Story image

Organisations should test-drive business plans for continuity and cyber-resilience

05 Jul 17

Most organisations fail to appreciate the importance and benefits of testing when it comes to business continuity and cyber-resilience, according to disaster recovery solutions provider Continuity SA.

Rehearsals are critical, but testing is much more than that.

The often overlooked benefit of testing is that by feeding the results of each test back into the business continuity plan, the plan becomes better in every way.

Wayde Anderson, Continuity SA client service manager says, “We live and breathe testing because we know that the only way to ensure that a business continuity plan actually works is to test it rigorously and frequently.

“A disaster is no time to find out that the plan has serious flaws.”

The same logic holds when it comes to cyber-resilience.

The Business Continuity Institute’s Cyber Resilience Report revealed that two-thirds of organisations had experienced at least one cybersecurity incident during the previous year, and 15% had experienced at least 10.

Organisations need to improve their ICT system’s ability to withstand any attack and to recover from if their defences are breached.

The first order of business is to ensure that cyber security is integrated into the business continuity plan, and thus into the regular testing cycle.

Testing, and particularly crisis simulations and penetration testing, help identify weaknesses and also help to refine the business continuity plan.

Incident management, which naturally forms part of a test, also contributes to cyber-resilience because how an unexpected incident is managed is critical to limiting the damage it causes, both in the short and long terms.

In short, organisations testing their cybersecurity measures will initiate a virtuous cycle of improvement, acting as a training regime to keep their cybersecurity in peak condition, and thus building resilience to even the unexpected.

Crucially, it enables organisations to take a proactive stance against cybercriminals, to be prepared for whatever they do.

MulteFire announces industrial IoT network specification
The specification aims to deliver robust wireless network capabilities for Industrial IoT and enterprises.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
Schneider Electric's bets for the 2019 data centre industry
From IT and telco merging to the renaissance of liquid cooling, here are the company's top predictions for the year ahead.
China to usurp Europe in becoming AI research world leader
A new study has found China is outpacing Europe and the US in terms of AI research output and growth.
Google says ‘circular economy’ needed for data centres
Google's Sustainability Officer believes major changes are critical in data centres to emulate the cyclical life of nature.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
Ramping up security with next-gen firewalls
The classic firewall lacked the ability to distinguish between different kinds of web traffic.