Cyber Security

BCM & CIR Concepts: Related BCM Concepts to Cyber Security

Written by Moh Heng Goh | Nov 25, 2022 12:23:26 PM

BCM & CIR Concepts

BCM Concepts to Cyber Security

Cyber security (as shown in Figure 2-1) must be related to the other concepts of business continuity management: business continuity, crisis management, crisis communication, and IT disaster recovery.

Figure 2-1: Relationship Between the Related BCM Concepts to Cyber Security

1. IT Disaster Recovery

A closely related concept to BCM and cyber security, as shown in Figure 2-1, IT Disaster Recovery (IT DR) plans (21st C.S, 2010) tend to encompass an organization's technology infrastructure. In the internet age, more and more organizations – even the older ones- are relying on modern technologies (B.S, 2014) to carry out their day-to-day operations. However, these conveniences come with cyber security threats to match.

Therefore, during the Business Impact Analysis (BIA) phase of the BCM planning process, it is essential to identify all the technological infrastructures necessary (CMI Staff Writer, 2004) to carry out CBFs.


Should the IT infrastructures be attacked, compromised, or disrupted, the CBFs reliant on them will be unable to work, potentially jeopardizing the continued operations of the entire organization. Hence, integration of IT DR to BCM at an early stage is crucial. Additionally, teamwork, communication, and coordination between different recovery teams are necessary for a swift and successful response. The exchange of information, even before an actual incident occurs, is ideal. Team managers should know the roles and responsibilities of the other teams so that mutual procedures can be considered and integrated into the event of a disruption.


Related IT DR terms, when presenting the relationship in Figure 2-2 (below), include the IT Disaster Recovery (DR) Team.

2. Crisis Management

Crisis Management (CM) (CMI Staff Writer, 2004) encompasses the steps taken by an organization when tackling a significant critical incident. Any incident that results in the loss of the organization's financial value in the market, be it by reputation or damages, is considered a crisis by the organization. A plan and a properly trained team should be established beforehand so that procedures are already in place and a strong team can execute them.

Related CM terms when presenting the relationship in Figure 2-3, include Crisis Management Team, Damage Assessment (DA) Team, and Emergency Response (ER) Team.

3. Crisis Communication

Crisis Communications (CC) (CMI Staff Writer, 2004) encompasses how an organization protects itself via internal and external communication to the relevant parties about the details of the crisis and what they are doing to resolve the situation. Some of the appropriate parties that the organization has to address include:

  • Employees
  • Shareholders
  • Media
  • Customers
  • Suppliers
  • General public

Related CC terms when presenting the relationship in Figures 2-1 and 2-3 include Crisis Communication Team.



 

BCM Team Key Cyber Security Concepts Related BCM and CIR Concepts Characteristics of Relevant Concepts Back To: BCM & CIR Concepts

 

 

   

 

 

Do You Want to Continue BCM Training onsite or online?

Competency-based Course
Certification Course

Goh, M. H. (2017). A Manager's Guide to Business Continuity Management for Cyber Security Incidents, 2nd Edition. GMH Pte Ltd.

Reference: Chapter 2 Cyber Security, BCM and Relevant Concepts  2.6 BCM Concepts to Cyber Security

Note: This version was the draft 2nd Edition being updated in 2022. The numeric in the square bracket [X-X] cross-refers to the actual chapter and section in the 1st Edition.