The new normal in this digital age is the increasing frequency of IT risks and threats, and the relentless, ever-changing IT regulatory landscape. Incidents often begin small but they can upsurge into crises with widespread business and reputational implications.
Chief Information Security Officers (CISOs), Chief Information Officers (CIOs) and business continuity management (BCM) leaders are responsible for protecting their organisations while maintaining enterprise compliance. Furthermore, as core business processes
go digital, robust continuity and crisis management plans are necessary to ensure that system downtime is minimised. In order to respond best to an incident a business should follow a well-coordinated strategic and tactical plan.
The strategic plan
- Involve leadership teams from the start
Both BCM programme managers and CISOs must have periodic status updates on the business and IT impact of an event. Leadership will respond faster and more efficiently if they help devise appropriate continuity strategies, show involvement in the process,
are accountable during emergency procedure drills, and ensure that recovery plans are triggered alongside the continuity plan. They also must ensure that the continuity team has a process to respond to, and recover from, unpreventable events.
- Deploy a cloud-based business continuity programme
A cloud service ensures that a company’s critical data, applications, and business continuity and disaster recovery (BC/DR) processes are secure on off-site servers. During a disaster, using cloud helps the enterprise to quickly ramp up its systems, deploy
the BC/DR applications, and size up and down based on demand. In addition, organisations can significantly lower their spending with cloud-based BC/DR when compared to redundant hardware and data storage hosted in remote facilities.
In an age where a few minutes of down time can translate into a revenue loss of hundreds of thousands of dollars, cloud-based business continuity ensures interruption-free data flow for maximum productivity.
- Align business continuity and cybersecurity responses
In order to protect a business against evolving cyber threats, streamlined cyber-resilience programmes must be part of the business continuity planning process. Organisations benefit when continuity plans address factors, such as the systems and applications
that secure the enterprise’s cybersecurity perimeter, and the processes related to critical technologies that can be disrupted in case of an event. Moreover, these measures work better when they are a proactive ongoing process rather than using checklists.
- Develop a supply chain business continuity framework
A BCM programme should be accountable for continuity planning across the supply chain by anticipating unexpected and disruptive environmental, political, and financial events.
Deloitte’s global survey –
Third-party governance and risk management – states that 87% of respondents encountered a third-party disruption in the last 36 months, which led to critical data loss or impeded product or service delivery. Indeed, managing, monitoring and having clear
visibility into third-party continuity risks is imperative to executing successful continuity strategies.
The tactical plan:
- Post-incident learnings
After an incident has been remediated, stronger security measures need to be imposed to combat evolving threats and vulnerabilities. Those in charge should take responsibility for changing the existing IT security policies or enhancing advance strategies
to mitigate risks effectively. Improvements could include regularly updating the documentation on the continuity programme.
- Relate cyber risk management to continuity plans
Cybersecurity risk management is a key catalyst to effective business continuity planning and execution. By developing, implementing, and testing risk management strategies, businesses can be more resilient and withstand unexpected threats. Businesses should
identify the “crown jewel” information assets, perform risk assessments in the continuity risk management process, and identify operational controls gaps. Thus, enterprises can develop tactics to achieve continuity and recovery in case of emergency.
- Devise an effective crisis communication plan
Leadership and crisis management teams should be prepared for disruptions including cyberattacks, data breaches, security incidents, and IT systems failures. Emergency notifications need to be communicated through effective alerts to employees and other
stakeholders. The recipient should be able to clearly understand the information and the required follow up actions. Moreover, the crisis team should prepare to control social media to avoid any reputational impact from external visibility.
- Include business impact analysis (BIA) as core to the cyber risk management process
The BIA process should be included in cyber risk from planning to execution and include identifying the most critical functions or applications and cyber-related disaster scenarios and evaluating the effect. The teams should also analyse the impact on financial
stability, third-parties, employees, and downstream and upstream processes.
In short, a robust and streamlined approach to plan for cyberattacks as an integral part of the business continuity blueprint should include identifying key roles and responsibilities, developing response protocols, cyber risk assessments, crisis team training,
emergency notifications capabilities, and proactive incident response. A unified approach enables companies to deter the impact of likely disruptions with faster responses to cyber incidents, as well as quicker recovery.