During the COVID 19 crisis many organizations had to shift to Work From Home in a very short notice. During this time it is very important to keep your management and team members informed. Here is a sample cyber security update for your management during the COVID 19 pandemic.
Sample Cyber Security Update For Management
I wanted to keep you all updated on the progress on cyber security posture of "Your Company" and also the overall industry. Please find below some of the key updates:
Rapid rise in cyber attacks in recent times
- Covid19 has caused organizations to move to work from home or go online without adequate preparation and that has caused rapid change in attack surface for which organizations are not prepared. We had been relatively well prepared with (please put in the complete list) VPN, DLP, Red teaming/Pen Test and multiple other security programs in place.
Hackers are capitalizing the fear of Covid19 for social engineering
- There is a rapid rise in social engineering attacks leveraging Covid19 related messages. We had been preparing ourselves through regular awareness campaigns. However we need to be continuously aware since all it takes is a single lapse in judgement to cause a breach.
Smooth work from home transition & crisis response
- We had seamlessly moved to work from home with a decent level of security in place including DLP, VPN, Bitlocker encryption, multiple awareness campaigns on secure work from home. Our BCP preparation and security preparedness came handy in this situation.
Security Technologies and Programs which we executed
We have executed multiple security programs in the last couple of quarters. Following are some of the top ones (here is a sample list that are must have)
- Red teaming and attack simulation
- DLP
- Bitlocker encryption
- Security awareness campaigns
- Third party risk management
- Risk assessment for Rich Relevance
- Vulnerability management program
- Security program/architecture review
- Cyber crisis drill
- Security rating
- ISO 27001
- Backups including offline backup of Internal IT
- Cyber Insurance etc
- SOC/SIEM to detect attackers
- PIM/PAM
- WAF
Security Programs Going forward
- Please include some of the key areas we are focusing on includes
- Ongoing security management for all implemented solutions
Being paranoid and staying safe
We are facing an unprecedented crisis which the world has never seen before. We need to stay paranoid and agile to respond and recover from any crisis. The largest of the organizations continually faces breaches. We must remain paranoid.
Requests for all of you
- Management personnel are being widely targeted. Please remain on vigil and observe security best practices and maintain security hygiene
- Please do let me know if you notice any possible security weakness or alert us if you find anything suspicious.
- If you have any ideas please do share with our security team
Please feel free to reach out to us anytime. Stay safe.
Comments