Understand the difference
November 2018, IT infrastructure
It is essential to understand the difference between business continuity and disaster recovery because of how closely aligned business continuity is to disaster recovery. Disaster recovery can be seen as a subset of business continuity in terms of disaster only; both however work in parallel to continue business operations.
The local threat landscape
South Africa is a connected economy and the country can be affected by what transpires in other countries. Rather than asking the question about how good or bad the local threat landscape is, the question should be; what is the state of the security controls South Africa employs and how do they measure against the countries it deals with?
If South African organisations are doing business with countries that employ more sophisticated security controls, cybercriminals are more likely to target the ‘low hanging fruit’. Locally, the threat landscape can be measured by comparing the security controls put in place by the countries South Africa deals with.
South Africa is also the only African country in the G20 international forum, aimed at discussing policies to promote international financial stability. Cybercrime is often based on effort versus reward and criminals will always try to exploit a healthy economy. This increases the threat for South Africa versus other countries in Africa.
What should businesses be doing to safeguard themselves against threats they do not know yet?
There is no such thing as hundred percent security; the most prudent measure to undertake would be to employ user and entity behaviour analytics that pick up anomalies. It is no secret that cybercriminals are constantly working to refine their attacks, making them sophisticated enough to bypass security barriers. Businesses need to do the same to keep up.
Automation can help businesses win this battle with systems such as the recently introduced Oracle’s Autonomous Database. The Autonomous Database automatically encrypts all data, provides security updates and changes with no downtime to provide protection from both external attacks and potentially malicious users.
What are some of the fundamentals that must be included in a solid business continuity plan?
A business continuity plan comes into play when there is a problem; it is by no means a proactive measure. Fundamental to a good business continuity plan is a business having access to backup plans when facing cases such as ransomware to restore and support the business’s essential operations.
Having a team with members from a range of departments helps understand the severity for each line of business. For example, a stakeholder from the finance team would understand the severity of cyber extortion and how detrimental it could be for business operation whereas an HR stakeholder could be more concerned about the privacy of the information accessed, making it crucial to have a representative from each department.
What would you say are some of the top challenges businesses face when it comes to business continuity and disaster recovery planning?
Preparing for a disruptive event is one thing, managing the process is another challenge. The plan kicks in when things go bad; preparation determines how well a business goes through it. All too many businesses have plans put in place but those fall apart when facing ransomware and extreme cyber extortion.
We saw this with Uber’s attempt at concealing a breach and the company allegedly paying hackers a $100 000 ransom to delete the data and not publicise the breach to media and regulators. Whether an event includes an outage or a breach, it is crucial to be prepared and manage the process, in a state of panic most business succumb to this particular challenge.