kras99 - stock.adobe.com
Where does security fit into a business continuity plan?
Cybersecurity breaches are a prominent threat to business continuity today. Make sure your security and BCDR teams are in sync to recover data in a crisis.
Business continuity plans ensure data availability and maintain operations during disasters and downtime. Downtime mitigation is a requirement for every organization, and a strong business continuity plan is key to maintain or restore operations in a crisis.
Downtime prevention, however, is more complicated than planning for traditional crisis scenarios, such as natural disasters or hardware failures. Cyber attacks are increasingly common today and can lead to data corruption and operational downtime. With the risk of downtime caused by cyber attacks in mind, a traditional business continuity plan alone is not enough to ensure data availability without a strong security component.
Security practices are typically layered approaches with steps for prevention, detection, response and recovery. Strong security practices and threat detection techniques help organizations respond to potential downtime-causing events before they create a true crisis.
It is crucial to implement security practices not only on primary data, but for remote backup and recovery sites as well. This ensures that, in the event of a disruption, the recovery data has not been compromised by a cyber attack and business continuity teams can restore operations.
Why are cyber attacks different?
Even with aggressive security practices and threat detection, disruptive cyber attacks can still occur. Alongside standard business continuity and disaster recovery (BCDR) practices, organizations must give special consideration to recovery from cyber attacks.
If data is corrupted by a ransomware attack, BCDR will look different than if the data is simply inaccessible due to downtime. While an approach such as geographically dispersing data may be effective in recovering from a natural disaster scenario, it is not enough if a malicious actor has infiltrated an organization's IT environment.
In these scenarios, recovery may need to borrow from security practices such as logical or physical air gaps of data. Data management techniques, such as data governance, can aid in understanding the value of data involved in an attack. Business continuity teams that implement data management also learn what data is critical to restore operations.
Collaboration is key
Both security and business continuity plans can be complex, with multiple layers and steps of defense. They are often handled by separate teams within an organization. However, the two areas are becoming increasingly intertwined, sharing a common goal of ensuring normal operation.
One way organizations can mend this gap is to encourage security and BCDR teams to work together more collaboratively. Together, they have a better chance to create a cohesive business continuity plan that incorporates security elements and best practices.