当前位置:资讯 >> 财税金融 >> 浏览文章

新闻资讯 管理会计 内控管理 财税金融

世界在新冠疫情下的信息安全管理Information Security Management in a COVID-19 World

来源:本站原创 浏览量: 发布日期:2020/10/10 14:11:16

Despite the operational challenges resulting from COVID-19, information security’s prime objective remains enabling an organization to achieve its goals within its risk appetite. Today, organizations of all types are reconfiguring their service and product delivery strategies to both serve customers safely and obtain cost savings. Through this transition, SMEs must continue to mitigate the risks that existed before the arrival of COVID-19. For SMEs in regulated industries, this also includes the continued adherence to regulatory requirements. Those organizations accepting electronic payments, including credit cards, must also comply with applicable rules, including the Payment Card Industry Standard.




To survive, many organizations will need to alter their methodologies. Many SMEs already faced challenges in responding to the increasing use of emerging technologies confronting traditional business models and services. These developments impacted the expectations of employees, customers, and suppliers. Unfortunately, they will need to adopt emerging technologies and change their service models more rapidly. At a minimum, this would include reconsidering the effectiveness of existing technology investments and the ability of stakeholders to use existing assets to drive value for the organization.




These developments necessitate the calibration of risk strategies and even risk tolerances with the reality of different customer expectations in the new environment. For example, consumers prize and appreciate electronic-based transactions rather than in-person transactions. When in-person interaction is required, video and other electronic modes of communication will be favored. Yet many SMEs, even if they did have an information security program, did not consider the relevant threats that have resulted from COVID-19. Although many SME executives recognize the privacy implications of maintaining and transacting data, they may not realize the need to protect the ever-growing storage of video-based information. SMEs will face additional technology risk as remote solutions for workers and vendors become part of the new mode of operation.




The new environment requires that SMEs strengthen and change their information security management programs to enhance the organization’s resiliency yet protect the assets entrusted to it. These asset protection strategies should include both electronic and physical protection of their people, processes, and technologies. The organization’s viability will significantly rely on the program’s ability to adapt to changing conditions and its effectiveness in helping it achieve desired objectives. That is why, as part of their COVID-19 recovery strategies, many SMEs are revisiting their Information Security Programs, emphasizing both resiliency and facilitation.




The program should address efforts to learn where sensitive data exists, where it flows, and with whom it is shared. Unknown data is unprotected data. The potential for regulatory sanction is high, regardless of industry, as regulators can interrupt a business’s operations or halt its growth. Financial professionals should evaluate critical business partners who represent risk and may incur liability or reputational damage.




For an SME to get the most value from investments in security tools, it is vital that any metrics it develops are actionable and provide guidance for investigating and mitigating any identified anomalies. It is also helpful to implement an automated Security Incident Event Monitor (SIEM) to capture and triage the large volume of alerts. Monitoring through SIEM is often outsourced to specialized Managed Security Service Providers (MSSP) who specialize in this area. The MSSP often uses artificial intelligence to learn an organization’s network topology and correctly identify anomalous traffic. Should an SME identify or suspect a potential cyber-incident, the U.S. Department of Justice’s “Best Practices for Victim Response and Reporting of Cyber-Incidents” provides best practices and an incident preparedness checklist to help the SME navigate these problems should they occur.


为了让中小企业从安全工具的投资中获得最大价值,至关重要的是开发的度量标准是否都是可操作的,是否能为调查和缓解任何已识别的异常现象提供指导。同时需要有助于实现自动安全事件监视程序(Security Incident Event Monitor, SIEM),以捕获和分类大量警报。通过SIEM进行的监控通常外包给专门从事此领域的专业托管安全服务提供商(Managed Security Service Providers, MSSP)。MSSP通常使用人工智能来学习组织的网络拓扑结构,并正确识别异常流量。如果中小企业发现或怀疑潜在的网络事件,美国司法部的网络事件受害者响应和报告最佳方式 (Best Practices for Victim Response and Reporting of Cyber-Incidents提供了最佳方法和事件准备清单,以帮助中小企业在这些问题发生时应对这些问题。






 世界在新冠疫情下的信息安全管理Information Security Management in a COVID-19 World