In recent weeks; many organizations have found themselves needing to implement remote working in order to ensure business continuity. This has posed a major and far-reaching challenge for them in terms of technology; given that most small and large Spanish companies did not have this type of practice integrated as standard; and perhaps even less so the aspects relating to the necessary cybersecurity. It is at times like these that cybercriminals try to take advantage of this type of crisis to increase their activity; and the protection of both personal and corporate data becomes a matter of paramount importance.
The current abnormal situation we find ourselves in and the prediction that this crisis may lead to a paradigm shift in traditional working models has made many organizations realise the importance of information technology in their daily operations. It is at times like these that organizations that have not developed minimum contingency and continuity plans must implement emergency measures without having carried out minimum testing and crossing their fingers that resources will not collapse in the face of increased online activity. This pressing need may also lead to the introduction of vulnerabilities in critical systems; since in many cases decisions will have been made prioritising the continuity of daily operations to the detriment of the potential problems that the solution could cause in the medium to long term.
Similarly; this situation highlights how companies that are unprepared for such scenarios neglect the importance of information and service security. The turmoil and tension created leads to solutions that focus solely on customer and/or user service; which is absolutely necessary; but it should not be forgotten that security plays a key role in the delivery of such services.
At ERA; we believe that once this emergency situation is over and companies are back to normal; they will need to reassess the need for planned and resilient IT resources. The provision of material and human resources in ICT departments will be envisaged with the aim of ensuring the viability; security and scalability of the emergency solutions implemented during the crisis in the medium to long term.
In the global scenario in which we find ourselves; and regardless of the sector in which the activity is carried out; it is possible to enter a state of contingency due to multiple factors; so managers must be aware and treat Information Technology with the rigour and importance that the current situation is blatantly demonstrating.
How can ERA Group help you?
- Define the Security Master Plan based on a risk analysis of information assets and establish an action plan (short; medium and long term).
- Establish security policies and procedures. Define information security guidelines.
- Optimise investments in information security by implementing action plans that support the achievement of the organization's objectives.
- Assess the company's current security situation against a standard of good practice while planning the investments necessary to achieve the objective (critical applications; risk analysis; current security level; etc.).
- Improve information security levels by promoting the adoption of an information security culture at all levels.
