Business continuity requires security architecture to reduce risk and cost
The frequency of cyber-attacks continues to increase at an unparalleled pace. By attacking the most vulnerable value chains of organizations, they result in information confidentiality and integrity breaches, discontinuity of business activities and huge damages. Once considered predominantly as a technological issue, the risks related to the information systems are now evaluated within the Enterprise Risk Management scope. On the other hand, traditionally, Business Continuity Management (BCM) is mostly treated as a domain, separated from Information System Security Management (ISSM). With the rapid explosion of cyber threats, the alignment between BCM and ISSM is now becoming a must for providing management with a holistic view and enabling them to be implemented in organizations where the teams interact closely with each other.
It goes without saying that the organizational part of security and BCM is the key for a successful implementation, yet the information system (IS) part needs also to be addressed in an efficient way. Various standards and frameworks exist to help organizations implementing a BCM, but they lack a strong link with the governance, architecture and security of the IS. In this session, we will introduce very briefly an innovative approach and describe the first steps for the linkage between the two worlds, enabling an efficient implementation of BC based on architecture and secured IS.