Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Saturday, 1 April, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

A technical risk assessment of COVID-19

What if we thought of the COVID-19 pandemic like malware? Javvad Malik, security awareness advocate at KnowBe4, performs a technical risk assessment

by Beth Smith
April 1, 2020
in Featured, Guru's Picks
A technical risk assessment of COVID-19
Share on FacebookShare on Twitter

There’s a lot of information and misinformation out there surrounding COVID-19, aka the Coronavirus.

 

It dawned on me that writing risks is literally one of the fundamental skills of an information / IT / Cyber security professional. So why not try to make sense of the whole pandemic by thinking of it like malware.

 

This involves a two-step process, first write out the risk in understandable terms, and secondly, create a usable and understandable risk matrix.

 

Step 1: Documenting the risk

I have previously posted a blog on writing better risk statements. The process involved structuring the message – for that I used the journalistic trope called the Inverted Pyramid. It structures information in a way that prioritises the facts from most to least important.

 

 

The headline

There is a new disease called Coronavirus, also known as COVID-19. It’s a viral disease that can affect the lungs and airways of systems (humans)

 

Adding Detail

This disease can impact breathing and heart. It is particularly potent against legacy systems (people over 70) and unpatched vulnerable systems (those with underlying health issues).

 

100% of systems (humans) have lungs and a heart and are affected in some form or another by viruses such as influenza and the common cold.

 

Contextualize

It is expected that 80% of the population will come into contact with the virus. For young and healthy systems (humans), the symptoms may be unnoticeable or mild, with only small performance degradation. However, they can pass on the virus to other vulnerable systems (humans).

 

Call to action

There is no vaccine or cure to COVID-19 at present. But measures should be taken to reduce the likelihood of catching and spreading the virus. These can be distilled into three actions

  • Better hygiene: Washing hands frequently like your mother taught you, covering your mouth when sneezing or coughing.
  • Social distancing: Something introverts are exceptionally good at and what many women wish more men were good at.
  • Isolation: Netflix and chill, only by yourself. Sorry.

 

 

Step 2: The risk matrix

Now that we have the risk documented, we need a matrix to help visualize the risk. For this I turned to my long-time friend and former CISO Thom Langford, with whom I collaborated with previously to formulate the Malik-Langford risk model.

 

Taking that model, we put our heads together and updated it to the COVID-19 special risk model v3.0

Risk Management Model COVID-19

And there you have it, a risk statement and matrix to help you make sense of COVID-19. Hope you all stay safe and healthy. Look after each other!

FacebookTweetLinkedIn
Share4TweetShare
Previous Post

135 Million Records Leaked by Backup Company

Next Post

Securing Your Remote Workforce

Recent News

Data Privacy Day: Securing your data with a password manager

For Cybersecurity, the Tricks Come More Than Once a Year

March 31, 2023
cybersecurity training

Only 10% of workers remember all their cyber security training

March 30, 2023
Pie Chart, Purple

New API Report Shows 400% Increase in Attackers

March 29, 2023
Cato Networks delivers first CASB for instant visibility and control of cloud application data risk

Cato Networks Recognised as Leader in Single-Vendor SASE Quadrant Analysis

March 29, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information