Enterprise Director of Business Continuity Management,
So you’ve put all of your protections, walls, rules and scanners in place. Whew! But then…a zero-day exploit finds you anyway and your company gets hacked. Attackers get into your network, disrupt your services, compromise your client PII or publicize internal emails. Now what?
Sony was hacked and went from being a highly respected company to a subject of media ridicule for their handling of a cyber-attack. Target was hacked, suffered a massive hit to client confidence that could have long-term impact and lost millions in sales. In both cases, executives lost their jobs for the way they handled the crisis.
That’s where Business Continuity Management (BCM) comes into play. You’ve likely heard the terms “crisis management,” “disaster recovery,” and “business continuity plan.” That’s good, because those are the plans that will help you get back up and running. They all work to respond to a crisis and are all vital to your business’s ability to weather a storm, whether it’s a cyber-storm, network interruption or a real hurricane.
What Are the Major Things You Need To Consider for Cyber BCM?
Step 1 for a Crisis Event: Immediate and Appropriate Response
Step 2 for a Crisis Event: Restoring Services and Confidence
- Disaster recovery generally refers to technical plans in place to bring your network and systems back online after a crisis. Your plan should include:
- Documentation on how to restore mission critical network and cloud based IP apps, data and systems
- Failover, network diversity and back-up protection
- Vendors on call to expedite network service, system restoration and hardware replacement
- Teams of employees ready to respond as needed
- Business continuity is your plan for getting back to normal. How are you going to catch up on work? How are you going to process missed orders? How will you get lost information such as big data, client records etc. replaced and build back client goodwill?
The details of building out all of these plans and programs are more than can be covered in one blog post, but all of them should be part of your overall business risk management program.
Rachelle Loyear leads business continuity planning, testing, training and logistics for Spectrum Enterprise. With eight years of experience in security, business continuity planning and crisis management, Rachelle is a certified MBCP though DRI and PMP through PMI, and an Associate Fellow of the Business Continuity Institute.