Covid-19 crisis and cybersecurity: Transforming the threat to an opportunity

In our more-than-ever interconnected world, we are quite aware that cyber crises cannot be contained in one’s borders, and there is a similar case with this health-related crisis. Day by day, it becomes obvious that dealing with the covid-19 crisis, follows the same lifecycle as dealing with a cyber crisis (preparation, detection & analysis, containment/eradication & recovery, post-incident activity).

So, where IT and Cybersecurity stand to and how might they contribute to this effort?

We have seen a lot of IT platforms related to different aspects in the fight against the covid-19 crisis either popping up, or existing ones being boosted and established (e.g. health monitoring, population containment management, health data exchange, health crises MIS, electronic public services, teleworking, virtual meetings, remote training, etc). Platforms that the research community had already prepared and tested, and the industry community had already made it commercially or operationally available. What was missing, was the readiness of the “consumer base” (especially when consumers are nations/states) to implement them and accept them for common/daily operations, usually due to delays in transforming related traditional administrative processes.

There was never doubt if these technologies would be eventually established…it was always just only a matter of time. And what this crisis made, was to shorten this time – bringing even quicker high-tech solutions to the public. But this mass release and acceptance of tools and platforms amplifies the need for advanced security provisions and features. Thus, this crisis may be considered, using strictly abstract and technocratic thinking, as an opportunity for our cybersecurity community to thrive.

Now, more than ever before, cybersecurity communities, should reflect and answer to some well-known cyber-related challenges:

• Trust: How to build security by default and by design to new IT solutions in order to provide trust, being the main prerequisite, for faster adaption?
• Security VS privacy: The eternal fight between security and privacy. Should individual privacy be jeopardized in the sake of public safety? How IT monitoring solutions could foster health safety while preserving individual privacy?
• Threat landscape: Moving daily operations from office or service desks to home extends the current threat landscape even more and produces new opportunities for adversaries. Respectively, advanced cybersecurity requirements are moving from office to home. How centralized and decentralized security controls could be implemented in a user-friendly and efficient manner?
• Digital skills: How the need for quick implementation of digital transformation will affect the traditional workforce and how the community can provide the means to quickly adjust to a more cyber hygiene way of doing things, especially for the elders?

Strong partnership and community building activities (e.g. joint actions, cooperation, information exchange, public-private partnerships, etc.), could provide answers and solutions. Competence building communities, like CONCORDIA, were made exactly for this…

At the end of the day, dealing with covid-19 crisis in an efficient manner could use lessons learned from dealing with cyber crises which include three major prerequisites: TRUST, COOPERATION and SOLIDARITY.

(By George Drivas, National Cyber Security Authority of Greece)

Get involved and learn more about CONCORDIA. Follow us on Twitter, LinkedIn or Facebook.