When the first case of Coronavirus was reported in China, little did we know that it will bring the entire world to an almost standstill like situation. But as the virus started showing its ugly and dangerous sides, and the situation changed dynamically, the reactions of both nation states and businesses dramatically changed. India decided to lockdown itself initially for a period of 21 days followed by a recent extension of 15 more days with some alterations.
Besides the healthcare crisis and the spiralling death count that the entire world is grappling with another area that needs a mention is cybersecurity and business continuity from business point of view.
Even the World Economic Forum is of the opinion that:
- The COVID-19 pandemic poses the risk of increased cyberattacks.
- Hackers are targeting people’s increased dependence on digital tools.
- Strategies to maintain cybersecurity include maintaining good cyber hygiene, verifying sources and staying up-to-date on official updates.
As the situation unfolds and changes dynamically, it continues to disrupt economic, political and social systems. And, the most pertinent threat on the rise is the risk of cyberattacks and continuity of business.
As part of our continuous dialogue with the industry, we have been bringing a series of observations and opinions from both technology and security leaders in different forms.
In the series, below are the quick takes from Subhajit Deb, Chief Information Security Officer, Dr. Reddy’s Laboratories, India.
Business Continuity : It’s the time for a true litmus test in times like this. A real life live drill for a BCP situation – especially a pandemic – is a test for readiness, business alignment and preparation that went on for all these years. Invoking the BCP, running the call tree, fine-tuning the associated criticality matrix and most importantly – the crisis communication – became very critical for us.
From a technology perspective, the BIA came in handy for prioritization of key critical processes, people and applications and allowed a structured transition to the BCP-mode of operation from the usual mode in the shortest possible time.
Remote Connectivity: The criticality of people and the associated impact of their ‘absence’ became the key consideration to handle the situation. Some of the basic security practices in place such as device hardening, full-disk encryption, strict governance on anti-virus and patches and USB blocks elevated the ‘confidence’ of security in these difficult times. Usage of secure-VPN and proxy gateway in place ensured a seamless Zero-Trust network. With virtual desktop infra setup being on cloud, the scale up was fast and induced a robust security infrastructure for critical applications accessed from an external network. An area that I want to highlight here is the ‘security monitoring’. We had to ramp up monitoring manifold to ensure a heightened monitoring and detection.
Digital and Cyber Risks: In times like this, focus on the user-induced risks are more important than any other cyber and digital risks. Risky sign-in attempts through EUBA, stringent phishing filter rules, suspicious traffic monitoring on SIRM/NTA, blocking of unauthorised traffic over risky ports, restricted access to internet, culling down local admin rights, etc. were some of the key measures that were enforced. Change management and testing on-the-fly for new apps (either built or bought) for critical business needs also needed the security team to be agile and dynamic.
Overall, this reshaped most of the security operations and will very well change how security will prepare and act in the future.