As corporations are forced to rapidly adapt to a new environment in order to remain viable, securing data and infrastructure must be taken into consideration when changes are made. Considerations such as:
- Does your VPN have the latest updates and patches?
- Do you have multi-factor authentication implemented to help protect against credential theft?
- How do you protect remote workers when your assets sit on untrusted networks?
- Do you understand your risk tolerance including the controls and processes around them?
- How do you adjust your risk management practices in the age of global pandemics?
When the reactive stage has finally calmed down, it will be time to examine your security posture from beginning to end according to 5 stages of mature security methodology to mitigate risk:
Stage 1: Identify
Develop an understanding of how best to manage risk to systems, assets, data, and capabilities.
Stage 2: Protect
Ensure the delivery of critical infrastructure services.
Stage 3: Detect
Implementation of the appropriate activities to identify the event early.
Stage 4: Response
Ensure the ability of a timely response to contain the impact of a potential cybersecurity event.
Stage 5: Recover
Recovery processes and procedures are executed and maintained to ensure timely restoration of affected systems and assets.