Cyber Response-what the CIO and CISO can do to help
Cyber Response-what the CIO and CISO can do to help
Concern over the scale and impact of the COVID-19 pandemic is growing, leading organizations to consider their response, and the actions they need to take now to maintain their business . The Chief Information Officer (CIO) and Chief Information Security Officer (CISO) have vital roles in making sure the organizarion can function as pandemic containment measures are implemented.
The Issue
Can your business function effectivelythrough remote working?
You need to ensure your business can work remotely and flexibly, and that employees are confident inbeing able to do so. This may require you to revisit decisions on access rights, entitlements and risk posture. Questions to consider:
• Have you scaled your VPN concentrators,portals and gateways to handle a large number of colleagues who will need to work remotely?
• Have you considered the potential key suppliers, contractors and vendors, who will have toaccess and the additional scale that will bring in?
• Have you tested the infrastructure to findout whether it can handle the expectedloading?
• Are there single points of failure in the infrastructure, and can you provideadditional resilience?
• Do you need to relax access controls orprovide additional remote login accounts orcredentials?
• Is there sufficient help desk capacity to handle any queries from users who are unable tologin, or unfamiliar with remote working?
© 2021 KPMG, a Ghanaian registered partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative, a Swiss entity. All rights reserved.
KPMG International Cooperative (“KPMG International”), a Swiss entity. Member firms of the KPMG network of independent firms are affiliated with KPMG International. KPMG International provides no client services. No member firm has any authority to obligate or bind KPMG International or any other member firm third parties, nor does KPMG International have any such authority to obligate or bind any member firm. All rights reserved.
