What happens when understaffed security teams at home and abroad are sequestered in physical quarantine zones?
Cyber attackers are barraging businesses with phishing lures touting fake info about the Coronavirus. And although the lures may be fake, the security and business continuity threats that some IT departments are preparing for are quite real. One big question: “If workers are sequestered in physical quarantine zones, will IT and SecOps be able to continue”, asks Brian McCarthy co-founder and CSE from Cherub Availability Services.
Initially, businesses may dismiss this risk until the virus reaches their regions. However, the risk is more prevalent as the IT supply chain becomes more global and organizations rely on overseas IT services — from help desks to 24/7 SOC-as-a-service. The concern is not just that workers themselves may get infected by the virus; the concern is that employees, contractors, and service providers’ workers who are not infected could nevertheless be quarantined for being in physical proximity to the infected individual.
“If you’ve got 200 workers working in one place and one of them presents themselves with the illness, it’s pretty likely the government is going to quarantine everybody,” says Edward Minyard, senior consultant at IP Architects, who was an Accenture consultant working with Mexico City on pandemic prevention during the H1N1 virus spread in 2009. “And the current [quarantine] protocol is for 14 days. So that can have a material impact on folks’ planning.
“If you’ve got a large outsourced facility, for example, for your security management, or any facility with a large number of people in it, you probably don’t want to bring 100 people together and put them in a small room unless you yourself have some evidence that they have not been affected. … And the second part of the challenge is they may not be able to get there. Or even want to go there.”
Minyard says his American clients are beginning to consider the secondary impact they may feel if the virus further expands in, for example, India, a source of so many IT services. (Although India shares its norther border with China, it has thus far experienced 3,000+ dead of the virus, according to the World Health Organization, all of which are in Kerala, a western coastal state that does not border China.)
Nevertheless, Indian businesses have reported disruptions because of the stoppages in shipments from China, where over 45,000 confirmed infections and over 1,000 deaths have been reported, and many millions are in quarantine. All the way over in Barcelona, Mobile World Congress — the world’s biggest trade show for the mobile phone industry — was canceled just one week before it was set to start.
This same challenges also apply to telecoms, electric companies, “and all the others that maintain the networks that are supposed to be supporting the rest of us,” Minyard says. If they aren’t ready, you won’t either.
“From the perspective of business continuity and continuity of operations, this is a real thing,” he says. “This is not speculation. This is going on, and we don’t know how bad it’s going to be. Should you have all your eggs in one basket … I’d be thinking of a different plan,” says McCarthy. Start doing now, think cloud for backup, recovery and continuity. Start with your SIEM team, have the after hours be part of an outsourced vendor.
IT security departments, already short-staffed, could be stressed even further than most other teams. And that’s something about the coronavirus that cyber attackers will surely capitalize on — just as they have already.
For further information contact us at: info@CherubAS.com or call (407) 416-7955. Complete our form and we will emailed a eBook.