Cybersecurity Series
Cyber Security_Blog_with Book

CIR PM BCM and Cyber Security Framework

This blog discusses how a typical incident response is implemented from a Cyber Security Incidents Response (CIR) and Business Continuity Management (BCM) perspective.

Once the initiative is implemented as a project, the maintenance process of the CIR and BCM will assume continuous improvement. In the BCM planning methodology, the project management starts and ends with the program management phase.

Resource: Chapter 5 Project Management 5.8 BCM and Cyber Security Framework

Moh Heng Goh

BCM and Cyber Security Framework

New call-to-action1. BCM Framework

The organization needs to sit down and discuss the strategic BCM mission. The mission is what the organization aims to achieve once the BCM plan has been implemented. How will the organization achieve this mission?

Developing a BCM framework with the appropriate components, as shown in Figure 5-9, provides the organization with a direction on the areas where policies and procedures and developed or improved to achieve the mission.

BCM-CS Component of BCMFigure 5-9: Key Components of BCM Framework

2. Cyber Security Framework

NISTOne good example of the cyber security framework is the NIST, and the components are shown in Figure 5-10. The NIST framework that organizations can choose to adopt to tackle cyber security. Similarly to the BCM framework, it guides the users to understand the steps and processes involved in developing a comprehensive cyber security strategy and tactical level plans.

BCM-CS NIST Cyber Security FrameworkFigure 5-10: NIST Cyber Security Framework (Clearwater Compliance, 2017)

The purpose behind the cyber security framework is to potentially mitigate any cyber security threat or respond effectively to a cyber security attack. In the context of the BCM professional, the aim is to align the BCM framework and processes with the cyber security framework.

Figure 5.11 Relationship between NIST Framework and BCM Life CycleFigure 5.11: Relationship between NIST Framework and BCM Life Cycle

Referencing the components of the BCP framework established to ensure that the organization continues its CBFs, BCM personnel can use the NIST framework to achieve the mission: of protecting the organization against cyber security threats and working within the BCM framework. Figure 5-11 shows how the NIST framework is aligned with the BCM life cycle so BCM professionals can understand the cyber security-specific processes to be performed alongside the BCM lifecycle.


Finding Relationships Between the Structures

There are two very distinct structures for BCM and cyber security. The question is how the BCM team can use the cyber security structure.

Firstly, the BCM team needs to stop having the misconception that cyber security lies only with the IT unit. Also, the cyber security team structure does not necessarily contain just members from the IT unit. There can be representatives from other business units. For example, multiple business units must be involved during security testing because the business functions utilize technological infrastructures to test their recovery capabilities.

Secondly, the BCM team members can complement the roles and responsibilities of the cyber security team. The fundamentals are identical: each business unit (including the BCM business unit) has representatives within the team who voice the respective team’s concerns and contribute to the overall cybersecurity plan.

Therefore, on top of performing daily BCM operations and planning, including cyber security as part of the routine discussion. The questions discussed include: What are the concerns about cyber security that each business unit has? How should each business unit work with the IT unit to develop mitigation, preventive or response measures?

Alignment of BCM and CIR


It is imperative that the BCM team can align themselves to develop a comprehensive CIR plan. Figure 5-12 shows the alignment, starting from the organizational structure and framework, and relationships are drawn between the teams and processes of BCM and CIR.

BCM-CS Aligning BCM and CIRFigure 5-12: Aligning BCM and Cyber Security Incident Response (PwC, 2011)

The BCM team has to be responsible and utilize the relationships to lay out the foundations so that future required processes are executed accordingly to meet the organization’s objectives towards both BCM and cyber security.

Related Topics for CIR Project Management

5.5.1 Cyber Security Specific Scope 5.6 Scenario Development 5.7.1 BCM Team Structure for CIR 5.7.2 Cyber Security Team Structure
New call-to-action New call-to-action New call-to-action New call-to-action
5.8 BCM and Cyber Security Framework 5.9 Relationships Between the BCM & CIR Structures 5.10.1 Relook at Existing Structure and Initiatives  
New call-to-action New call-to-action C6 CIR Relook Structure and Initiatives New call-to-action

 

 

 


BCMI Logo

Do You Want to Continue BCM Training onsite or online?

Competency-based Course
Certification Course
New call-to-action New call-to-action [BL-3-Catalog] What Specialist Level Blended Learning Courses that are Available? [BL-5-Catalog] What Expert Level Blended Learning Courses that are Available?

A Manager’s Guide to BCM for Cybersecurity Incident Response

Goh, M. H. (2017). A Manager's Guide to Business Continuity Management for Cyber Security Incidents, 2nd Edition. GMH Pte Ltd.

Resource: Chapter 5 Project Management 5.8 BCM and Cyber Security Framework

Note:  This version was the draft 2nd Edition being updated in 2023. The numeric in the square bracket [X-X] cross-refers to the actual chapter and section in the 1st Edition.

 

 

Comments:

 

 

More Posts

New Call-to-action