March 13, 2020 Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency Briefing on Covid-19 and Data Security

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) just completed a stakeholder security briefing.  This was recorded and should soon be available on the CISA website, but in the interim, some key takeaways are:

  • We are in the “initiation phase” of the pandemic, meaning the worst is yet to come (the “acceleration phase”).
  • Covid-19 has been found in 42 states.
  • The presenters declined to comment on the likelihood of mandatory quarantines.

Chris Krebs, director of the CISA, discussed lines of effort for critical infrastructure segments.  He discussed enterprise VPN security guidance from CISA for those now working remotely.  Krebs noted that the private sector workforce needs to be on the alert for Covid-19 phishing scams.  He welcomed reports of such behavior.  Krebs also expressed concern about misinformation that has been present and urged care to verify claims before relying on information on social media.  Krebs was asked about remote workers using wide-area networks.  He referred to the CISA guidance on this.

*    *   *
Other cybersecurity issues that employers should be mindful of include the following:

  • working on unsecured personal devices at home (e.g., the family computer that the kids use for homework)
  • transferring company information using personal email accounts (e.g., employees emailing company files to themselves)
  • use of personal cloud storage accounts (e.g., their personal Dropbox account)
  • taking company documents home and not having secure means of storage (e.g., the shared desk in the home office)
  • use of unsecure connections from home to the company
  • use of unsecure conference call lines (e.g., check on the security of those free conference call services)

As many of us prepare to work remotely, your company should:

  • to the extent not done already, implement multi-factor authentication
  • ensure all machines have properly configured firewalls
  • review and update anti-malware and intrusion prevention security of information technology systems
  • test remote access solutions capacity and/or increase capacity
  • ensure access systems are fully patched.
  • increase awareness of information technology support
  • enhance system monitoring to receive early mechanisms for employees who work remotely
  • increase over detection and alerts on abnormal activity
  • update your incident response plans

Leave a Reply

Your email address will not be published. Required fields are marked *