The Cybersecurity and Infrastructure Security Agency (CISA) late last week issued a practical checklist to help executives “think through” infrastructure protection, supply chain, and cybersecurity issues in light of the COVID-19 coronavirus, and potential effects to workforce and operations.
On the infrastructure protection front, CISA highlights numerous issues including implementing formal worker and workplace protection strategies, preparing flexible telework and hours policies, identifying essential functions and goods, and prioritizing critical suppliers.
For supply chain concerns, the agency said owners should evaluate potential disruptions of transport logistics and international manufacturing slowdowns, communicate with key customers and suppliers about mitigation steps, and identify potential alternate sources of supply.
For organizational cybersecurity, CISA listed a number of steps for secure systems that enable remote access, including ensuring that virtual private networks and other remote access systems are fully patched, improving system monitoring to receive early detection and alerts on abnormal activity, implementing multi-factor authentication, and ensuring that all machines have properly configured firewalls and anti-malware and intrusion prevention installed.