As COVID-19 continues to spread globally, operations centers are hard at work. Critical in global monitoring and response, command centers including those in hospitals, local emergency operations centers, and even cyber security and social media have a role to play in handling pandemics. Join us as we begin this series exploring how each type of mission critical center is responding to the current situation.
Cyber Security Operations Centers: The Response to COVID-19
We began our series with a look into how emergency operations centers are responding to the outbreak. Next, we’re diving into the world of cybersecurity operations.
Cybersecurity Risks During the COVID-19 Pandemic
As society becomes more dependent than ever on our digital tools, hackers are targeting our most vital form of connection.
The internet has quickly shifted into the primary channel for conducting work as well as the main source for human interaction. Our increased dependency on the digital infrastructure makes the price of any failure that much higher.
The fear and need for information surrounding the COVID-19 pandemic has also given hackers a new target. Recently, the US Department of Health and Human Services was the target of cyber attackers who aimed to disrupt operations and information flow. There are also hackers posing as the CDC and WHO in phishing attempts.
Cybercriminals exploit weaknesses, especially in prolonged times of crisis, to penetrate defenses. They take advantage of fear and uncertainty. Businesses with an unprecedented amount of people working from home are also at risk, due to the different devices and networks being used to handle important information.
According to Phil Reitinger, president and CEO of the Global Threat Alliance, the pandemic “offers a slew of new opportunities, and if there’s one thing we know about cyber adversaries, it’s they’re adaptive and reactive.” Even with incidents that don’t involve remote work, attackers very quickly launch phishing campaigns based around the current threat. Said Reitinger: “What COVID-19 gives the adversaries is an opportunity both to phish – to sort of weaponize the desire for information – and at the same time a new set of opportunities to target. With all of these people working remotely, there’s an opportunity to invade home networks and move laterally on those devices.”
During the social isolation and the panic caused by COVID-19, operators in 24/7 cybersecurity centers play a pivotal role in protecting organizations and the public.
Cybersecurity Operations Continue During Pandemics
Even under regular, “business-as-usual” conditions, data is a lucrative target for cyber criminals. There are multiple types of cyber-attacks, from advanced persistent threats (APTs) and phishing to malware, cryptojacking, and ransomware.
Under our current pandemic conditions, the risk to our digital assets is even greater. Cyber criminals often take advantage of major global events, and those defending our digital landscape are working harder than ever.
The increased sophistication of cyber attacks means the tools we use to defend them must be just as sophisticated. This is where cybersecurity operations centers (CSOCs) come in.
Threats need to be assessed in real-time so the CSOC can provide proactive, advanced threat detection as well as immediate incident response. Organizations with CSOCs have vastly improved response times. They can detect threats early, in turn preventing major damage.
As with many security applications, in cybersecurity time is the most critical element. The less time there is between a breach and its detection, the less of an impact the cyberattack will have on an organization. Early detection limits damage, and the best tool for early detection is the cyber SOC. Highly effective SOCs combine comprehensive threat intelligence with advanced automation tools and analytics.
In addition, these cyber SOCs can distribute important information to at-home employees about how to practice cyber-health during the pandemic, ensuring that human error doesn’t contribute to the increased risks during this time.
Effective Cyber SOCs
In addition to a top-notch team, a cyber security operations center must provide an effective space to work in that will help, rather than hinder, their security monitoring. This means that not only is the security technology important, so is the design of the space itself.
Using the right video wall to display vital, real-time data is paramount to ensuring that the time between breach and detection is minimal. From display resolution to sizing and placement, the selection of an operations center video wall plays a key role in ensuring proper display of data. It’s also important to select video wall technology that can withstand the demands of a cybersecurity operations center; not all displays are made equal, and those in a CSOC must remain on 24/7 for constant monitoring. That means they need to be resilient, and the design of the audiovisual integration should include redundancies in case of any system failure.
The furniture in a CSOC can also be specifically designed to assist the function of your operations. A popular solution is arranging workstations in open pod configurations to streamline collaboration and communication. Another way to promote operators working together within a command center is the inclusion of set collaboration areas. These include huddle spaces or adjacent conference rooms where operators have a designated area to collaborate that is set aside but still within the cybersecurity space.
A successful cyber SOC implements design solutions that will benefit operator productivity and situational awareness. Sit-stand consoles contribute to operator health, and the versatility contributes to improved mood and energy, allowing operators better focus. The placement of the command center furniture in relation to the video wall is also important to operator awareness. Sight line analyses to determine proper viewing angles to the video wall ensures that the operators monitoring applications have maximum situational awareness.
Constant’s Operations Centers
Moments of crisis often remind us how invaluable the multiple types of operations centers involved in emergency response can be. It’s important that emergency operations centers, medical command centers, and social media monitoring centers be up-to-date in order to provide efficient, reliable response. If your mission critical environment hasn’t been updated in several years, the technology may not be as reliable as it should be for round-the-clock use in a crisis situation.
Should your mission critical operations center be in need of a refresh, Constant is here to provide video wall integration, console furniture, project management, and service to ensure your center is best equipped to serve the public good.
The team at Constant is continuing to manage projects and support our clients through these uncertain times. If you would like to discuss your cybersecurity operations center requirements, our expert team is here to help.
We are continuing to monitor the situation with COVID-19 and the responses aided by various types of command centers. Continue to check back as we explore these responses in the coming days with the continuation of our coronavirus series.
Constant Technologies, Inc. provides AV integration for 24/7 video walls and custom operation center furniture. With 30+years experience we can work with sensitive environments in the public and private sectors. Constant designs, installs and services projects of all scopes and sizes around the world. We create solutions with the highest levels of security, aesthetics and functionality in mind.