Business resilience is an organisation’s ability to quickly adapt to disruption while continuing to deliver on its core business. This article outlines the six steps for achieving true business resilience with cyber security at its core.
The roadmap to business resilience
To achieve true business resilience, it’s critical that there’s a cohesive relationship between both business continuity and cyber security teams.
This includes having a holistic cyber security strategy that enables organisations to be proactive, protective, and robust. By building business resilience, organisations can have the ability to anticipate cyber threats, ensuring all resources and procedures (human and systems) are in place to respond effectively, recover rapidly, and minimise the impact of the incident on the business.
Step 1: Identify your business-critical assets
To build an effective business continuity plan, an organisation must identify its most critical assets whether that’s people, processes, or technology. Identifying potential business impacts requires casting a wide net: there are potential operation risks, financial risks, legal risks, compliance risks and brand damage risks. This is typically done as part of the business continuity planning process and ultimately leads to completing a Business Impact Assessment (BIA).
Step 2: Conduct a threat assessment
The next step involves performing threat modelling to identify and assess the potential threats that could compromise your business-critical assets. While many of these threats may be non-cyber related, your key focus should be to assess the cyber-related threats which are often overlooked during business continuity planning.
Step 3: Conduct a risk assessment
Identify the risks to your assets by consolidating the outputs of the previous two steps to understand the likelihood and impact (risk = likelihood x impact).
The threat assessment determines the likelihood of a successful threat occurring and the BIA helps with identifying the impact that would result from that threat.
Incorporate the cyber-related outputs from the previous three steps. An updated business continuity plan would detail the steps required to minimise the risk of business disruption after a cyber security incident. This will allow the business to remain operational in a crisis.
As part of this step, you should also review and update your Security Incident Response (IR) Plan. The IR Plan details the steps to respond to a cyber security incident, which may involve utilising the business continuity plan in severe circumstances. In addition, the business continuity plan should recognise and define what steps must be taken in case of cyber incidents so that business resilience can be maintained.
Step 5: Test the business continuity plan and incident response plan
To ensure you are building a cyber resilient business, your business continuity plan must be tested, at least to the level of a walk through. This would require all those involved in implementing the plan to detail their responses to scenarios that present possible business continuity failures.
This plan should be owned and sanctioned at the highest levels of the organisation.
Key insightsThe group responsible for the plan should meet regularly to review any changes to the threat landscape, IT systems or business operations which may impact the plan.
For example, changes to the notifiable data breach scheme outlined earlier would significantly increase the financial risk associated with a data breach and would require an appropriate response. Use cyber security specific scenarios to simulate a crisis, test and validate each step in the business continuity plan and IR plans, and evaluate your ability to respond to and recover from a cyber related incident that impacted critical business operations.
Step 6: Revise BCP and IR process
Review the key learnings from the above steps and update the business continuity plan and IR processes.
This process should be regularly repeated with cadence to track and manage progress to improve resilience over time. Be sure to reassess your risk frequently and know the different avenues where you need to put controls in place – that includes laptops, servers, emails and network traffic.
You may end up spending a lot of time constantly reassessing, re-evaluating and checking that each area has suitable controls in place. As a result, you can assess the impact of changes in your environment and the evolving threat landscape on your resiliency.
Ease the execution process – choose the right partner
It is a huge task for any organisation to maintain good cyber security.
Continual re-assessments and re-evaluations can consume a great deal of time and security staff resources.
Using partner capabilities that help gain better visibility and behavioural analytics makes execution smooth and more accurate. Whether you are new to cyber security, have been recently affected by a cyber security event, or are looking for support with building cyber business resilience, Interactive has a team of experts ready to help – reach out and see how our experts can assist you in strengthening your business’ resilience today.
Are cyber threats putting your business’ resilience at risk?
Learn the six steps to embed cyber security posture into business continuity plans to create lasting change.