BLOG: Cyber Security and Business Continuity – how do they work together? #BusinessContinuityWeek

• by Olivia Lawlor-Blackburn
• General

Cyber Security has always been a key feature of Business Continuity because cyber threats, incidents and attacks can have a significant impact on an organisation’s ability to maintain operations and deliver products or services to its customers. If we consider the information, we can get from the Business Continuity Institute’s annual, Horizon Scan report, we can clearly see that it has been in the top five of concerns for many years. ‘Remote working’ has risen to prominence as a result of the pandemic, which is unsurprising but many of the issues driving this are that of security.

Lack of talent or skills also features high on the list of concerns and incidents encountered. Again, this will include the pronounced and longstanding skills shortage in cyber and information security which will have sharpened the difficulty of secure remote team rollout and security management.

Another feature highlighted in the latest Horizon Scan related to supply chain resilience and third-party security. Much of the security breach we have seen in the last three years has come from compromised third parties that have gone on to infect and impact supply chains in an unprecedented way. Service level agreements on security requirements as well as audits are a key way of helping to protect your organisation from the threat that may sit in your supply chain.

So, considering cyber security, supply chain and third-party risk, is a key part of building good business continuity resilience:

Cyber-attacks can disrupt operations: A cyber-attack can cause significant disruption to an organisation’s operations, including downtime, loss of data, and financial losses. This can impact the organisation’s ability to deliver products or services to its customers and may even result in reputational damage.

Cybersecurity risks are increasing: Cybersecurity risks are increasing, with new threats emerging all the time. This means that organisations need to continually review and update their cybersecurity measures to ensure that they can protect against the latest threats.

Cybersecurity threats are not just an IT issue: Cybersecurity threats are not just an issue for the IT department; they can impact the entire organisation. This means that BC planning needs to involve all areas of the organisation, including management, employees, and third-party vendors.

Regulatory compliance: Many organisations are subject to regulatory compliance requirements that mandate certain levels of cybersecurity. Failure to meet these requirements can result in fines, legal liability, and reputational damage.

Protection of critical assets: Cybersecurity is particularly important for organisations that rely on critical assets such as intellectual property, financial information, and customer data. A breach of these assets can have significant financial and reputational consequences.

Cloud and other technologies have been leveraged extensively by most organisations, third parties are one of the leading causes of breach and security incidents. Robust cyber security and business continuity means having a firm grasp of the security capability and posture of suppliers. It also means establishing sharing agreements and ensuring onward sharing is by explicit agreement,

We have experienced consultants who can help with BC planning, testing and the cyber security and third-party security audit elements required to make your plan robust and help build our business’s resilience.

Talk to us today 0121 559 6699  |  sarah.richardson@advent-im.co.uk or visit our Business Continuity page for more information.