Due to COVID-19, we have been living through the biggest invocation of business continuity planning in the last 80 or so years, and certainly since IT systems became widespread. In this blog, Alex Crompton asks what this means for digital transformation and cyber resilience in the longer term
You could argue that the widespread tactical shift to remote working and social distancing has necessitated the world’s largest unplanned and forced digital transformation. And it’s been implemented in the space of just a few weeks.
Easier said than done, for some
However, experiences have been varied. Some organisations have been relatively fortunate. For example, those who have previously pursued a strategy of driving remote working, or even just decentralisation from core locations, have found the transition to be easier than others. The basic infrastructure, processes and approach were already in place, and efforts have centred around increasing capacity, and in some cases accelerating and widening existing planned deployments to remote working and collaboration ecosystems.
However, for organisations with little remote working capability, experience or culture, or for whom operational constraints necessitate on-site operation and the continued deployment of frontline staff, this has not been so easy. These organisations have had to deal with the challenges of both enabling remote access to critical and core IT systems, along with a parallel overhaul of business and operational processes to enable secure and effective delivery, whilst ensuring staff safety.
Meanwhile, events have not just impacted single businesses, but entire supply chains, upstream and downstream, along with wider stakeholders. Many organisations without in-sourced delivery will have concerns about the resilience of their supply chain, and ability of their partners to continue to reliably and consistently deliver services on which they may be critically dependent.
Cyber attackers are embracing the disruption – in the supply chain and beyond
Alongside all of the above, cyber threat groups have also adapted, using COVID-19 and health concerns to infiltrate organisations through phishing and social engineering, or simply to take advantage of the commotion in the hope that security teams will be less observant and responsive.
BAE Systems, has published several pieces of research on campaigns exploiting COVID-19 over the past few months , however this is just a small snapshot of the threats out there.
Furthermore, the supply chain must not be ignored, especially when considering overall resilience and the ability to react and respond to incidents.
Even if an organisation’s team are working at close to normal operational effectiveness, and have spare bandwidth to deal with further incidents, it does not necessarily mean the suppliers or service providers on whom they are reliant on do. The suppliers can be targeted themselves, as evidenced by recent attacks on service providers.
How to make informed decisions for cyber security, incident readiness, and wider resilience
Amidst the tactical focus on survival and continuity, organisations may currently be struggling to react effectively to events that would have been easily managed before. This is particularly pertinent in the cyber domain, where attackers are actively exploiting the disruption, and where individual staff, including security teams, may be under additional stress or easier to target.
The widespread and rapid adoption of ‘grey IT’ tactical remote working and collaboration solutions (for organisations that did not have their own readily available), may also be causing a number of additional vulnerabilities, with some susceptible to misconfiguration (contact us for access to our Remote Working Tools Threat Intelligence Report). In many instances organisations may not even be fully aware as to the extent and context of use by their staff.
In order to remain resilient, organisations must ensure that they are still able to:
Respond effectively and efficiently to cyber incidents
Maintain cyber resilience
Maintain wider cyber security posture
Where organisations have invoked business continuity, and are effectively operating in “plan B” mode as a result of COVID-19. Now is the time to consider a “plan C”, and whether you could effectively get there if you had to.
Moving from “plan B” to “plan C”, and embracing digital transformation for the long term
The current ways of working, and operational and health constraints are likely to persist well into the medium term.
For organisations where this unplanned and rapidly deployed digital transformation to remote working has been hastily and tactically deployed, it is unlikely to be optimal or sustainable long-term for the business. This is relevant to cyber security and defence, as well as wider business operations.
Efforts now should pivot to the long-term strategic view of the new business as normal, and adapt “plan B” to be as sustainable, efficient and effective as possible for the foreseeable future.
There are number of questions and steps that organisations should take to ensure that they are able to stay resilient now and in the future. For further advice, you can find these summarised in our new report: Cyber Incident Readiness, Security and Resilience in the face of COVID-19.
Complimentary BAE Systems report
Cyber Incident Readiness, Security and Resilience in the face of COVID-19
If you are already in "Plan B", if you suffer an incident, what is "Plan C" and can you effectively deploy it? Download our new report which includes guidance and a number of questions that as an organisation, you should be asking yourselves, as well as steps that you should take to safeguard your readiness for cyber incidents, resilience and securityFind out more
About the author
Alex Crompton is Head of Security Consulting, BAE Systems Applied Intelligence