Does Your Business Continuity Plan Include a Security Breach Plan?

Fidelus Blog: Of companies with business continuity plans, 17 percent do not have a security breach plan.

With the growing number of cybercrimes and disasters (both natural and man-made) affecting and even putting companies out of business, it’s surprising that there are still companies without a business continuity plan in place. While 83 percent of businesses have a plan, 17 percent of companies still operate under a “hope for the best” mentality without a formal business continuity plan. [1]

What’s a Business Continuity Plan?

The purpose of a business continuity plan is to give organizations a way to operate their company even if faced with extended service interruption. If your business is located in an area affected by a hurricane, for example, a business continuity plan would ensure you have the means to carry on your business despite damaged computers and power outages.

When the plan is created, all of the potential risks are evaluated and then arrangements are set up for each potential scenario. A common mistake that companies make is putting most or all of their planning into the physical technology and not enough of into the people and processes that are in place to operate the business. Some business continuity plans fail to protect the organization against criminal activities, which is probably more common than becoming the victim of a hurricane or flood!

Security Breach Plan Protections

Hackers are finding new ways to exploit mobile devices, networks, and other technologies to gain access to your data.

Of companies with business continuity plans, 17 percent do not have a security breach plan. [1] This is alarming, as 47 percent of all breaches this year have been caused by malicious or criminal attacks. The remaining 53 percent were caused by a mix of attack vectors including ineffective mobile device management and data loss prevention strategies, security control, system access, and monitoring. [2] A security breach plan would protect your organization from the increasing number of security attacks and help reduce the cost per record in the event of a data breach, in addition to the common disaster scenarios covered under the typical business continuity plan.

In some industries, a data breach can ruin your reputation and put you out of business. Others face steep fines for not maintaining the security and privacy of their data. Ensuring your business continuity plan includes a security breach plan that can minimize your risks.

High quality security breach plans include:

  • Keeping systems and infrastructure up to date with latest recommended software patches
  • Employee training to reduce and eliminate social engineering hackers
  • Cross-representation of the business continuity and cybersecurity team
  • Appointment of crisis management representatives to coordinate cyber security and business continuity efforts after a data breach

If you’re looking for more information on how Fidelus can help with your organizations business continuity plan, please contact us here. To access our in-depth analysis on how IT teams across the country are using IT services and products withing their organization click below.

[1] 2017 U.S. IT Services Report sponsored by Fidelus

[2] IBM 2017 Cost of Data Breach Study