implement strategies to protect their workforce from COVID-19 while ensuring continuity of operations. During a COVID-19 outbreak, all sick employees should stay home and away from the workplace, respiratory etiquette and hand hygiene should be encouraged, and routine cleaning of commonly touched surfaces should be performed regularly.

Employers should:

  • Ensure the plan is flexible and involve your employees in developing and reviewing your plan.
  • Conduct a focused discussion or exercise using your plan, to find out ahead of time whether the plan has gaps or problems that need to be corrected.
  • Share your plan with employees and explain what human resources policies, workplace and leave flexibilities, and pay and benefits will be available to them.

The Occupational Safety and Health Administration (OSHA) and Health and Human Services (HHS) issued a joint guidance of their own which (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Karen Walsh. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/B0etrqpOFpA/