The Current Pandemic: What it Can Teach Us…

It is interesting to see how both the medical professionals and the general public are reacting to the current pandemic; the results are much the same as we in the anti-malware research and protection arena found out, far too many times, the hard way, over the last 3+ decades…

Having personally worked in anti-malware research and protection/remediation (battling digital virus, worms, trojans, etc.) for over three decades it seems that the rest of the world is starting to see what we (anti-malware specialists, and medical practitioners) already know (or should know) that:

  • Whatever action you take or don’t take the result will be criticised (so get used to it); act too quickly and defeat (or seriously reduce) the impact of a threat, and “you made this out to be a BIG problem, it was a storm in a teacup/non-event“, if you acted too slowly “why didn’t you act sooner to protect us!” Have you noticed that there are always plenty of instant experts* when you don’t need them! *Those that think they know better than those that have been dealing with these things professionally for year, decades, etc.
  • With any new threat you are often fighting mis-information and “learning as you go“; unless it is a new variant of an existing threat. Sharing of good/validated information is a “Good Thing” (TM). Mis-information causes more damage and doesn’t help anyone.
  • You need to think outside of the box (what other tools/methodologies can I leverage to give us a fighting chance in restricting the impact?).
  • Simple hygiene and good epidemiological practices (both physical and digital) reduce the likelihood of infection/spread and allow us to get ahead of the threat, stopping it spiraling out of control. You can immunise (patch or put defensive tools/methodologies in place) or quarantine (discrete unconnected networks, or disconnected devices for digital risks). Similar things can be done (and has been for Covid-19, social distancing, hand-washing, masks, anti-viral drugs, antibodies).
  • Doing nothing (ignoring or underplaying the risk) is not an option.
  • Expect and plan for new variants (mutations), as they will occur and you need to be ready for them.
  • We need to learn from this crisis (just like in cyber threat/attacks), we need to carry out a post-mortem (I hate to use that term as I recently lost my mother to Covid-19, it is very emotive); what went well, where we could have done better, where things need to change or we need to add/improve our capabilities.

Let me be very clear the current situation is far from simple, we have to look at the impact beyond our own, and loved ones health, there has been and will continue to be a vast impact on both our own and our nations finances (many governments are racking up huge debt trying to keep the nation afloat). We will have to adapt to the situation; changing our behaviours and expectations (at least in the short term). The alternative is too frightening to contemplate, another wave, more deaths, more health issues for those that survive the disease, but have a lasting impact on their health for months, years or the rest of their lives.

A suitable solution is always a trade-off between security (protection/defence) and functionality (access, freedom, capability), both in the case of digital threats and physical threats, such as Covid-19!

Plan for the worst, hope for the best, in other-words, in the case of cyber risks/incidents as well as physical risks (fire/flood/earthquake,alien invasion, etc.) you need to have all of the following in place, and you should test them regularly:

  • Incident Response Plan (IRP)
  • Business Continuity Plan (BCP)
  • Disaster Recovery Plan (DRP)

If you don’t have all of these, how are you going to respond when “the fecal matter hits the rotary air circulation device“?

You are going to run around like a headless chicken, with little or no idea how to respond, who to involve, where to get help, etc. You will probably make things worse; because you don’t have a suitable plan (or haven’t tested it recently); unless you are very, very lucky!

So, in summary, we will beat Covid-19 eventually, but things will (probably) be forever changed;

  • Less travel (until we get a viable and safe vaccine); this will result in lower emissions and be good for us all, nature and the planet as a whole.
  • Increased use of home working (where feasible); many organisations have seen the benefit of this and have already put in place the infrastructure to support this. However, those organisations that haven’t invested in security (both physical and logical and the supporting technical expertise/management) will become targets of the Bad Guys n Girls (Cyber Criminals, State Actors, etc.)
  • Increased distributed working (less physical teams); this will have a knock-on benefit (if done correctly) of offering 24/7/365 follow the sun capabilities to all relevant business or other functions.
  • Virtual classrooms/events will become far more normal and acceptable to many of us.

I may update this with other material as I think of it, any feedback, etc. is, as always, most welcome.

Stay safe!