Cybersecurity Is a Pillar of Your Business Continuity Program
Recently, I was in Washington DC meeting with one of our larger clients when we were asked “what role does cybersecurity play with business continuity?” It’s a question Preparis gets asked more and more frequently, and it’s a really important one.
Business resiliency and compliance programs exist within organizations to protect people, operations, revenue, and brand from threats and disruptions. Threats can take many forms, such as natural disasters, unexpected IT failures, pandemics, workplace violence, and cyber-attacks. While each specific threat may be different in flavor, a business can keep it simple by creating one enterprise program that supports key business functions and employees regardless of the type of disruption.
In working with our clients who have experienced thousands of threats globally, we’ve seen many cases of incidents involving multiple threats at once. For example, during Superstorm Sandy, many businesses had to manage through a natural disaster that also caused massive IT outages and displaced employees. Getting networks back up and helping employees get back to work involved multiple departments—IT, HR, Finance, Operations, Facilities, and Customer Relations—to all work off of the same cohesive playbook.
When a cyber-attack occurs, these multiple departments must work seamlessly together. IT will be focused on triaging the issue, while all other areas of the organization must quickly focus on communicating with employees, working with the authorities, building trust with customers, ensuring operational uptime, and providing customer service. If your cybersecurity plan only focuses on IT, the ramifications will be severe.
The winning play incorporates a cybersecurity plan within your business continuity program. They share many of the same components of success: identified roles and responsibilities, threat assessments, and response protocols, for example. Include cybersecurity in your overall incident management plan, business continuity plan, crisis team training, employee training, emergency notifications capability, and other aspects of your program. Conduct tabletop exercises that always include an information security component so you can practice department-wide collaboration.
A “one team, one dream” approach to business continuity and cybersecurity will ensure your resiliency playbook wins every time.
To learn more about how cybersecurity can be a pillar within your company’s business continuity program, register for part 2 of the Business Continuity Topics & Trends for Financial Services webinar series, Cybersecurity & Disaster Recovery. Join Preparis CEO Armistead Whitney and information technology expert Mark McKinney on Thursday, October 22nd, at 2pm as they discuss key things you should be doing to mitigate risks.