home_banner

This content is available to the public and does not require IANS login credentials. Questions? Reach out to us at ians@iansresearch.com.

Content Icon

COVID-19 and InfoSec: What You Need to Know

June 12, 2020 | Topic Guides | Security Policies and Strategy

Download PDF
COVID-19 and InfoSec: What You Need to Know

The ramifications of the novel coronavirus – COVID-19 – are being felt throughout the business and information security communities. Here we offer a compilation of the latest IANS research to help you stay ahead of this fast-evolving situation and keep your staff and businesses safe and productive.

What to communicate to executive management:

Keeping remote workers productive and secure:

  • Get Started With Remote Workforce DLP

    May 6, 2020 | Ask-an-Expert Writeups | Data Loss Prevention (DLP) | By Mike Saurbaugh, IANS Faculty

    Many organizations struggle to put effective data loss prevention (DLP) policies and procedures in place for their remote employees. Here we detail how to use native Windows and available third-party tools to get some initial controls in place.
  • CEO Home Network Checklist

    May 5, 2020 | Tools & Templates | Networking and Network Devices | By Jake Williams, IANS Faculty

    This checklist details simple steps executives can take to improve the security of their home network and ensure corporate assets are maximally protected.
  • Patching and VPNs: Reduce the Performance Hit

    April 27, 2020 | Ask-An-Expert Writeups | Virtual Private Networks | By Erik Kuehn, IANS Faculty

    With everyone working remotely and accessing corporate resources via a virtual private network (VPN), what's the best way to keep endpoints up-to-date on security patches? We explain how a well-configured split-tunnel VPN can improve performance and security.
  • COVID-19: Address Printing and Shredding for Remote Workers

    April 14, 2020 | Ask-An-Expert Writeups | Data Loss Prevention (DLP) | By Josh More, IANS Faculty

    With COVID-19 and the rush to remote work, many organizations are finding their remote work plans do not properly consider issues around printing and shredding. We detail some steps to take now and in the future to safeguard printing and shredding.
  • COVID-19 Phishing Emails: What to Watch Out For (6 Slides)

    April 10, 2020 | Content Aggregator | Security Awareness, Phishing, Social Engineering

    Hackers are using the COVID-19 pandemic to customize new phishing email attacks. This compilation includes phishing examples such as emails purporting to come from the World Health Organization and fake travel alerts seeking to obtain sensitive personal information.
  • Focus COVID-19 Security Awareness Messaging on Both Corporate and Personal Threats

    April 10, 2020 | Ask-An-Expert Writeups | Security Awareness, Phishing, Social Engineering | By Jake Williams, IANS Faculty

    With the shift to work from home, employers should be increasingly concerned about their employees’ overall cyber hygiene. Here we explain how to morph awareness communication from a purely corporate standpoint to a mix of corporate and personal awareness education.
  • Collaboration Tool Security Checklist

    April 9, 2020 | Tools & Templates | Business Productivity

    This checklist provides security settings for Zoom, Microsoft Teams, GoToMeeting, Cisco Webex, Slack and Google Meets (aka Hangouts). Some settings are based on policy vs. security risk, but they are worth evaluating.
  • COVID-19: Restrict Access to Keep MSSPs in Line

    March 27, 2020 | Ask-An-Expert Writeups | Managed Security Services | By Josh More, IANS Faculty

    The COVID-19 pandemic is forcing all businesses to become more dependent on remote work, and managed security services providers (MSSPs) are no exception. Here we offer several options for ensuring your MSSP's remote workers don't overstep their privileges or access.
  • Harden VPN, Video and IM Against Attacks Exploiting COVID-19

    March 26, 2020 | Ask-An-Expert Writeups | Virtual Private Networks | By John Korpal, IANS Faculty

    As companies shift to remote work amid COVID-19, attackers could exploit the situation to leave companies dead in the water by targeting the very tools that allow them to function. Here are some tips for keeping your VPN, audio/video conferencing and messaging tools up and running – and secure.
  • Remote Work and COVID-19: A Security Checklist

    March 19, 2020 | Tools & Templates | Business Continuity and Disaster Recovery (BCDR)

    This checklist is designed to help security teams more effectively manage the push to remote work spurred by COVID-19.
  • COVID-19 Phishing Examples and Guidance (Updated)

    March 31, 2020 | Ask-An-Expert Writeups | Security Awareness, Phishing, Social Engineering | By Jake Williams, IANS Faculty

    Attackers are using COVID-19 as a phishing lure via email, SMS, mobile apps and even social media.. Here we detail what to watch for and how best to protect employees.
  • COVID-19 and the Cloud: Enabling Remote Work and Business as Usual

    March 11, 2020 | Faculty Reports | Business Continuity and Disaster Recovery (BCDR) | By Josh More, IANS Faculty

    As the novel coronavirus continues to spread, more organizations are re-evaluating their remote work capabilities. Here we highlight key issues and explain how focusing on upfront planning around network and cloud services can ensure your business stays secure and up and running through the crisis.

