Impact of COVID-19 on Enterprise Security Controls

The COVID-19 pandemic has resulted in many employees working from home.  The transition from working in the office to working at home was abrupt with minimal time to establish a strategy for a secure telecommuting environment.  As a result, there is solid evidence of a significant increase in cyberattacks focused on employees working from home.

Audit’s charter is to assess risk and provide an independent opinion to Management and Board of Directors.  Enterprise information security risks have significantly increased due to COVID-19.  Should Audit address this new information security risk environment?

During this one-day seminar we will review the short-term and long-term security and control challenges resulting from the COVID-19 pandemic.

Course Agenda:

1. COVID-19 Risk Assessment and Audit Planning

• COVID-19 related security threats, risks, and exposures
• Identifying short-term and long-term information security risks
• Review of recent security incidents including increased phishing, ransomware, and attacks on working from home environments.

2. Addressing Working from Home (WFH) Risks

• Risks and advantages of working remotely
• Determining appropriate WFH controls
• WFH ideal security & control scenarios
• Malware / ransomware protection
• End Point Security / Zero Trust Model

3. Assessing long term risks and controls

• Defining what the “New World” will look like
• Determining long term risks & controls including:
  • Multi-factor authentication
  • Privileged access monitoring
  • Vulnerability assessments
  • Log management / threat detection
  • Patch management
  • Web application / server risks
• Recommended control and security resources to include:
  • Center for Internet Security 20 Controls
  • NIST Cybersecurity Framework
  • OWASP – Top Ten Web Application Security Risks

Registration Links:

Summary: https://www.cvent.com/d/sjq199

Straight to Registration: https://www.cvent.com/d/sjq199/4W