Information Security Governance in Times of Pandemic
On the heels of my webinar on Technology Best Practices in During a Pandemic, I presented with my colleague Jeffrey Bernstein, Director of Marcum Technology’s Cybersecurity practice, on the companion topic – Information Security Governance in Times of Pandemic. As is mentioned in the earlier slides, the disruption we’re facing comes with new information security risks. Fore many of the nonprofits that I work with and speak to, the top priority in March and April was getting people working remotely, and that understandably took priority. But now that the technical hurdles have presumably become more manageable, it’s time to think about the increased risks.
The risks fall into two categories: Internal and external. Internally, your staff might now be using home computers and routers to perform company business. Do you know how secure those systems are? Do the computers have adequate threat protection software? Do the routers have unique passwords?
Externally, the scammers are out in force and their texts and emails are extra compelling in an environment where we all are on a heightened alert for our health.
Certainly, organizations that had mature security plans and procedures were better prepared for this than those just scraping by. The presentation linked below starts by addressing the urgent items, but covers the range of what you should do both during and after the current crisis ends.