Recent industry surveys show that activities focused on cybersecurity events, cyber threats and cyber incident response are among the most important and fastest growing in many organizations. Their occurrence and severity can quickly bring them to the attention of the highest levels of company management. Considering the damage an organization can sustain in the aftermath of a security breach, this trend ought to be good news for business continuity and disaster recovery professionals.
Despite the optimism, it's not uncommon for cybersecurity activities to be separate from business continuity (BC) and disaster recovery (DR). Both fields may report to the same organization, such as IT, but are likely to be separate and distinct. How did this happen? Most likely, it's because cybersecurity has its own set of technology-focused activities -- protecting network perimeters, preventing theft of information and neutralizing viruses and other malware, to name a few. BC and DR, by contrast, focus more on the organization as a whole, and the people, processes, facilities and technologies that support it.
BC, DR and cybersecurity need to better complement each other. Any security breach that affects information systems is both a business continuity and disaster recovery threat. A security breach that compromises data and vital company information is also a business continuity event. Among the biggest concerns following cybersecurity events is damage to the organization's reputation. This is also a business continuity concern. The linkages among the disciplines are essential, and should be encouraged.
Cybersecurity events -- if properly mitigated -- may not be damaging enough to become business continuity events. However, both fields need to share their data and experiences so that a better all-around strategy for corporate cybersecurity and continuity can be developed. The end game for all these activities -- BC, DR and cybersecurity -- is to keep the business functioning.
If we assume that cybersecurity events are more likely to occur than business continuity events, it makes sense for the various groups to work together. This way, each group can collaborate to ensure that a cybersecurity event doesn't have a subsequent impact on business processes.
By contrast, if we look at the many different types of BC/DR events, such as power outages, severe weather, employee illness and civil disturbances -- and accept that these may be just as frequent as cybersecurity events -- it still makes sense for the groups to work together.
Will an increase in cybersecurity events have a commensurate impact on the need for business continuity and disaster recovery? If we accept that cybersecurity incidents can also be BC/DR events, we can further justify having all three disciplines within an organization.
A cybersecurity framework can improve DR planning
Video: Experts discuss cybersecurity strategies
How to respond to a cybersecurity incident