Technology and information security
COVID-19 enterprise resilience checklist: We help you navigate the now, next and beyond
Cybersecurity: key considerations
Allocate cyber resources to support the business in enabling teleworking.
- Policies and procedures
- Cyber awareness training
- Cybersecurity packages to support personal and/or reconfigured laptops and tablets to support at home work
- Updated endpoint protection technology
- Revised monitoring capabilities
- Ever more vigilant vulnerability management
- Secure collaboration platforms
- Co-sourcing outsourcing key functions, third-party sourcing for staff augmentation and subject-matter expertise
Start planning for the future - continued enablement of remote working, cost control, dependence on third-party sourcing.
- Updated risk assessment
- Cybersecurity strategy and roadmap re-assessment and re-alignment
- Updated collaboration capabilities
- Aggressive analysis of moving more workloads to the cloud in view of performance benefits
- Updated patching and upgrade strategy
- Revised sourcing strategies and agreements
Operate a new normal - a transformed cyber function optimized to enable a new business reality
- Cybersecurity as a business advisor and transformation enabler
- Re-aligned cybersecurity strategy and roadmap
- Re-aligned security governance, management and operational structure
- Revised risk assessment methodology to reflect revised operational requirements
- New KPI and KRI for business stakeholders to reflect cyber performance in this new world
Technology resiliency: key considerations
Enhance your workforce solutions to deliver the right level of productivity regardless of the location, device or what business service they need:
- Validate that infrastructure technology designs and configurations are providing resiliency and sufficient aggregate throughput to sustain business operations
- Optimize the implementation and operation of unified communication and collaboration capabilities across the enterprise to foster productive collaboration among the workforce and customer
- Improve current desktop and access solutions to support a wider scope of applications and extended number of remote workforce
- Adapt your IT infrastructure solutions in a way that is tightly aligned with business and workforce criticality
Modernize infrastructure solution capabilities optimized for speed of delivery, scale, on-demand and highly connected business:
- Accelerate the cloud and infrastructure technology modernization to realize the benefits of provisioning speed and self-driving infrastructure, whether you’re operating fully on premises or hybrid
- Develop next generation software-defined network architecture intelligence and security around the zero-trust agile and adaptive model (Trust Workforce, Workplace and Workload)
- Re-evaluate your enterprise collaboration and communication strategy (voice, video and collaboration tools for remote work, office, agents and business services) to enable the organization to work smarter with greater agility across distributed and remote workforce and customers
Adopt automation and artificial Intelligence methods for IT operations (AIOps) to streamline the complexities of technologies and quickly remediate issues:
- Automate your IT infrastructure to drive provisioning speed, optimize operation cost, and gain more visibility and control to on-premises and/or multi-cloud infrastructure (e.g., provision application workload or virtual desktop, start/stop a service, stand-up a PaaS database, etc.).
- Create unified pattern-based orchestrations to take advantage of multiple automated tasks in order to execute a larger workflow or process.
- Implement AIOps combined with machine learning and big data to improve situational awareness and response, discover intent-based patterns and gain insight of applications and business relationships across hybrid infrastructure.
Business continuity and resiliency: key considerations
Focus on sustaining the right level of business operations with an immediate tactical plan for today and the next six months:
- Communicate frequently: Establish a crisis command center with clear roles and responsibilities. Provide timely and clear information to employees, customers and business partners. Leverage emergency notifications enablers to facilitate fail-safe communications
- Support compassionately: Ensure employees have the resources and support they need to stay healthy and perform critical business processes
- Prioritize thoughtfully: Prioritize business functions, workforce, third-party services and most important key customers. Improve and adopt business continuity plans and establish procedures for succession planning
- Partner externally: Integrate efforts with World Health Organization and other public and private health care institutions
Monitor and measure the effectiveness and sustainability of the current business working conditions:
- Restructure resiliency governance: Integrate key stakeholders from business functions, crisis management, continuity, technology and security services into one operating model to drive full transparency around risk and build confidence to sustain business operations
- Conduct performance testing: Regularly conduct planned and unplanned integrated business and technology stress tests to identify opportunities to improve the existing resiliency strategies and plans
- React fluidly: Monitor the event’s direct and indirect implications to employees and business operations so workarounds can be adjusted as needed
- Validate interdependencies: Track and respond to critical supplier/third-party vendor interdependencies and resiliency challenges as they present themselves
Prepare for the worst-case scenario and embed resiliency into daily business operations:
- Adopt change management: Insert the right controls into the enterprise lifecycles to maintain and coordinate changes across enterprise resiliency plans, and ensure they are fit and ready to use if and when you need them
- Innovate rapidly: Utilize a resiliency platform(s) that allows you to quickly construct and manage integrated resiliency plans, pandemic response, and crisis management and communication plans with minimal effort
- Reevaluate dynamically: Validate new and post-crisis business processes, applications and third parties through a formal business impact assessment
- Invest wisely: Integrate the enterprise resiliency strategy into your daily business operations to minimize overhead and costs
- Learn deductively: Leverage the lessons learned to adopt new ways of working and serving customers