WHAT IS A CYBER SECURITY BUSINESS CONTINUITY PLAN?
A cyber security business continuity plan is a form of Business Continuity planning. Business Continuity Planning is the process of creating a plan to identify major risks to a business which could cause significant disruption, preventing these where feasible, and planning to allow essential processes to continue wherever possible.
A business continuity plan should outline a range of risks including physical events (e.g. fire, flooding and natural disasters), supply chain disruption and cyber-attacks. Cyber risk is often overlooked and the potential impact of business disruption regularly underestimated.
A cyber security business continuity plan (sometimes known as an incident response plan) can help your business to identify a range of cyber risk and outline how to prevent or mitigate incidents where possible. It should also outline the actions that should be taken to minimise business disruption during a cyber emergency.
The benefits of an incident response plan or cybersecurity business continuity plan include; lessening business disruption by providing clear steps, actions and responsibilities, and an increased awareness of cyber risks across a business which can prevent incidents from occurring. By planning incident response ahead of time, a business can also ensure their response is compliant with regulators and GDPR.

CYBER BUSINESS CONTINUITY PLANNING
Business continuity in cyber security should follow the same principles as any business continuity plan, but with an awareness of the specific risks of a cyber-attack or breach. Here are the steps you should take:

Assemble your team
The first step is deciding who to include in your team. This should include people from across the business, including your IT team and Senior Leadership. Each member should have clearly delegated roles and responsibilities, as this removes ambiguity and therefore downtime in a crisis.

Conduct a cybersecurity risk assessment
This is where you will outline all the possible risks to your business that relate to a cyber-attack or breach. It's important to consider the impact that the different types of cyber-attacks could have, and the potential regulatory implications of a data breach. It’s also crucial to audit all parts of your supply chain for cyber risk, as a cyber breach from one of your suppliers or partners could put your business at risk and vice versa.

Perform a Business Impact analysis Perform a Business Impact analysis
Once you have identified all the major cyber risks to your business, you should perform a business impact analysis. This is an opportunity to identify each business impact that could be caused by the disruption of business functions and processes. This analysis will help you determine recovery strategies and which functions and processes should take priority – typically the ones with the highest operational and financial impacts.

Test your systems
Once plans are in place, it’s important to test your systems to determine if you need to adapt or review your current plans. This will allow you to refine your plans and systems before a cyber breach or attack occurs.

Set up a continuous monitoring process
Cyber criminals are using increasingly sophisticated methods to breach businesses’ cybersecurity. Processes that may have been completely adequate only a few years ago may now need to change. Continually monitoring your processes to determine any weak points, or improvements that can be made is one of the best ways you can protect your business from large amounts of downtime and business disruption.

WHAT ELSE DO I NEED TO CONSIDER TO KEEP MY BUSINESS SAFE FROM CYBER CRIMINALS?
cyber education and training Education and training According to research conducted by IBM 95% of cyber breaches were caused by human error. Therefore an important part of your Business Continuity planning should be regular employee cyber training to stay ahead of the increasingly sophisticated methods used by cyber criminals. Many comprehensive cyber insurance policies offer employee training as part of their cover to reduce the risk of claims caused by human error.


Cybersecurity measures
Robust cybersecurity is essential to protect your business, and it’s important to invest in some cybersecurity measures regardless of your business size or industry. It is also a requirement of cyber insurance cover that the policyholder ensures there is adequate cybersecurity measures in place, otherwise if an incident occurs claims may be voided. There are many measures a business can take to protect against cyber-attacks including keeping antivirus software and firewalls up to date, using VPNs for encrypted data transfer and remote file access, enforcing secure password policies and multifactor authentication.

Penetration testing can also be a useful tool to help you stay ahead of cyber criminals. By identifying vulnerabilities in your IT Infrastructure, you can fix any issues before a hacker gains access to your systems
Penetration testing can take the form of Black Box, White Box and Grey Box testing:
Black Box – a tester with no knowledge of the internal systems attempts to breach security, usually using a brute force attack and trial-and-error to find vulnerabilities in the system.
White Box – the tester has knowledge of the IT architecture and systems, and will use these to test and analyze any potential weaknesses.
Grey Box – the tester has some knowledge of the systems, and will use the limited information they have to find potential vulnerabilities or security holes.