How Business Continuity, Information Security and Risk Management Collaboration Bolsters Business Performance

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13
Next How Business Continuity, Information Security and Risk Management Collaboration Bolsters Business Performance-3 Next

Driving Trends Continued

Trends Driving Collaboration and Convergence

  • Information security threats are increasing: The threat from Big Data, cloud, critical and trusted infrastructure, and mobile and social applications has been increasing steadily over the last few years.
  • Management is demanding a 360-degree view of risk: The role of risk intelligence with a 360-degree view of risks and mitigation strategies is becoming table stakes for good risk management. Management must ensure that thresholds for risks and incidents are well communicated and distributed in the operational fabric of the organization, and that information on incidents is communicated on a near-real time basis.

In March 2011, Epsilon, a provider of marketing services over email to large client bases, reported that their systems were "exposed to unauthorized entry" in which hackers stole the names and email addresses of millions of people. These were the names of customers of several large financial and retail firms, including Citi, Barclaycard US, Disney, and BestBuy, who in turn were customers of Epsilon. All companies notified their users/customers to be aware of "phishing" attempts to solicit other sensitive information resulting from the initial breach at Epsilon.

By Yo Delmar, vice president GRC Solutions at MetricStream, and Harvey Betan, associate principal at Risk Masters Inc.

Business continuity programs are often considered on a standalone basis, but recent incidents that involve security breaches highlight how business continuity, disaster recovery, security and risk management teams are compelled to work more closely together in order to understand the true likelihood and impact of potential disruptions to the business. Let's consider the situation, for example, when an IT infrastructure is compromised or made unavailable (e.g., DDoS attack) to an online banking site or an online retailer. Companies that have been impacted by these types of incidents have experienced, in some cases, dramatic effects on their business operations and revenues. To ensure that the business sails smoothly, more and more organizations are beginning to converge IT security, risk management and business continuity teams in order to establish and agree upon a common framework and processes for crisis management.

Today, business continuity planning and management goes beyond the physical continuity of the business, encompassing areas such as e-continuity, as well. We live in an era of e-business, with a growing percentage of business transactions moving through the Internet, extranets, virtual private networks and cloud service providers. The complexity of this ecosystem has given rise to a larger threat surface, with a higher number of threats to digital information and traffic flows. Over the last two to three years, the rise in cyberattacks has driven an integration of security with operational and enterprise risk management. More recently, business continuity and disaster recovery teams have become an increasingly key partner in these collaborative teams as a natural fit in the larger concept of a 360-degree risk management.


Related Topics : A Big Market for Big Data Jobs, Midmarket CIO, IT Management Automation, SharePoint, Technology Markets

More Slideshows

PlexxiITRoles0x IT Roles: The New Faces of Network Infrastructure

The newfound emphasis on tools and service integration is shaping a new crop of industry professionals — the actual faces behind the IT infrastructure. ...  More >>

Compliance4-190x128 GRC Programs: Building the Business Case for Value

Experience shows that organizations that manage GRC as an integrated program — involving people, processes and technologies — are more successful in delivering value to their organizations ...  More >>

IT_Man89-290x195 9 Tips for Running a 'Tween' Company

Advice and tips for entrepreneurs and companies that are no longer startups but not quite ready for an IPO, also known as "tweens." ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.