Security News > 2021 > January > Experts Weigh In on Cybersecurity Risks of Capitol-Like Attacks
In addition to the physical documents and laptops that some protesters removed from the Capitol, cybersecurity experts have raised concerns about what they may have or could have also done with the computers left inside the building.
SecurityWeek has reached out to several experts, asking them what prevention and response strategies and policies they would implement if they were in charge of cybersecurity at such an organization.
"There are quite a few situations which can force an organization's employees to leave their workplace immediately, leaving their computers unattended."
Assuming you have not lost the physical security controls and the issues are personal safety only, you should instruct employees to leave the premises immediately and let the physical security team manage the perimeter, while in coordination with law enforcement teams.
If employees cannot leave premises due to escalated physical safety situations, employees must be allowed to remain on the premises until the evacuation in coordination with law enforcement teams is possible.
"If you're concerned that your employees will have to rapidly abandon their workstations in the event of a crisis, there are steps you can take to reduce your exposure. First, consider using proximity based authentication solutions or physical tokens, where a workstation would quickly lock even if a user didn't have time to manually do it themselves. Ensure all drives are encrypted at-rest to prevent unauthorized access to stored information. Utilize remote administration and data wiping solutions that would enable you to regain control of a device in the event you could not physically access it."