Cybersecurity Series
Cyber Security_Blog_with Book

BCM & CIR Concepts: Related BCM Concepts to Cyber Security

This is an introductory chapter discussing cyber security from a BCM perspective.

Due to frequent cyber security attacks, cyber security has become a topic of concern for many organizations.

As such, organizations are wary of the cyber landscape due to the uncertainty over whether they have a sufficiently comprehensive program to tackle today's cyber security threats.

Chapter 2 Cyber Security, BCM and Relevant Concepts  2.6 BCM Concepts to Cyber Security

Moh Heng Goh

Banner 1 CIR BCM and Cybersecurity What is the Relationship?

BCM & CIR Concepts

BCM Concepts to Cyber Security

Cyber security (as shown in Figure 2-1) must be related to the other concepts of business continuity management: business continuity, crisis management, crisis communication, and IT disaster recovery.

Figure 2-1 Relationship Between the Related BCM Concepts to Cyber Security

Figure 2-1: Relationship Between the Related BCM Concepts to Cyber Security

1. IT Disaster Recovery

A closely related concept to BCM and cyber security, as shown in Figure 2-1, IT Disaster Recovery (IT DR) plans (21st C.S, 2010) tend to encompass an organization's technology infrastructure. In the internet age, more and more organizations – even the older ones- are relying on modern technologies (B.S, 2014) to carry out their day-to-day operations. However, these conveniences come with cyber security threats to match.

Therefore, during the Business Impact Analysis (BIA) phase of the BCM planning process, it is essential to identify all the technological infrastructures necessary (CMI Staff Writer, 2004) to carry out CBFs.


Should the IT infrastructures be attacked, compromised, or disrupted, the CBFs reliant on them will be unable to work, potentially jeopardizing the continued operations of the entire organization. Hence, integration of IT DR to BCM at an early stage is crucial. Additionally, teamwork, communication, and coordination between different recovery teams are necessary for a swift and successful response. The exchange of information, even before an actual incident occurs, is ideal. Team managers should know the roles and responsibilities of the other teams so that mutual procedures can be considered and integrated into the event of a disruption.


Related IT DR terms, when presenting the relationship in Figure 2-2 (below), include the IT Disaster Recovery (DR) Team.

2. Crisis Management

Crisis Management (CM) (CMI Staff Writer, 2004) encompasses the steps taken by an organization when tackling a significant critical incident. Any incident that results in the loss of the organization's financial value in the market, be it by reputation or damages, is considered a crisis by the organization. A plan and a properly trained team should be established beforehand so that procedures are already in place and a strong team can execute them.

Related CM terms when presenting the relationship in Figure 2-3, include Crisis Management Team, Damage Assessment (DA) Team, and Emergency Response (ER) Team.

3. Crisis Communication

Crisis Communications (CC) (CMI Staff Writer, 2004) encompasses how an organization protects itself via internal and external communication to the relevant parties about the details of the crisis and what they are doing to resolve the situation. Some of the appropriate parties that the organization has to address include:

  • Employees
  • Shareholders
  • Media
  • Customers
  • Suppliers
  • General public

Related CC terms when presenting the relationship in Figures 2-1 and 2-3 include Crisis Communication Team.



 

BCM Team Key Cyber Security Concepts Related BCM and CIR Concepts Characteristics of Relevant Concepts Back To: BCM & CIR Concepts

 

Back To_Cybersecurity and BCM Concepts

 

    IC_CIR_Cybersecurity and BCM Concepts

 

 


BCMI Logo

Do You Want to Continue BCM Training onsite or online?

Competency-based Course
Certification Course
New call-to-action New call-to-action [BL-3-Catalog] What Specialist Level Blended Learning Courses that are Available? [BL-5-Catalog] What Expert Level Blended Learning Courses that are Available?

A Manager’s Guide to BCM for Cybersecurity Incident Response

Goh, M. H. (2017). A Manager's Guide to Business Continuity Management for Cyber Security Incidents, 2nd Edition. GMH Pte Ltd.

Reference: Chapter 2 Cyber Security, BCM and Relevant Concepts  2.6 BCM Concepts to Cyber Security

Note: This version was the draft 2nd Edition being updated in 2022. The numeric in the square bracket [X-X] cross-refers to the actual chapter and section in the 1st Edition.

 

Comments:

 

More Posts

New Call-to-action