Aligning Cyber Incident Response Planning with Your BC/DR Program

Cyber disruptions – and their impact on both reputations and profitability – have risen to the top of nearly every recent risk study. These increasing concerns weigh heavily on Executive Suites and Boards.

In the IT realm, CIO’s and CISO’s now focus their efforts on mitigating those risks, and planning responses to potential data breaches, malware and other cyber threats. As a result, more and more organizations have begun developing Cybers Security Incident Response Plans (CSIRPs).

Developing these plans in their own ‘silo’ – without considering the cyber incident impacts on general business operations – can be negligent and potentially dangerous. Integration of CSIRPs with existing Business Continuity and Disaster Recovery Plans can make the entire organization more resilient and prepared to respond to outages of any and every type.

Likewise, Business Continuity plans that simply focus on restoring day-to-day operations under specific scenarios may lack the necessary strategies and tactics to successfully respond to cybersecurity threats that may be at the root of a potential disruption.

Many CSIRPs focus on protection and restoration of impacted technology and acknowledge the need to communicate with customers and stakeholders to mitigate reputational impacts. But potential cyber threats may also require an operational response – because of financial, regulatory and product or service delivery impacts resulting from that cyber incident. In other words, a cyber security problem may cause a Business disruption. Hence recovery of both IT assets and Business functions are closely linked and, must be addressed together, not in separate silos.

Disaster Recovery Journal recently host a webinar by eBRP’s Ramesh Warrier in which he addressed the need for – and mechanics of – integrating CSIRP’s with existing BC and DR planning. You can view the webinar on demand here. After you have watched the webinar, we invite your feedback. Please contact us at

Jim Mitchell

Jim Mitchell

A frequent speaker at Business Continuity conferences, many of Jim Mitchell’s blogs can be found elsewhere on eBRP’s website and has published articles in DRJ, Continuity Insights and Continuity Central. Jim has more than 20 years of experience in Business Continuity; if you don’t agree with his opinions – he won’t be surprised.

Related Posts

What Can You Do when your BCM software Relationship Falls Apart

What Can You Do when your BCM softw...

“This isn’t working.”  “I’ve changed.”  “I don’t see a future…
Aligning BC/DR to CSIRP Challenges

Aligning BC/DR to CSIRP Challenges

The immediate reaction to a cyber-security incident is the FUD…
Technology Modeling – the eBRP Way

Technology Modeling - the eBRP Way

Definition: Technology modeling is a point-in-time snapshot of an Enterprise’s…
eBIA – The eBRP Way

eBIA - The eBRP Way

Definition: A Business Impact Analysis (BIA) is the cornerstone of…
Threats, Impacts, BCPs

Threats, Impacts, BCPs

Within Business Continuity circles there is ongoing debate about the…
The BCM Challenge: Executive Buy-In

The BCM Challenge: Executive Buy-In

As a Business Continuity Management (BCM) solution provider, the first…
DR Plans – The What, When & Who

DR Plans - The What, When & Who

As a Business Continuity practitioner with more than 20 years…
Disaster Recovery – Exercised

Disaster Recovery - Exercised

As part of its Resiliency program, one of our clients…
You have a Risk Department.  Why do YOU conduct Risk Assessments?

You have a Risk Department. Why do...

If you’re new to Business Continuity, you have a lot…
What’s Our Plan for That?

What’s Our Plan for That?

That question usually comes from an executive after some other…