Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

The Impact of COVID-19 on Information Security

63 views

Published on

This presentation was delivered in Session 1 and Session 2 of The Impact of COVID-19 on Information Security webinars delivered the week of 3/16. The purpose is to help people put information security into context during the COVID-19 pandemic and to help people make their necessary transitions.

The topics discussed were:
- Introductions.
- Before we get started.
--- #1 – The current state of affairs.
--- #2 – My pledge.
--- #3 – FRSecure Open Letter.
--- #4 – Ideas we’re kicking around.
- Topics:
--- What is the impact of COVID-19 on information security?
--- How to securely shift employees to remote work during social distancing.
--- Some of the current social engineering scams around COVID-19 and how to avoid them.
--- How to create or adjust your business's disaster recovery plan.
- Where to go if/when you need help.

Published in: Business
  • Be the first to comment

  • Be the first to like this

The Impact of COVID-19 on Information Security

  1. 1. _________________ A special webinar by FRSecure Hosted by: Evan Francen, FRSecure CEO With a TON of support from our team.
  2. 2. _________________ Agenda • Introductions. • Before we get started. • Our topics. • How to securely shift employees to remote work during social distancing. • Some of the current social engineering scams around COVID-19 and how to avoid them. • How to create or adjust your business's disaster recovery plan. • Where to go if/when you need help. #MissionBeforeMoney
  3. 3. _________________ Introductions You know me? Maybe you think you do… Evan Francen, FRSecure CEO (and chief introvert) • I do a bunch of information security stuff. • I started some things (FRSecure in 2008, SecurityStudio in 2017) • I create some things (S²Score, S²Org, S²Vendor, S²Team, S²Me, etc.) • I do some talks here and there (30ish/year, weekly UNSECURITY Podcast, etc.) • I do some writing (UNSECURITY published last year) • I do some teaching (CISSP Mentor Program, 6 students  1,000+ students) #MissionBeforeMoney
  4. 4. _________________ Introductions Who from FRSecure is here? Say “hi”, tell us your name and what you do… #MissionBeforeMoney
  5. 5. _________________ Before we get started. Some things to share with you. #1 – The current state of affairs. • Unprecedented events. • In less than two weeks, we’ve stepped into the Twilight Zone: • Schools are closed. • Travel is restricted. • Professional sports are on hold. • Gatherings of any scale are cancelled; theme parks, concerts, parties, weddings, etc. • No TP, hand sanitizer, canned goods, etc. #MissionBeforeMoney
  6. 6. https://github.com/CSSEGISandData/COVID-19/tree/master/csse_covid_19_data/csse_covid_19_time_series We’re NOT medical experts. We’re information security people, reason people, and mathy people. #MissionBeforeMoney
  7. 7. https://github.com/CSSEGISandData/COVID-19/tree/master/csse_covid_19_data/csse_covid_19_time_series #MissionBeforeMoney
  8. 8. _________________ Before we get started. Some things to share with you. Should you panic? • NO!!! • The math sort of tells us a couple things: • We (probably) haven’t turned the corner yet. • This will (probably) go on longer than you or I want it to. • We (probably) aren’t too late. • If you get infected (unlikely), it’s (probably) not a death sentence. .0019% of the US population has been infected (that we know). .000033% of the US population has not survived (that we know). The key is isolation. This is fine for an introvert like me, but not for everyone… In a welcome piece of good news about Covid-19, a team of infectious disease experts calculates that the fatality rate in people who have symptoms of the disease caused by the new coronavirus is about 1.4% https://www.statnews.com/2020/03/16/lower-coronavirus-death-rate-estimates/ #MissionBeforeMoney
  9. 9. _________________ Before we get started. Some things to share with you. #2 – My pledge. • I will NOT panic. • I will NOT give in to fear. • I WILL think things through. • I WILL make prudent decisions based upon the best (non-biased) information available. • I WILL be the person I’ve always been and learn to be better. • I WILL help my fellow humans whenever and however I can, putting my family first. • I will NOT use this (or anything else) to take advantage of people, and • I will NEVER put someone in danger if I can help it. #MissionBeforeMoney https://www.linkedin.com/posts/evanfrancen_coronavirus-panic-fear-activity-6645385153218703361-GJ9B
  10. 10. _________________ Before we get started. Some things to share with you. #3 – FRSecure Open Letter. • FRSecure's Commitment to You Regarding COVID-19 - March 16, 2020 Open Letter • Sent via email to all contacts on 3/16. • Posted to LinkedIn on 3/17 • Essentially, FRSecure is taking all prudent steps, we will be there for each other and all customers, and we expect no disruption to service. https://www.linkedin.com/pulse/frsecures-commitment-you-regarding-covid-19-march-16-evan-francen/ #MissionBeforeMoney