Shoring up likely attack vectors:

  • Defend Against Hackers Exploiting COVID-19 to DDoS VPNs, Web Conferencing

    April 17, 2020 | Webinar Replays | Virtual Private Networks | By John Strand

    As companies shift to remote work amid COVID-19, attackers could exploit the situation to leave companies dead in the water by targeting the very tools that allow them to function. In this webinar, we offer tips for keeping your VPN, audio/video conferencing and messaging tools up and running – and secure.
  • Indicators of Compromise: Identify the Latest COVID-19 Attacks

    March 20, 2020 | Ask-An-Expert Writeups | Malware and Advanced Threats | By Ken Pyle

    Attackers are poised to take advantage of the confusion and uncertainty surrounding the COVID-19 pandemic. Here we detail what organizations should watch for and recommend some key defenses to put in place.
  • Poll: Likely COVID-19-Themed Attack Vectors

    March 17, 2020 | Ask-An-Expert Writeups | Malware and Advanced Threats | By IANS Faculty

    Organizations are increasingly worried about attackers taking advantage of the uncertainty surrounding the COVID-19 pandemic. Here, IANS Faculty detail what they see as the COVID-19-themed attack vectors most likely to be exploited.

Getting comprehensive disaster planning and recovery plans in place:

  • COVID-19: Address the Next Black Swan in Your BCP

    April 6, 2020 | Ask-An-Expert Writeups | Business Continuity and Disaster Recovery (BCDR) | By George Gerchow, IANS Faculty
    The realities of COVID-19 have exposed the glaring gaps in even the best business continuity plans (BCPs). We detail some lessons learned that must be folded into today's BCPs so we can better address similar challenges in the future.     

  • Black Swan Business Continuity Checklist

    April 6, 2020 | Tools & Templates | Business Continuity and Disaster Recovery (BCDR)

    The realities of COVID-19 have exposed the glaring gaps in even the best business continuity plans (BCPs). This checklist is designed to ensure your organization isn’t left flat-footed whatever may come in the future.
  • Pandemic Impact Analysis Template

    March 9, 2020 | Tools & Templates | Business Continuity and Disaster Recovery (BCDR)

    This template can be used to help the business identify and prioritize critical roles, procedures and assets that must be considered and put in place during a pandemic event.

  • Business Continuity and the Coronavirus: Know Where to Focus

    March 2, 2020 | Ask-An-Expert Writeups | Business Continuity and Disaster Recovery (BCDR) | By Michael Pinch, IANS Faculty
    Uncertainty continues to swirl around the COVID-19 virus and its short- and long-term business impacts, a situation that makes business continuity planning (BCP) especially difficult. Here we detail a list of potential threats to consider, along with concrete mitigations and contingency plans.


Lessons learned to date:

  • COVID-19: Critical Continuity Lessons from the Healthcare Industry

    April 15, 2020 | Faculty Reports | Security Policies and Strategy | By Justine Bone, IANS Faculty

    While hospitals scramble to adapt to the COVID-19 crisis, they’re taking steps that are applicable well beyond the healthcare vertical. In this report, IANS Faculty Justine Bone details some key healthcare lessons learned that all security teams can use to successfully navigate this new era.

Preparing for the post-COVID-19 world:

  • Work-from-Home and Return-to-Office Employee Survey

    June 12, 2020 | Tools & Templates | Business Productivity | By George Gerchow, IANS Faculty
    COVID-19 presents challenges for employees both working at home and considering a return to the office. This survey can be used to gauge their issues and expectations, so they can be safe and productive in both situations.

  • COVID-19-Related Apps: Are They Enterprise-Ready?

    June 11, 2020 | Faculty Reports | Risk Management | By George Gerchow, IANS Faculty

    New COVID-19-based contact-tracing and symptom-screening apps are not yet ready for prime time. This report outlines the challenges, along with more secure ways enterprises can ensure the safety and health of employees and those they come into contact with.
  • Re-Opening During COVID-19: Key Considerations

    June 10, 2020 | Faculty Reports | Risk Management | By Josh More, IANS Faculty

    As businesses start to re-open, they must determine which operations to keep idle, which to adjust and which new ones to introduce. At all times, the health and safety of employees and customers is paramount. This report outlines guidelines to consider and steps for how to proceed.

 

Questions? Reach out to us at ians@iansresearch.com.


Related Research

Information Security Job Description Templates (Updated)

With the information security workforce shortage projected to reach 2-3 million over the next few years, organizations are putting a greater emphasis on their recruiting process to better fill out their security teams. Use these sample infosec job descriptions to set the foundation for role expectations and attract the most highly qualified professionals to your organization. 

Manage Cross-Departmental Projects Successfully

This report details some best practices for smoothing the implementation of cross-departmental security projects, including taking a business-first approach.

TSAs: What to Include and What to Watch Out for

In this report, we detail what should be included in a workable transitional service agreement (TSA) and offer tips for avoiding some common pitfalls.