Ensuring the Calm after the Storm: Business Continuity Management.

For most businesses, prolonged downtimes are unthinkable - in a digitalized and automated business environment, processes are closely interconnected and tailored to the needs of customers. Keeping businesses up and running in the event of cyberattacks or other disasters is critical. However, without preparation this will be very difficult.

  #Cyber Defense Center   #Security Emergency Concept  
Markus Kaegi
+41 58 510 16 98

The last two years in particular have shown how important business continuity management is. Apart from high-impact cyberattacks, which have also affected well-known companies in Switzerland, there is still the Corona pandemic, which has caused significant disruptions in many companies with its ups and downs. In some, especially smaller businesses, the continuation of business operations has even been called into question.

When disaster strikes, it is vital in many companies to get back to business as usual as quickly as possible. Often, compliance regulations and legal requirements also leave a company no choice whatsoever when it comes to preparing for a potential disaster. Arguably, one of the most important steps in creating a business continuity plan is to define the most essential business functions. Once these processes are clear, failover mechanisms can be put in place.


Recovery priorities are crucial

But what are the requirements for the successful management of an existential business crisis triggered by external factors, such as a cyberattack?

Setting recovery priorities and goals is essential when it comes to systems, applications, and networks. Fundamentally, however, it's about a company analyzing and knowing its own vulnerabilities - this information can be useful even without a disaster happening. Companies that plan for their business continuity not only improve their resilience in the event of an emergency but also their ability to communicate and manage for normalcy, precisely because they design business-critical processes and infrastructure to withstand a potential disruption scenario. This can involve data backup, redeployment of staff, and the creation of redundancies and surplus capacity that can be deployed in the event of an emergency.


Cybersecurity, disaster recovery, and business continuity

Cybersecurity and disaster recovery are both important components when it comes to business continuity management.  A business continuity plan should definitely include measures to identify and mitigate cyber risks so that the responsible specialists in the company can cooperate and respond to potential attacks. Cybersecurity, disaster recovery, and business continuity therefore overlap in their tasks and goals. For this reason, it is only logical that these three departments work together. Despite common tasks, however, there are some differences when it comes to the activities of cyber security, disaster recovery, and business continuity specialists. The latter, in particular, need to focus primarily on those business areas that are critical to the company's existence - for example, those that generate revenue. Disaster recovery and cyber security specialists focus primarily on the technical details and infrastructure of the business in the event of an incident, with disaster recovery primarily concerned with data. After a disaster, these must be accessible if operations are to continue.


To be prepared for emergencies

A detailed practical business continuity plan should enable you to continue operating your business at least at a minimal level during a crisis. With this in mind, business continuity management is necessary to make your business resilient, thereby avoiding financial loss and reputational damage in the event of an emergency. Companies that want to focus on their core business and still be prepared can also purchase business continuity management as a service - for example, from companies such as UMB or RSA[i], specializing in cybersecurity risk management. RSA has become a world-renowned name due to the technological popularization of multi-factor authentication (MFA):  The most widely deployed MFA solution in the world is SecurID[ii]. This identity platform from RSA is used by 13,000 organizations around the world to manage 50 million identities and provide 30 million users with secure access to their systems - so that the dreaded emergency can be averted.

RSA and UMB can help you protect and make your organization resilient against malicious events. UMB is an RSA Secureworld Titanium Partner - we know how to make your IT environment secure. With the UMB security emergency concept we can provide you with a precise script of what to do in the event of an emergency. This will save you from further damage and show you ways to quickly get back to normal operations. Please contact us.


[i] RSA-Lösungen für Cybersicherheit und Digitales Risikomanagement

[ii] SecurID Identity and Access Management