  11. 11. _________________ Before we get started. Some things to share with you. #4 – Ideas we’re kicking around. • FRSecure & SecurityStudio Daily inSANITY Check-in • Frequent webinars about the topics you tell us you want • Creating free tools and content you tell us you want/need and some stuff that we think you want/need. • We are, and will continue to be a stable and calm influence throughout the COVID-19 pandemic. • We will provide safe places for people to come and express opinions about information security (or anything else). Stay tuned. We tell you how to at the end. #MissionBeforeMoney
  12. 12. _________________ Before we get started. OK. Transition… We have other stuff to talk about too! • What is the impact of COVID-19 on information security? • How to securely shift employees to remote work during social distancing. • Some of the current social engineering scams around COVID-19 and how to avoid them. • How to create or adjust your business's disaster recovery plan. #MissionBeforeMoney
  13. 13. _________________ What is the impact of COVID-19 on information security? What is the impact of COVID-19 on information security? • Data doesn’t exist for many of the specifics, so we rely on our experiences and the (non-quantifiable) inputs we do have. • Based upon what we know about people, and the people who take advantage of people (attackers), this is what we know: • People are and will be (justifiably) distracted. • Attacks will increase in frequency, and maybe impact too. • From this, we created the bass and the barracuda diagrams to illustrate. Stick with me, I’ll explain… #MissionBeforeMoney
  14. 14. _________________ What is the impact of COVID-19 on information security? The Bass Don’t be a bass. #MissionBeforeMoney
  15. 15. _________________ What is the impact of COVID-19 on information security? The Barracuda Be a barracuda! The key is to maintain awareness. #MissionBeforeMoney
  16. 16. _________________ How to securely shift employees to remote work during social distancing. • Let’s discuss. • What are the best practices that all organizations should employ? • People. • Technological. • Physical. One idea to help you… #MissionBeforeMoney
  17. 17. _________________ A special webinar by FRSecure Hosted by: Evan Francen, FRSecure CEO With a TON of support from our team.
  18. 18. THE IMPACT OF COVID-19 ON INFOSEC PT. 2 WHERE WE LEFT OFF • How to communicate with vendors from home (especially if vendors are working from home too)? • How do you feel about letting users use their personal computer to connect to their organization’s computer such as LogMeIn? • What about old Windows 7 PC's? Probably shouldn’t use these for work, but could family use these for school? • How about connecting remote workers into their VM using a web interface/browser? Any issues to watch out for? • How would one harden against a split tunnel situation? • Any thoughts on required printing when working from home and potential for PII or other sensitive information? • Assuming this situation is temporary, what tools/techniques can you recommend to document the changes so that we don't miss undoing any of the adjustments we make to infrastructure, etc.? UNANSWERED Q&A FROM LAST SESSION #MissionBeforeMoney
  19. 19. _________________ How to securely shift employees to remote work during social distancing. • Let’s discuss. #MissionBeforeMoney
  20. 20. _________________ How to securely shift employees to remote work during social distancing. • Let’s discuss. #MissionBeforeMoney
  21. 21. _________________ How to securely shift employees to remote work during social distancing. • Let’s discuss. #MissionBeforeMoney
  22. 22. _________________ How to securely shift employees to remote work during social distancing. • Let’s discuss. Press release this morning that S2Me and S2Team are available at no cost. #MissionBeforeMoney
  23. 23. _________________ Quick Question (maybe two) What’s next… #MissionBeforeMoney
  24. 24. _________________ Some of the current social engineering scams around COVID-19 and how to avoid them. https://arstechnica.com/information- technology/2020/03/the-internet-is-drowning-in-covid-19- related-malware-and-phishing-scams/ https://www.modernhealthcare.com/cybersecurity/hackers- taking-advantage-covid-19-spread-malware https://globalnews.ca/news/6690907/coronavirus-peterborough- scams/ https://www.wxyz.com/news/national/coronavirus/police-warn-of-covid-19- scams-that-target-elderly-population-in-metro-detroit #MissionBeforeMoney
  25. 25. _________________ Quick Question (maybe two) What’s next… #MissionBeforeMoney
  26. 26. _________________ How to create or adjust your business's disaster recovery plan. • More discussion. • How many of us have a disaster recovery plan? • Of those who have them, how many are worth salvaging versus starting over? • Do pandemics usually go in a disaster recovery plan or a business continuity plan or both? • And maybe more… #MissionBeforeMoney
  27. 27. _________________ Quick Question (maybe two) What’s next… #MissionBeforeMoney
  28. 28. _________________ What now? Please let us know how we can serve you! • Contact us: • Web: https://frsecure.com/contact/ • Phone: 877-384-2069 • Follow us: • FRSecure Twitter: @frsecure • Evan Twitter: @evanfrancen • FRSecure LinkedIn: https://www.linkedin.com/company/frsecure-llc • Evan LinkedIn: https://www.linkedin.com/in/evanfrancen/ #MissionBeforeMoney Please be safe!

×