Pandemic, cyber panic by Koen Maris

A tiny little organism shakes the world as never before. It alters everything we’re acquainted with; it is highly contaminating and spreading fast. Regardless of its origin or location of the outbreak, this virus has clearly everything required to have an accurate infection rate with a difficult to predict outcome on the continuity of life as we know it. Predicting the result after infection remains difficult since we don’t know everything about the virus and every human system might have an identical defence concept. The implementation and functioning of it is different.

Precautionary actions are taken, such as lockdown of free movement of their citizens, schools close, commercial organisations can only operate if they can assure safety of staff by imposing a 1.5-meter distance between employees etc… Drastic measures to stop the widespread of the virus. In response to that, many companies shifted urgently to a remote working solution, with an aim on getting their business running when staff is in confinement. Operational effectiveness is the focus, putting cyber somewhere on the lower priority list. Though as days, weeks or even months pass by, the cyber debate resurfaces because of increased cyber threats.

 

Giving up privacy for health

The world is nervously searching for answers to limit the further spread of the virus and launching one or more infection waves impacting humanity. All options must be kept open, but at the same time vigilance is required. It is important that all implications and impact of a chosen solution are considered, we don’t need a sledgehammer to crack a nut.

During this pandemic, the focus is on using soft techniques for prevention in the form of awareness raising on how to behave, when to wear a mask, keeping distance, wash hands or use disinfecting gels etc… Besides that, a tremendous effort is put in detection of infected individuals to contain further spread. These detection techniques go from people interviewing COVID19 infected humans followed by contacting the people that have been potentially exposed to the virus by meeting the individual. That is not only very intrusive on privacy, but it delivers subjective results. For the sake of completeness, just try to figure out who you’ve met a week ago upon till today.

Successful monitoring and tracing people require technology, but more importantly the goodwill of people, if not the entire population if you’d like to be successful. In a society that aspires trust and values privacy of the individual, tracing looks like difficult if not impossible. Not to speak about the required interoperability required to support cross border detection. Europe might be well defined as one community; each country has its own sovereign approach to these types of subjects. The pandemic clearly delimited the cultural differences around the world. The outbreak in Italy provided us a clear view on how fast the virus can spread and how difficult if not impossible it might be to track patient 0. Therefore, a huge number of infections in a very short time during a holiday season peak. However, in many Asian countries they couldn’t stop the infections going up in big cities, but they were able to contain in closely monitored cities or regions.

In cyber we monitor gates, or otherwise called the perimeter. See it as customs at an airport, a central point where everyone is subject of the same set of controls when passing through. From the case in Italy we learned that the control set of these central gateways was not enough to identify patient 0 which lead to a huge and uncontrollable outbreak. Whereas in Asian countries far pushed controls on the individual lead to containment of the outbreak.

Today a lot claim to have behavioural monitoring in the cyber world, but it is not even close to the extent we see in some of these Asian countries. Not because of technology, but because of resistance, legal implication such a privacy laws or just because of the unwillingness of people to accept.

Cyber security and pandemic takeaways?

Similarities in both events are a given, but there are some nuances to consider. More importantly, can we (re)use what we do in what field as useful for the other? In both cases the goal is to stop contamination and get the situation under control and eventually back to normal. For sure, but it requires a different mindset. To get a hold on the contamination of the virus, people are locked down. Governments count on the good faith of their citizens, though monitoring controls are required to detect disrespect of the security measures. In cyber security the focus is on prevention with technical measures that fail to detect anomalies if the protection is flawed.

A common denominator is that decision cycles must be short and fast and panic is a bad instigator. Another issue, especially when looking at public reporting, is that taken decisions might seem legitimate at the very moment, but wrong when looking back. This should be accepted and being considered as lessons learned. Not taking any decision is far worse than deciding the wrong thing and correct upon afterwards.

This article is exclusive to The Business Transformation Network.

----------------------------------​

Koen Maris is director Cyber Security at PWC Luxembourg, transforming ideas in to new services helping customers to embed cyber security enterprise wide.

Koen Maris started an IT career as a software developer. This experience provided solid background in complex environments and a basis in the roll-out of challenging IT projects. After a few years, he swapped development for ethical hacking because of a natural curiosity to flaws in systems. This was the start of technical career in IT security, however due to rise of security problems his career evolved from ethical hacking to security solutions integration and eventually to the managerial side of security.

He has been CISO and CTO at an international IT service provider preceding his current role (He advises large organizations in a multi-industry environment to think on a long-term basis on Cyber Security and addresses complex security topics in layman terms for board of directors and executive committees.
Koen Maris serves as a trusted advisor for many organizations and is becoming a known speaker that challenges his audience and questions current applied security models.