Saturday, March 7, 2020

CISA Risk Management for COVID-19

Yesterday the DHS Cybersecurity and Infrastructure Security Agency (CISA) published a new ‘insights’ document about “Risk Management for Novel Coronavirus (COVID-19)”. This is not a comprehensive planning document but rather it is designed “for executives to help them think through physical, supply chain, and cybersecurity issues that may arise from the spread of” COVID-19.

The main topic areas include:

• Actions for Infrastructure Protection;
• Actions for your Supply Chain;
• Cybersecurity for Organizations;
• Cybersecurity Actions for your Workforce and Consumers

The first two sections mainly address business continuity issues. The organization cybersecurity section deals with considerations for enabling or expanding telework or remote access. And the final section deals with looking out for cyber-scams related to COVID-19.

While there are a number of links to more detailed information on many of these topics, conspicuously lacking are references to CDC guidance on disease prevention in the workplace or the COVID-19 outbreak in general. Also lacking is any discussion about physical security impacts of guard force sickouts.

No comments:

/* Use this with templates/template-twocol.html */