Business Continuity Management and Cybersecurity Incident Response Series
ITDR Cybersecurity_Test  4

BCM & CIR Concepts: Key Concepts in Cyber Security

This is an introductory chapter to the key concepts in cyber security incident response.

Reference: Chapter 2 Cyber Security, BCM and Relevant Concepts 2.5 Key Concepts in Cyber Security

Moh Heng Goh

Banner 1 CIR BCM and Cybersecurity What is the Relationship?

BCM & CIR Concepts

Key Concepts in Cyber Security

New call-to-actionCyber Criminal

A cybercriminal uses computers, mobile devices, or the network to conduct malicious activities, targeting the organization's information assets.

The sophistication of the malware deployed depends on the cybercriminal's motive.

Cyber Security Threats

Dangers that exploit vulnerabilities to harm organizations are considered threats. Cyber security threats are dangers that specifically harm the organization's technological infrastructure.

These infrastructures include Applications, Software, Hardware, and networks. This terminology can be used interchangeably with cyber threats.

Cyber Security Attack

Attempts by adversaries to harm an organization's technological infrastructure are classified as cyber security attacks. This terminology can be used interchangeably with a cyber attack.

Incident Response

Incident responses are activities and procedures an organization performs to manage an incident and minimize its impacts.

These actions are developed during peaceful times and executed based on the classification of threats that the organization faces.

Cyber Security Incident Response (CIR)

Having described “incident response”, Cyber Security Incident Response or CIR involves the preparation of measures to, in the best case scenario, prevent organizations from being attacked by cyber security threats or to respond to a cyber security attack effectively. Regardless of the identified cyber security threats, an organization aims to ensure that appropriate CIR is used to deal with them and to reduce the impacts suffered.

Preparation must ensure the cyber security policies and procedures are tailored to the organization and that the cyber security incident can be swiftly and effectively resolved. Many organizations are susceptible to cyber security attacks due to sophisticated attacks; having a CIR plan reduces chaos experienced during a cyber security incident and, thus, the recovery times and costs.

Relationship between BCM and Cyber Security

The primary focus for business continuity is to ensure the resumption of the CBFs. If critical IT services are attacked, the IT software, data, and infrastructure must remain available to carry out the CBFs that rely on them.

Cyber security professionals must work hand in hand with their business continuity counterparts. For example, critical transactions and customer engagement cannot be performed if a cyber security threat has compromised an organisation's network. As the business functions of multiple departments are affected by such an attack, departments of the same organization must come together and pool their combined efforts to resolve the issue affecting business operations.

Additionally, organizations can no longer afford to assume that cybersecurity issues are solely the purview of the IT department. While the IT department is responsible for recovery efforts, the cooperation of other departments will ensure that recovery times are shorter, avoiding potentially more significant impacts that could be suffered by the organization with a more extended disruption period.

One suggestion is to have two separate plans: one solely for business continuity, the other for cyber security. The two plans can be combined during relevant scenarios to tackle the threat. One example is access control. Different levelled employees have access to varying degrees of information. An intern will not be privy to compassionate details, while a front-line manager may not have the whole picture. Regardless of the level of information, the critical ones have to be identified, and recovery procedures for this crucial information have to be prepared.

Related Topics for BCM and CIR Concepts

Overview BCM Team Key Concepts Characteristics Back To: CIR Concepts
New call-to-action New call-to-action New call-to-action New call-to-action New call-to-action

 


 

A Manager’s Guide to BCM for Cybersecurity Incident Response

Goh, M. H. (2017). A Manager's Guide to Business Continuity Management for Cyber Security Incidents, 2nd Edition. GMH Pte Ltd.

Reference: Chapter 2 Cyber Security, BCM and Relevant Concepts 2.5 Key Concepts in Cyber Security

Note:  This version was the draft 2nd Edition being updated in 2022. The numeric in the square bracket [X-X] cross-refers to the actual chapter and section in the 1st Edition.

 

View Our Course Catalog

  [BL-3-Catalog] What Specialist Level Blended Learning Courses that are Available? [BL-5-Catalog] What Expert Level Blended Learning Courses that are Available?  

Talk to Us by Registering Your Interest via the Tell-Me-More buttons below

Business Continuity Management Crisis Management Crisis Communication IT Disaster Recovery ISO22301 BCMS Auditor Operational Resilience Operational Resilience Audit
New call-to-action New call-to-action New call-to-action New call-to-action Tell Me More About BCM- 8030 BL-OR-3_Tell Me More Tell Me More About BCM- 8030
BCM-300 CM-300 CC-300 DRP-300 BCM-8030 OR-300 ORA-300
New call-to-action New call-to-action New call-to-action New call-to-action TMM [BL-A-5] BL-OR-5_Tell Me More New call-to-action
BCM-5000 CM-5000 CC-5000 DRP-5000 BCM-8530 OR-5000 ORA-5000

 

Comments:

 

More Posts

New Call-to-action