Cybersecurity, Compliance, and Business Continuity: A Business View

Verified

Added on 2023/06/13

AI Summary

This report explores the critical aspects of cybersecurity, compliance, and business continuity within a business context. It emphasizes the importance of implementing company-wide best practices for cybersecurity, risk analysis, and data backups to protect integrated technologies. The report highlights the challenges faced by regulated sectors and the potential consequences of non-compliance, such as significant fines and reputational damage. It outlines five key steps for safeguarding information and ensuring IT system functionality, including establishing robust cybersecurity policies, providing comprehensive training and awareness programs, implementing monitoring and web filtering measures, and considering outsourcing IT functions to specialized service providers. Furthermore, the report underscores the necessity of a business continuity plan to minimize downtime and facilitate swift recovery in the event of a cyber-attack or IT outage, advocating for a collaborative approach involving various departments. The report concludes by addressing the ethical considerations surrounding security measures and emphasizing the importance of balancing security with individual privacy rights, while also highlighting the legal and fiduciary duties of directors and senior managers to protect the organization's business processes.

Running Header: CYBERSECURITY, COMPLIANCE, AND BUSINESS CONTINUITY.
Name
Institution
Date

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

CYBERSECURITY, COMPLIANCE, AND BUSINESS CONTINUITY 2
Abstract
Technology has become more ingrained in today’s company operations, it is fundament
to institute company-wide best practices to carry out cyber security, downloads, risk analysis and
backups so as to safeguard necessary integrated technologies (Rittinghouse et al., 2011). An all-
inclusive management practice that ascertains potential threats to a business continuity and the
impacts to it operations those risks if noted, may cause and offer a system for establishing
organizational flexibility with the ability of an effective response that sucures the intersts of its
key reputation, brand, stakeholders and value-creating activities.
Index terms: compliance, cyber security, business continuity
Introduction
If the business is an extremely regulated sector like the legal professions or economic
sector, it may present some exceptional challenges in your IT requirement. In any organization
data and cyber-security agreement are a priority, but it gets more commanding when your
commercial activities are centered on personal and sensitive information. Failure to comply or
data openings will attract big fines being handed out by the controllers and a bad name on your
organizations (Furfaro et al., 2016). Cyber-attacks affect your ability to do business and also
compromise your client's records. While dealing with cyber-attack effect, it may be necessary to
remove access to IT system, this will obviously affect your clients and staff members. This paper
will explore the issue of Cyber Security, Compliance, and Business Continuity.
Cyber Security, Compliance, and Business Continuity

CYBERSECURITY, COMPLIANCE, AND BUSINESS CONTINUITY 3
Working with clients who have experienced multiple threats globally, many of their
cases involve multiple threats at once.for example, during super storm sandy, many businesses
had to cope through a natural disaster that resulted in massive IT outages and displaced staffs.
Rebooting the network and assisting staffs to get back to work involved many departments-IT,
operations, customer relations, HR, and facilities to all work off the same organized playbook
(Tisdale, 2015).
When working with controlled businesses clients are encouraged to take the following
five steps to safeguard their information is safe and IT systems are working:
 Policies of Cyber security: cyber security policies that are severe will aid in
isolating those sections that might be at risk and put anticipatory processes in
place. Clients and employees should be controlled on how they use the system
and networks. An example, one might have staff remotely logging in from
different gadgets, or utilizing the Internet for both recreation and business (Chinn
et al., 2014).
 Training, Communication, and Awareness: Human error, malicious attack or
system glitch may cause data breaks, this can be prohibited by creating awareness
of cybersecurity consciousness problems and putting appropriate training in place
for all staff member (Chinn et al., 2014).
 Monitoring and Web Filtering: Protective measures like web filtering can
prevent malware before it has even moved in the system, also detecting machines
infested with malicious spyware, phishing attacks or nuisance adware, and

