Business Continuity Management and Cybersecurity Incident Response Series
BB Cybersecurity_12

BCM & CIR Concepts: Overview

This is an introductory chapter discussing cyber security from a BCM perspective.

Due to frequent cyber security attacks, cyber security has become a topic of concern for many organizations.

As such, organizations are wary of the cyber landscape due to the uncertainty over whether they have a sufficiently comprehensive program to tackle today's cyber security threats.

Reference: Chapter 2 Cyber Security, BCM and Relevant Concepts 2.1 Purpose

Moh Heng Goh

Banner 1 CIR BCM and Cybersecurity What is the Relationship?

BCM & CIR Concepts

Overview of CIR Concepts in Cyber Security

New call-to-action1. Purpose

This is an introductory chapter discussing cyber security from a BCM perspective. Due to frequent cyber security attacks, cyber security has become a concern for many organizations. As such, organizations are wary of the cyber landscape because they are uncertain whether they have a sufficiently comprehensive program to tackle today's cyber security threats.

Furthermore, as many organizations utilize technological infrastructures to perform their daily operations, the threat of cyber security attacks causing disruptions is a significant concern. Thus, the existence of a BCM program and how it can operate before and during a cyber security attack become critical. Most importantly, the BCM team must work cohesively with the cyber security team.

When discussing BCM and cyber security, related concepts like IT Disaster Recovery, Crisis Management, and Crisis Communication will inevitably come into play. These concepts are related in certain aspects, and organizations must determine if multiple plans must be activated simultaneously when business is disrupted. In addition, it highlights the composition of the committees and teams to be set up. For experienced practitioners, bear with this elementary explanation of the concepts.

2. Recent Cyber Security Trends

The evolving threat landscape, characterized by increasingly sophisticated and frequent cyberattacks, demands a more strategic approach to business continuity management (BCM). As cyber incidents target IT infrastructure, data, and applications, organizations must prioritize system recovery to ensure critical functions resume swiftly.

The human element remains a critical factor in cybersecurity. Enhancing employee awareness and training is crucial to prevent attacks and minimize their impact. By fostering a culture of cybersecurity, organizations can significantly reduce the risk of breaches.

To effectively manage business continuity in today's threat landscape, organizations must integrate cybersecurity into their BCM strategies. This includes conducting regular cyber risk assessments, developing incident response plans, and establishing strong data protection measures. By proactively addressing these challenges, businesses can build resilience and safeguard their operations from disruptions.

Moreover, collaboration between IT, security, and business continuity teams is paramount. A unified approach ensures everyone understands their role in protecting the organization and responding to incidents effectively.

3. Cyber Security

Back to fundamentals, one primary principle behind cyber security is to ensure that information relevant to an organization stored in cyberspace is preserved regarding confidentiality, integrity, and availability, or CIA for short. To expand on each point, the CIA stands for:

  • Confidentiality (C) of information means data within an organization can be categorized based on their information regarding who can access them. Specific information can only be accessed by personnel of high authority;
  • Integrity (I) of information means that information accessed by the respective personnel is not tampered with and
  • Availability (A) of information means that information can be accessed anywhere at any time when required.

The recent cyber security attacks via Ransomware are an example of the CIA being compromised by organizations.

Related Topics for BCM and CIR Concepts

 

Overview BCM Team Key Concepts Characteristics Back To: CIR Concepts
New call-to-action New call-to-action New call-to-action New call-to-action New call-to-action

 


 

A Manager’s Guide to BCM for Cybersecurity Incident Response

Goh, M. H. (2017). A Manager's Guide to Business Continuity Management for Cyber Security Incidents, 2nd Edition. GMH Pte Ltd.

Reference: Chapter 2 Cyber Security, BCM and Relevant Concepts 2.1 Purpose

Note: This version was the draft 2nd Edition, which will be updated in 2025. The numeric in the square bracket [X-X] refers to the actual chapter and section in the 1st Edition.

 

View Our Course Catalog

  [BL-3-Catalog] What Specialist Level Blended Learning Courses that are Available? [BL-5-Catalog] What Expert Level Blended Learning Courses that are Available?  

Talk to Us by Registering Your Interest via the Tell-Me-More buttons below

 

Business Continuity Management Crisis Management Crisis Communication IT Disaster Recovery ISO22301 BCMS Auditor Operational Resilience Operational Resilience Audit
New call-to-action New call-to-action New call-to-action New call-to-action Tell Me More About BCM- 8030 BL-OR-3_Tell Me More Tell Me More About BCM- 8030
BCM-300 CM-300 CC-300 DRP-300 BCM-8030 OR-300 ORA-300
New call-to-action New call-to-action New call-to-action New call-to-action TMM [BL-A-5] BL-OR-5_Tell Me More New call-to-action
BCM-5000 CM-5000 CC-5000 DRP-5000 BCM-8530 OR-5000 ORA-5000

Contact us today:

 

 

Comments:

 

More Posts

New Call-to-action