The coronavirus crisis creates critical operational challenges for business continuity and puts management under great pressure.
As a result, CIOs and CISOs face a double challenge at the forefront of the cyber threat: in addition to the new risks posed by the massive remote transfer of employees, it is more difficult than ever to get managers to invest more in security.
The PPT Definitive Corona Cyber Security for Management model provides security managers with a simple and intuitive tool to present the current security situation to management and translate it into a tangible business risk, as well as an argument for closing any gaps.
From the point of view of the CISO, it is difficult to understand what should be explained here – working remotely equates to a huge increase in attempts to steal accounts remotely. Monitoring a malicious remote connection with critical sources becomes extremely difficult, if not impossible.
Employees who work at home with personal devices are vulnerable to malware and phishing attempts. So it goes without saying that immediate action – and resources – are needed to adapt cyber defence to the new reality, isn’t it?
Unfortunately, in many cases this is not the case.
An intuitive link between, for example, a remote malicious connection and a critical business risk is not what management normally does, nor is it a link between the resources needed to proactively respond to that risk and those needed to address the potential – or probable – breakthrough that may result from that uncontrolled exposure.
Therefore, in addition to identifying new risks, the CISO needs to bring them to the attention of management so that it is absolutely clear that this is not a technological issue, but a business continuity issue. The discussion should focus on the level of risk that an organisation can reduce by deciding on the allocation of additional resources rather than on the main theme of the discussion.
The PPT Corona Cyber Security for Management model (downloadable here) was created by Cynet to help CISO meet this challenge and provide CISO with the best tool to inform the management of Corona cyber threats. The SPT includes :
- A list of high-level threats prevented or aggravated by the quarantine of the coronavirus.
- Identifying these threats according to concrete business risks.
- A comparison of existing security technologies with new threats, showing which threats have been addressed and which ones are still effective.
- Facts and figures about the functioning of the security group, showing how it has changed during the coronavirus.
- Gaps have been identified, priorities have been set and alternative solutions have been proposed.
Of course, not one size fits all, and the cyber risk of one organisation is never the same as that of another.
The model is thus modular, so that each CISO can easily adapt it to his or her needs.
Regardless of customer-specific modifications, the model in all its variations follows the theme of business risks and not just technology.
Download here the PPT model of Corona Cyber Security for Management.