_________________
A special webinar by FRSecure
Hosted by: Evan Francen, FRSecure CEO
With a TON of support from our team.

_________________
Agenda
• Introductions.
• Before we get started.
• Our topics.
• How to securely shift employees to remote work during social
distancing.
• Some of the current social engineering scams around COVID-19
and how to avoid them.
• How to create or adjust your business's disaster recovery plan.
• Where to go if/when you need help.
#MissionBeforeMoney

_________________
Introductions
You know me? Maybe you think you do…
Evan Francen, FRSecure CEO (and chief introvert)
• I do a bunch of information security stuff.
• I started some things (FRSecure in 2008, SecurityStudio in 2017)
• I create some things (S²Score, S²Org, S²Vendor, S²Team, S²Me, etc.)
• I do some talks here and there (30ish/year, weekly UNSECURITY
Podcast, etc.)
• I do some writing (UNSECURITY published last year)
• I do some teaching (CISSP Mentor Program, 6 students  1,000+
students)
#MissionBeforeMoney

_________________
Introductions
Who from FRSecure is here?
Say “hi”, tell us your name and what you do…
#MissionBeforeMoney

_________________
Before we get started.
Some things to share with you.
#1 – The current state of affairs.
• Unprecedented events.
• In less than two weeks, we’ve stepped into the Twilight Zone:
• Schools are closed.
• Travel is restricted.
• Professional sports are on hold.
• Gatherings of any scale are cancelled; theme parks, concerts,
parties, weddings, etc.
• No TP, hand sanitizer, canned goods, etc.
#MissionBeforeMoney

https://github.com/CSSEGISandData/COVID-19/tree/master/csse_covid_19_data/csse_covid_19_time_series
We’re NOT medical experts. We’re
information security people, reason
people, and mathy people.
#MissionBeforeMoney

https://github.com/CSSEGISandData/COVID-19/tree/master/csse_covid_19_data/csse_covid_19_time_series
#MissionBeforeMoney

_________________
Before we get started.
Some things to share with you.
Should you panic?
• NO!!!
• The math sort of tells us a couple things:
• We (probably) haven’t turned the corner yet.
• This will (probably) go on longer than you or I want it to.
• We (probably) aren’t too late.
• If you get infected (unlikely), it’s (probably) not a death sentence.
.0019% of the US population has
been infected (that we know).
.000033% of the US population has
not survived (that we know).
The key is isolation.
This is fine for an introvert like
me, but not for everyone…
In a welcome piece of good news about Covid-19, a team of infectious
disease experts calculates that the fatality rate in people who have
symptoms of the disease caused by the new coronavirus is about 1.4%
https://www.statnews.com/2020/03/16/lower-coronavirus-death-rate-estimates/
#MissionBeforeMoney

_________________
Before we get started.
Some things to share with you.
#2 – My pledge.
• I will NOT panic.
• I will NOT give in to fear.
• I WILL think things through.
• I WILL make prudent decisions based upon the best (non-biased) information
available.
• I WILL be the person I’ve always been and learn to be better.
• I WILL help my fellow humans whenever and however I can, putting my family first.
• I will NOT use this (or anything else) to take advantage of people, and
• I will NEVER put someone in danger if I can help it.
#MissionBeforeMoney
https://www.linkedin.com/posts/evanfrancen_coronavirus-panic-fear-activity-6645385153218703361-GJ9B

_________________
Before we get started.
Some things to share with you.
#3 – FRSecure Open Letter.
• FRSecure's Commitment to You Regarding COVID-19 - March 16, 2020
Open Letter
• Sent via email to all contacts on 3/16.
• Posted to LinkedIn on 3/17
• Essentially, FRSecure is taking all prudent steps, we will be there
for each other and all customers, and we expect no disruption to
service.
https://www.linkedin.com/pulse/frsecures-commitment-you-regarding-covid-19-march-16-evan-francen/
#MissionBeforeMoney

_________________
Before we get started.
Some things to share with you.
#4 – Ideas we’re kicking around.
• FRSecure & SecurityStudio Daily inSANITY Check-in
• Frequent webinars about the topics you tell us you want
• Creating free tools and content you tell us you want/need and some
stuff that we think you want/need.
• We are, and will continue to be a stable and calm influence
throughout the COVID-19 pandemic.
• We will provide safe places for people to come and express opinions
about information security (or anything else).
Stay tuned.
We tell you how to at the end.
#MissionBeforeMoney

