LATEST CYBER SECURITY NEWS AND VIEWS

Home > News > Coronavirus Update

Latest news

Coronavirus Update

Posted on

Prism Infosec would like to provide an update to our clients on our continued capacity to deliver cyber security services. Information security responsibilities should not stop in the event of a pandemic, indeed there is clear evidence of cybercriminals looking to exploit this further (see: https://www.ncsc.gov.uk/news/cyber-experts-step-criminals-exploit-coronavirus).

Our ISO27001:2013 Information Security Management System makes full provision for business continuity planning, which focusses primarily on asking our consultants to work from home in the event that we must close our offices. All consultants can access our testing servers and data securely in the same manner as if working from one of our offices.  

Clearly, we offer a mix of remote testing and consulting services which we envisage will not be affected by the Coronavirus as we have enough resource internally, whilst being geographically diverse, to be able to deliver these services. As such, we believe it is unlikely that all of consultants will become affected at the same time – particularly given we have closed our offices.

There are a number of services that we offer that usually require our consultants to come onto site, however given the unprecedented situation these can be delivered in other ways to ensure continuity of testing: –

·         Internal Penetration Testing – Prism Infosec can conduct this over a client VPN, or ship a small appliance to a client premises to allow us to gain access either via the client’s Internet channel or a separate communications mechanism

·         Internal Consulting – this can be delivered using video conferencing and screen sharing using any collaboration tools that are supported by our clients

·         Cyber Essentials Plus – IASME has published the following guidance: there is no change to the existing requirements. Assessors are already not obliged to visit client offices if the client can give the assessor suitable remote access to carry out the tests. This would likely involve VPN access and remote desktop access to carry out the internal tests. If you use this method, there is no need to notify IASME about the remote audit.

·         PCI QSA / SAQ Support – the PCI Security Standards Council (PCI SSC) has published guidance on the issue of remote audits during this time – for further details see: https://blog.pcisecuritystandards.org/remote-assessments-and-the-coronavirus

Prism Infosec  are fully committed to protecting customers, employees and the public as a whole and as such will be complying with guidance and restrictions announced by the government, which may involve late changes.

If we can help further or you’d like to discuss any specific concerns regarding service delivery or indeed maintaining cyber security during the pandemic please don’t hesitate to get in touch with the team at Prism Infosec.

FILTER RESULTS

Latest tweets

Phil Robinson, Principal Consultant at @prisminfosec, details how addressing cyber maturity can improve a business’ cybersecurity strategy.
#CyberMaturity #Cybersecurity

Click the link below to discover more⬇️

Congratulations to the following companies who are now certified to #CyberEssentials via our great Certification Bodies: Atlantic Limited via @prisminfosec and Ashbrook Research & Consultancy Ltd via @sericsystems

Sign up to our newsletter

  • Fields marked with an * are mandatory

  • This field is for validation purposes and should be left unchanged.