Fusion Risk Management Inc., a provider of disaster recovery software and services, this week announced it will make available an online pandemic readiness toolkit.
Company CTO Corey Cowgill said the goal is to provide organizations with timely and reputable resources, including cybersecurity best practices, to help organizations maintain business continuity during the COVID-19 pandemic.
He noted many organizations are accelerating their transition to the cloud by first increasing their reliance on software-as-a-service (SaaS) applications followed quickly by migrating on-premises workloads to the cloud as much as possible. The challenge that creates from a cybersecurity perspective is that it’s highly probable many of those cloud services will be misconfigured, he said.
Most cloud services employ a “shared responsibility” approach to cybersecurity under which they secure the core platform. However, the management of everything from credentials to securing network connections is the responsibility of the end customer. Even in the best of times, Cowgill said most cloud cybersecurity issues can be traced back to misconfigurations.
Cowgill also noted that organizations that rely on virtual private networks (VPNs) are likely to encounter network bandwidth issues as more employees work from home. In contrast, organizations that are early adopters of zero-trust networks will find that lighter-weight approaches to securing networks will also provide endpoints with bandwidth that can more easily scale up and down as required.
From a process perspective, many organizations soon will discover their business continuity plans are woefully out of date, as many of those plans were crafted years ago and have not been updated to reflect such things as the broad availability of cloud services, said Cowgill. To facilitate the updating of business continuity plans, the online resources being made available by Fusion include exportable content, including a high-level pandemic plan template, and a map with COVID-19 outbreak statistics from the John Hopkins Medical Center. There are also links to credible sources as well as whitepapers, blogs, videos and other resources prepared by Fusion experts. The plan is to continuously update the site with additional content over the days and months ahead, said Cowgill.
At the same time, Facebook, Google, Microsoft, Twitter and others also announced this week they will collaborate to combat both COVID-19 fraud and misinformation.
In some regions, outdated business continuity plans are already being put to the test with mixed results. Businesses based on other regions, however, still have time to update their business continuity strategy. The challenge they will face is cybercriminals clearly view the pandemic as an opportunity to launch more attacks. For example, a cyberattack was launched this week against the U.S. Department of Health and Human Services (HHS).
It may be months before the COVID-19 pandemic subsides. Cybersecurity teams will need to develop both short- and long-term strategies for defending an attack surface that has become much wider almost overnight. The biggest issue they are likely to face, however, is getting their organizations to pay attention to cybersecurity issues at a time when nerves have already begun to fray.