COVID-19 has presented a visceral, public, and clear lesson in risk management and response. This got me thinking about how our responses to the pandemic can inform our responses to cyber risk. What can we learn from our successes and mistakes to reduce the likelihood of a breach?
As someone who has spent years in the cybersecurity space, it was easy to apply this thinking to what was happening around us. Experts saw an outbreak of a deadly virus and began assessing the risk and modelling the threat using available data. Others began advancing their detective controls to find and track the danger and then formulate their preventive controls.
About the author
Anthony Israel-Davis is Senior Manager R&D at Tripwire.
The response looks a lot like defense-in-depth, a collection of controls layered together to reduce vulnerability and protect against potential harm. Despite the effort, there was still a breach, which means we have lessons to learn in pandemic response and those lessons can inform how we approach cyber defense as well.
Risk assessments
In early January 2020, the World Health Organization (WHO) issued its first situation report for COVID-19. Even in the virus’s…
