KuppingerCole Report
Advisory Note
By Warwick Ashford

Business Continuity in the age of Cyber Attacks

Business continuity and cyber security remain largely in separate siloes. But changes in the IT and cyber threat landscapes mean there is an urgent need for organizations to alter their approach. This Advisory Note identifies why there needs to be closer alignment and integration between business continuity and cyber security teams, and provides recommendations on how to achieve this to reduce the business impact of cyber attacks and ensure none is a business killer.

1 Executive Summary

Business continuity is the ability of an organization to maintain critical business functions during, as well as after, a disaster has occurred. Tradi ...

Login Free 30-day Select Access Get full Access

2 Highlights

  • Cyber attacks and breaches of cyber defenses have become inevitable as attackers become increasingly well organized and funded, often with nation st ...
Login Free 30-day Select Access Get full Access

3 Cyber threats are becoming more destructive

The nature of cyber attacks is continually changing, but in recent years the most notable trend is that attacks are becoming increasingly destructive, ...

Login Free 30-day Select Access Get full Access

4 Cyber attacks now a top risk to Business Continuity

Businesses need to adjust their approach to business continuity planning in the light of the fact that as business operations become increasingly depe ...

Login Free 30-day Select Access Get full Access

4.1 Cyber Security and Business Continuity integration

A more integrated approach to Cyber Security and Business Continuity will ensure that IT technology and security investment/planning focus on resilien ...

Login Free 30-day Select Access Get full Access

4.2 The Role of Privileged Access Management in Security and Continuity

NotPeya also highlighted that Privileged Access Management (PAM) is extremely important in the context of business continuity, underlining the importa ...

Login Free 30-day Select Access Get full Access

4.3 The Role of People and Processes in Security and Continuity

Technology, however, is only one aspect of security/continuity. Policy, process, organization, and people need equal, if not greater attention. Everyo ...

Login Free 30-day Select Access Get full Access

4.4 The Role of DevSecOps in Security and Continuity

This approach will also encourage and support the creation and maintenance of a DevSecOps environment, where security and continuity are integral to t ...

Login Free 30-day Select Access Get full Access

4.5 The Role of Threat Detection and Response in Security and Continuity

Destructive cyber attacks underline the importance of detecting malicious activity as quickly as possible and launching an immediate response to ensur ...

Login Free 30-day Select Access Get full Access

4.6 The Role of Artificial Intelligence in Security and Continuity

Organizations should evaluate technologies that are supported by AI (artificial intelligence) and ML to bolster security/continuity capability through ...

Login Free 30-day Select Access Get full Access

5 Recommendations

In the digital era, the increasing reliance of IT and the increasingly destructive and disruptive impact of cyber attacks means businesses need to ado ...

Login Free 30-day Select Access Get full Access

5.1 Planning

  • Restructure BCM and cyber security teams to ensure greater integration and collaboration in terms of operations, processes, procedures, responsibili ...
Login Free 30-day Select Access Get full Access

5.2 Technology

  • Plan for the worst in terms of detection, response, recovery and improvement of both security and continuity capabilities;
  • Ensure data backups are ...
Login Free 30-day Select Access Get full Access

5.3 Policy

  • Implement and enforce stringent Privileged Access Management controls.
  • Enforce a policy of least privilege and consider allocating admin privilege ...
Login Free 30-day Select Access Get full Access

Copyright

©2020 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarksTM or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole Analysts, founded in 2004, is a global analyst company headquartered in Europe focusing on Information Security and Identity and Access Management (IAM). KuppingerCole stands for expertise, thought leadership, outstanding practical relevance, and a vendor-neutral view on the information security market segments, covering all relevant aspects like: Identity and Access Management (IAM), Governance & Auditing Tools, Cloud and Virtualization Security, Information Protection, Mobile as well as Software Security, System and Network Security, Security Monitoring, Analytics & Reporting, Governance, and Organization & Policies.

For further information, please contact clients@kuppingercole.com.

top