CYBERSECURITY, COMPLIANCE, AND BUSINESS CONTINUITY 4
observing how staff are utilizing the network (Chinn et al., 2014). It can also
assist in reinforcing IT procedure guidelines.
 Subcontracting: A key encounter that most organization confronts is that of a
pre-emptive approach to upholding and observing their IT network to confirm
efficiency, takes the information technology team away from driving organization
development and growth in other regions. Recruitment can also be a challenge for
some organization’s that do not have adequate experienced IT managers or
experts to keep these organization critical networks up (Chinn et al., 2014).
Therefore, can be expedient to outsource this sector of a business’ IT to a service
provider with regulatory familiarity in your field of business.
Business Continuity Plan: Deterrence is deliberated to be better than cure, in
case an individual suffers a cyber-security or IT outage, therefore a business
continuity strategy is fundamental for putting failovers services into action getting
the system running as fast as possible and reducing the downtime (Järveläinen,
2012).
In the case of attack occurrence, at this point, all sections must work together flawlessly.
The IT department emphasizes triaging of the issue, the rest of the department should focus on
corresponding with employees, building trust with customers, ensuring operational uptime,
working with the authorities, and providing customer service (McDonald, 2008). If your cyber
security plan solely focuses on IT, the implications will be severe.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

CYBERSECURITY, COMPLIANCE, AND BUSINESS CONTINUITY 5
It is advisable to include a cyber-security approach to the business continuity program.
Many of the same components are shared with success: pinpoint responsibilities and roles,
response protocols and threat assessment, for instance, incorporate cyber-security in the overall
instance administration management, crisis team training, emergency notification, business
continuity plan and other aspects of the program. Also, conducting the tabletop exercises that
always incorporate information security element so that a department-wide collaboration
exercise (Choo, 2010). One team, one dream strategy to cyber-security and business continuity
About ninety-three percent of the organization that incurs a significant data loss
frequently go down in period five years. Without warning, disasters may occur so the best
precaution is to be ready. A disaster recovery plan is also alluded, as a vital component in any
security system is the business continuity plan (Snedaker, 2013). Such a strategy outlines the
procedure by which businesses should recover from a major breakdown. Most destruction of all
the computing facilities can lead to a significant harm. Many organizations find it challenging to
obtain cover for their information systems and computers without exhibiting a suitable recovery
plan and disaster prevention. IT manager’s requisite to approximate the expenses that are
appropriate for the level of threat an organization is willing to incur.
Conclusion
Executing security plans raises many moral issues. To start with, some individuals
oppose any observing of individual activities. To impose certain regulations is seen by some as a
desecration of freedom of speech or other civil rights. To handle the secrecy versus security
dilemma is tough. In some instances, there are legal and ethical obligation that may force
organizations to interfere with their staff privacy and monitor their activities.IT security

CYBERSECURITY, COMPLIANCE, AND BUSINESS CONTINUITY 6
measures are required to hinder liability, loss, and litigation. Financial losses are not the only, but
also incorporate the loss of information, trading partners, brand image, customers, and capability
to conduct business, due to the activities of attackers, employees or malware. In the principle of
duty of care, directors and senior managers have a fiduciary duty to use logical care to safeguard
the organization’s business processes. Lawsuits, or Litigation, stem from the failure to meet the
organization’s regulatory and legal duties.

CYBERSECURITY, COMPLIANCE, AND BUSINESS CONTINUITY 7
References
Snedaker, S. (2013). Business continuity and disaster recovery planning for IT professionals.
Newnes.
Choo, K. K. R. (2010). Cloud computing: challenges and future directions.
McDonald, R. (2008, April). New considerations for security compliance, reliability and
business continuity. In Rural Electric Power Conference, 2008 IEEE (pp. B1-B1). IEEE.
Järveläinen, J. (2012). Information security and business continuity management in
interorganizational IT relationships. Information Management & Computer
Security, 20(5), 332-349.
Chinn, D., Kaplan, J., & Weinberg, A. (2014). Risk and responsibility in a hyperconnected
world: Implications for enterprises. A report from McKinsey & Company.
Tisdale, S. M. (2015). Cybersecurity: Challenges from a Systems, Complexity, Knowledge
Management and Business Intelligence Perspective. Issues in Information Systems, 16(3).
Furfaro, A., Gallo, T., & Saccà, D. (2016, August). Modeling cyber systemic risk for the
business continuity plan of a bank. In International Conference on Availability,
Reliability, and Security (pp. 158-174). Springer, Cham.
Rittinghouse, J., Ransome, J. F., & CISM, C. (2011). Business continuity and disaster recovery
for infosec managers. Elsevier.