What Your Business Continuity And Cybersecurity Teams Can Learn From Each Other
Posted March 2, 2023 by Sayers
In the evolving world of threats and interruptions to your business, two teams are finding common threads that can help each other improve and prevail: Business Continuity and Cybersecurity.
Business Continuity Planning has to prepare for today’s known disruptions and anticipate tomorrow’s emerging threats. From natural disasters to technology failures, BC teams work to recover quickly when disruptive events happen.
As cyberattacks continue to increase globally, Cybersecurity has a growing impact on Business Continuity Planning. In turn, BC planning can help identify the cyber risks most likely to affect your business as well as how to prevent or mitigate them.
Kevin Finch, Senior Business Continuity Architect at Sayers, says:
“Business Continuity and Cybersecurity both look at the whole business, identifying areas of interruption and weakness. Both disciplines have something to offer each other, including specific skill sets and techniques that can help improve the other.”
Business Continuity And Cybersecurity Begin To Align Under Security C-Suite
According to BC Management’s BC Trends 2022 Report, 10% of Business Continuity Programs now report up through the Chief Information Security Officer or Chief Security Officer.
We’ll keep watching to see if this organizational alignment is a growing trend, but it makes sense given CISOs are already dealing with ransomware preparations and increased scrutiny from regulators and shareholders.
“There’s a lot of harmony that can be had from having both disciplines working toward similar goals and identifying where your potential sources of interruption might be,” Finch says.
Cybersecurity Best Practices To Improve Business Continuity
Maybe you’re taking over an existing BC program, or you’re starting a Business Continuity Program from scratch. Either way, you can apply Cybersecurity Practices such as these to enhance your Business Continuity Management:
Use detection systems for business interruptions.
Intrusion Detection Systems are commonplace in Cybersecurity. They can monitor for irregular activities, look for paths of entry and attack, ensure the integrity of remote access, and detect performance impacts sooner rather than later.
“These are the kinds of things that can absolutely improve the quality of your Business Continuity program,” Finch says. “Shine the light on things that Cybersecurity is already doing. Look at it through the lens of Business Continuity so you can make better plans and better prepare your people in the event one of these kinds of interruptions occurs.”
Perform post-incident forensics and analytics.
After security incidents, Cybersecurity Teams work extensively to determine the entire extent of what happened and why. They perform root-cause analysis, map out the full scope of the incident, and detail the actual costs to the business. Cybersecurity Teams also look at impacts to both internal and external stakeholders, and they take preventive steps so it won’t happen again.
Business Continuity Teams, having focused on preparing for a range of possible disruptions and keeping critical operations functioning, traditionally haven’t done as much post-incident analysis as Cybersecurity. Finch says:
“Business Continuity Practitioners who have the leeway to do extensive root-cause analysis and some true prevention following a business interruption could drastically improve their program quality and business resiliency. It’s not enough to do an after-action report and say, ‘Phew! Let’s hope that never happens again.’”
Business Continuity Disciplines That Can Improve Cybersecurity
Business Continuity Plans can come into play during a Cybersecurity Event, depending on the degree of impact to business operations. Consider applying Business Continuity Management approaches like the following to help your Cybersecurity Teams better protect your organization:
Establish regular tabletop exercises.
Central to a Business Continuity Plan are discussion-based tabletop exercises, where team members talk-through their responses and roles in a specific emergency or disaster scenario.
Cybersecurity Teams can benefit from such exercises as well, since regularly held tabletop exercises:
- Get management involved in response planning
- Bring people together from disparate parts of the business to collaborate on how to respond to an incident
- Force teams to look at response plans holistically
- Expose gaps in plan coverage and reveal where plans are vague or unclear
- Provide feedback on how to improve plans and your planning process.
Bring Business Continuity’s disciplined approach into Cybersecurity.
Business Continuity Management takes a regimented approach by incorporating a series of best practices such as Business Impact Analysis, annual plan testing, and defined membership and roles of response teams.
Additional BCM practices include documenting internal and external stakeholders, communicating corporate policies that define the program to all staff, and conducting an annual review and update of plans.
“Using these BCM-style, process-oriented disciplines in Cybersecurity will help improve the quality of your Cybersecurity Program,” says Finch. He adds:
“There’s value in taking some Business Continuity Practices, applying them to Cybersecurity, and vice versa so both groups can benefit. And if your CISO is now in charge of both teams, that’s a great opportunity to do that sharing of knowledge.”
Questions? Contact us at Sayers today. We offer Business Continuity Workshops, Assessments, and Extensive Security Solutions to cover all areas of your business.