Remote Work in an Age of COVID-19: Threat Modeling the Risks
A lot of Engineers that I know are very passionate about enterprise architecture and applied threat modeling. Here's some of that great work coming out of Mandiant. Several threat scenarios are presented that examine how common enterprise controls are being by-passed today.
Out of curiosity, looked for any formal standards or compliance for 'Work From Home'. Finding nothing but some nice guidance papers and general conversation on the topic, I see nothing exceptional or really standards built from organizations like the NIST or other usual players associated with such.
Sounds like an opportunity to explore an open standard for such. We already have and practice good working standards but haven't seen anyone really apply these lessons learned from the pandemic yet. Mandiant has a good start but we need more than just one or two voices here.