The impact of Covid-19 on Cyber Security Presentation by Control Risks James Owen – Partner, Cyber, EMEA William Brown – Director, Cyber, Middle East
1 Control Risks Cyber attacks exploiting the pandemic Share of attack vector of organized operations since Intent of organized operations since January January Phishing 16% Drive-by compromise Financial theft Espionage Remote services 51% Disruption 33% Denial of service (DoS) 0% 10% 20% 30% 40% 50% 60% 70% Count of organized operations since 20 Count of new domain registrations containing COVID-19 January term since January 15 6000 5000 4000 3000 10 2000 1000 0 5 0 January February March April Risk score high Risk score low
2 Control Risks Managing risk at a distance – our remote working reality CAPACITY VOLATILITY DIFFICULTY Lack of bandwidth Less visibility The human factor Service provider issues Variation and exceptions Work/life blur Device/license inventory Manual processes Insider activity Help desk overload Response and remediation BCP viability Significant regional variation: LatAm – Africa – North America – Europe – Asia – Middle East
3 Control Risks Ensuring security and resilience when working from home Secure access to Appropriate and Secure endpoints Recovery resources repeated awareness
4 Control Risks Managing cyber incidents in a time of Covid Recovery Readiness Response Implementation / Training Strategy / Plan development Business impact analysis The COVID- 19 impact on the ‘recovery curve” Exercise Review Audit Resumption/incremental recovery Crisis Management Preparation & Planning
5 Control Risks The recovery process The recovery team follows a process to answer critical questions and implement solutions to get you back to growth Objectives External Internal Risks Go! What kind of a How will the What do we need What are our company do we market and players to change threats and Accelerated want to be, post- be different, and internally in order vulnerabilities in implementation COVID-19 crisis? where will the to be able to the post-COVID of changes to growth execute on the world? your business opportunities be? identified How can we will be required opportunities mitigate risks in to capture order to have the opportunity best chances of capturing growth opportunities?
6 Control Risks Planning for business resumption and the eventual recovery Assess the readiness and security of devices and infrastructure Review incident, crisis management and business resilience plan reviews Supply chain vulnerability assessments Embedding information security control reviews Insider risk assessments Data privacy and security exposure assessments
7 Control Risks Questions
8 Control Risks Contact us William Brown James Owen Director Partner William.brown@controlrisks.com James.owen@controlrisks.com
controlrisks.com coronavirus@controlrisks.com
Recommend
More recommend
