Today, the Department of Homeland Security-CISA released the Telework Essentials Toolkit providing organization leaders, their IT staff, and employees recommendations for a more permanent telework solution beyond what may have been implemented as a quick fix or temporary solution.
The Toolkit provides three personalized modules outlining distinctive security considerations appropriate for each role:
- Actions for executive leaders that drive cybersecurity strategy, investment and culture
- Actions for IT professionals that develop security awareness and vigilance
- Actions for teleworkers to develop their home network security awareness and vigilance
It is more important than ever that our partners like you are aware of cyber risks endemic to this new environment and are prepared with the tools to mitigate them. We encourage you to forward this notification and toolkit widely to other partners. With your support we can continue to develop a stronger, more resilient culture of cyber readiness from the c-suite to the end user.
This toolkit is available at cisa.gov/telework, a webpage CISA established as a one-stop shop for telework cybersecurity guidance for critical infrastructure, government, and citizens. Since it was launched, several new products have been added for a variety of sectors. Here are just a few of the varied resources you will find.
- DHS-CISA partners with CYBER.ORG, to focus on cybersecurity for K-12 educators and students, including a series of cyber safety videos. Located in the “Additional Telework Resources” section, the inaugural videos address video conferencing safety and how to avoid being duped by a suspicious email or phishing attack. The videos in this series are applicable to any work or business environment, not just the education audience.
- Many state and local 9-1-1 agencies shifted staff to remote working environments. Through our consistent and close collaboration with state and local governments, CISA published information to help this important first responder community manage this transition. Located in our “General Telework Guidance”, you can read about the best practices used by the Arlington County Public Safety Communications and Emergency Management.
The COVID-19 pandemic forced organizations to rapidly stand-up telework procedures. Since then, we have seen entities across industries have servers forced temporarily offline because of ransomware attacks, poorly configured remote working tools, or unpatched vulnerabilities on their networks. Not only are these attacks costly (i.e. the cost in time and energy of responding IT staff, downtime costs etc.) but the hit to customer and worker confidence and trust can be equally steep.