CPNI have produced high level guidance on good personnel security practices during the impact of a national/global pandemic, such as the COVID-19 virus, where usual security practices are either suspended or changed to reflect different working patterns, either on a temporary or permanent basis.
As part of managing the Coronavirus (COVID-19) situation, security personnel will need to understand the security risks to their organisation and staff. This guidance on the Managing security risks throughout COVID-19 webpage provides steps to take when managing these risks.
For specific guidance on the COVID-19 pandemic please visit: https://www.gov.uk/coronavirus
Where usual security practices are either suspended or changed to reflect different working patterns and where security staff resource is limited, it is important to take a strategic view of security risks and priorities.
During COVID-19, poor employment screening processes could enable an insider to recognise the value in being able to access sensitive information or equipment. Having a strong security culture will act as a deterrent to insider activity by ensuring the workforce have a good understanding of security awareness, and ensure they understand how to report concerns where they notice behaviour of concern.
CPNI have produced guidance which is designed to make interviewers aware of tried and tested best practice, as well as recommendations from latest academic research.
This document provides advice on the key Personnel Security considerations for remote working during the second wave of COVID-19.
The National Cyber Security Centre (NCSC) have produced guidance which recommends steps to take if your organisation is introducing (or scaling up the amount of) home working and provides some tips on how individuals can spot the typical signs of phishing emails.