_________________
Before we get started.
OK. Transition…
We have other stuff to talk about too!
• What is the impact of COVID-19 on information security?
• How to securely shift employees to remote work during social
distancing.
• Some of the current social engineering scams around COVID-19 and
how to avoid them.
• How to create or adjust your business's disaster recovery plan.
#MissionBeforeMoney

_________________
What is the impact of COVID-19 on information security?
What is the impact of COVID-19 on information security?
• Data doesn’t exist for many of the specifics, so we rely on our
experiences and the (non-quantifiable) inputs we do have.
• Based upon what we know about people, and the people who take
advantage of people (attackers), this is what we know:
• People are and will be (justifiably) distracted.
• Attacks will increase in frequency, and maybe impact too.
• From this, we created the bass and the barracuda diagrams to
illustrate.
Stick with me, I’ll explain…
#MissionBeforeMoney

_________________
What is the impact of COVID-19 on information security?
The Bass
Don’t be a bass.
#MissionBeforeMoney

_________________
What is the impact of COVID-19 on information security?
The Barracuda
Be a barracuda!
The key is to maintain
awareness.
#MissionBeforeMoney

_________________
How to securely shift employees to remote work during
social distancing.
• Let’s discuss.
• What are the best practices that all organizations should employ?
• People.
• Technological.
• Physical.
One idea to help you…
#MissionBeforeMoney

_________________
A special webinar by FRSecure
Hosted by: Evan Francen, FRSecure CEO
With a TON of support from our team.

THE IMPACT OF COVID-19 ON INFOSEC PT. 2
WHERE WE LEFT OFF
• How to communicate with vendors from home (especially if vendors are working from
home too)?
• How do you feel about letting users use their personal computer to connect to their
organization’s computer such as LogMeIn?
• What about old Windows 7 PC's? Probably shouldn’t use these for work, but could family
use these for school?
• How about connecting remote workers into their VM using a web interface/browser? Any
issues to watch out for?
• How would one harden against a split tunnel situation?
• Any thoughts on required printing when working from home and potential for PII or other
sensitive information?
• Assuming this situation is temporary, what tools/techniques can you recommend to
document the changes so that we don't miss undoing any of the adjustments we make to
infrastructure, etc.?
UNANSWERED Q&A FROM LAST SESSION
#MissionBeforeMoney

_________________
How to securely shift employees to remote work during
social distancing.
• Let’s discuss.
#MissionBeforeMoney

_________________
How to securely shift employees to remote work during
social distancing.
• Let’s discuss.
#MissionBeforeMoney

_________________
How to securely shift employees to remote work during
social distancing.
• Let’s discuss.
#MissionBeforeMoney

_________________
How to securely shift employees to remote work during
social distancing.
• Let’s discuss. Press release this morning that S2Me
and S2Team are available at no cost.
#MissionBeforeMoney

_________________
Quick Question (maybe two)
What’s next…
#MissionBeforeMoney

_________________
Some of the current social engineering scams around COVID-19 and
how to avoid them.
https://arstechnica.com/information-
technology/2020/03/the-internet-is-drowning-in-covid-19-
related-malware-and-phishing-scams/
https://www.modernhealthcare.com/cybersecurity/hackers-
taking-advantage-covid-19-spread-malware
https://globalnews.ca/news/6690907/coronavirus-peterborough-
scams/
https://www.wxyz.com/news/national/coronavirus/police-warn-of-covid-19-
scams-that-target-elderly-population-in-metro-detroit
#MissionBeforeMoney

_________________
Quick Question (maybe two)
What’s next…
#MissionBeforeMoney

_________________
How to create or adjust your business's disaster recovery
plan.
• More discussion.
• How many of us have a disaster recovery plan?
• Of those who have them, how many are worth salvaging versus
starting over?
• Do pandemics usually go in a disaster recovery plan or a business
continuity plan or both?
• And maybe more…
#MissionBeforeMoney

_________________
Quick Question (maybe two)
What’s next…
#MissionBeforeMoney

_________________
What now?
Please let us know how we can serve you!
• Contact us:
• Web: https://frsecure.com/contact/
• Phone: 877-384-2069
• Follow us:
• FRSecure Twitter: @frsecure
• Evan Twitter: @evanfrancen
• FRSecure LinkedIn: https://www.linkedin.com/company/frsecure-llc
• Evan LinkedIn: https://www.linkedin.com/in/evanfrancen/
#MissionBeforeMoney
Please be safe!