Both Worked for Security Firm Exabeam, Company Confirms
Two employees of security firm Exabeam who attended the recent RSA 2020 conference in San Francisco have tested posted for COVID-19, according a statement the company posted on Twitter Tuesday.
The RSA Conference released its own statement about the conference, which took place Feb. 24 to 28 at the Moscone Center, noting that it’s not clear at this time whether the two contracted COVID-19 at the show or at some other point before or after the event.
“To date, no official governing body has communicated with RSA Conference that these individuals had symptoms at the RSA Conference event or attended during the COVID-19 incubation period,” according to the conference statement. “We are in contact with the relevant health authorities to provide them with the necessary information to complete their investigation and are following their guidance on how to proceed.”
In its Twitter statement, Exabeam notes that the two employees were at the company’s booth in the exhibition hall and that other attendees who visited that booth should monitor their health for flu-like symptoms.
We recently learned and are saddened to share that two of our employees have tested positive for Coronavirus (COVID-19). Please be vigilant in monitoring yourself for symptoms and following guidelines to prevent possible infection. Our thoughts are with our colleagues. pic.twitter.com/fp0KxiFr5G
— Exabeam (@exabeam) March 10, 2020
An Exabeam spokesperson tells Information Security Media Group that in addition to monitoring the two employees and their health, the company has instituted a work-from-home policy for its employees in Foster City, California, and Atlanta.
As of Wednesday morning, the novel coronavirus had led to the deaths of over 4,200 and infected more than 119,000 worldwide, according to a research team at Johns Hopkins University. U.S. cases have passed 1,000.
Many organizations – including technology giants Apple and Google – are asking staff to work from home. Experts are also urging companies to seriously re-examine their business continuity plans in light of the global crisis.
Pandemic expert Regina Phelps, founder of Emergency Management & Safety Solutions, is warning organizations to be prepared for “the long haul” – a sustained health crisis that she believes could extend for as long as 12 months, potentially impacting everything from global supply chains and regional economies to individual organizations’ work-at-home practices.
Tech Impact of COVID-19
While the RSA Conference and Exabeam did not release any details about the two attendees who tested positive for COVID-19, Bloomberg reported that one is a 45-year old engineer from Connecticut, while the other employee works in the company’s Foster City office.
The wife of the Connecticut man, who was not named in the article, told Bloomberg that her husband began experiencing symptoms when he returned from the show on Feb. 28 and that he went into respiratory distress on March 6. He is currently in “guarded condition” at a hospital, according to Bloomberg, which added that the man is pre-disposed to pneumonia due to a heart condition.
The RSA 2020 conference went ahead as planned last month, although 14 exhibitors, including IBM, AT&T and Verizon, decided not to exhibit. Show organizers noted that about 1.2 percent of attendees had cancelled their reservations in advance (see: IBM Exits RSA Conference 2020 Over Coronavirus Worries).
In an email sent Tuesday, the RSA Conference noted it had about 36,000 attendees at the show this year. In 2019, the conference attracted more than 42,000 attendees.
While initial COVID-19 infections appeared to be highly localized in China, by the time of RSA 2020 began in February, concerns had already led to the cancellation of Mobile World Congress in Barcelona, which was scheduled to happen at the same. In addition, the HIMSS20 Conference, slated for March 9-13, which expected about 45,000 attendees in Orlando, was also cancelled. And other events, such as Game Developer Conference and Google Cloud Next, have also been cancelled, along events planned by Facebook and other tech companies.
On Tuesday, as word spread about the two conference attendees, some security watchers posted maps of the RSA Conference showroom floor on Twitter to show where the Exabeam booth was located in comparison to other exhibits.
Nearby vendors may want to be proactive… pic.twitter.com/dQwnPa4Jyp
— Sounil Yu (@sounilyu) March 10, 2020
The effects of COVID-19 are now global, with new cases spreading across the U.S. and Western Europe, which are now having significant impact on the world economy, including tech and cybersecurity stocks, which sustained a significant drop on Monday before bouncing back on Tuesday (see: Cybersecurity Sector Faces Reckoning After Coronavirus Hits).
Meanwhile, cybercriminals are sending more phishing emails using this worldwide health emergency as a lure, according to several security research reports released over the last week. There have been specific phishing campaigns using spoofed messages and websites that appear to originate with the U.S. Center for Disease Control and the World Health Organization (see: Coronavirus Fears Lead to New Wave of Phishing, Malware).
Healthcare Telework Guidance
Many healthcare organizations, which have employees on the frontlines dealing with sick patients, are encouraging some nonclinical workers, such as those in corporate and administrative positions, to consider working at home.
On Monday, the Healthcare and Public Health Sector Coordinating Council released guidance for healthcare sector entities to manage teleworking strategies during the COVID-19 response.
“While teleworking has become a routine way of doing business in many industry sectors and government, teleworking during wide-scale public emergencies, such as what we are experiencing with the emergence of the COVID-19 virus, introduces significant management, technology and bandwidth challenges to ensuring uninterrupted and efficient workflow and provision of healthcare services to the public,” said Mark Jarrett, M.D, a member of the council and chief quality officer and associate chief medical officer for Northwell Health in New York.
The telework guidance encourages healthcare sector entities to consider a number of recommendations, including multiconnectivity options for key personnel supporting security, network and telephone operations.
Managing Editor Scott Ferguson and Executive Editor Marianne Kolbasuk McGee contributed to this report.