Are you Process Oriented or Action Oriented? BCP, Incident Response, and DR

Incident Management is one of the most important aspects of protecting your system. In fact, Incident Management will help your business when it comes to Incident Response by ensuring that your business responds appropriately. In my own opinion, and as a Resident of New York State, I am seeing in Realtime how lack of Incident Management support is creating a trickle-down effect and our own government is simply being reactive/not proactive. Our requirements and laws change daily, one minute something is open the next it is closed, most humans didn’t abide by the stay-at-home order to begin with and trying to manage humans is arguably one of the most dire tasks in any field. But we can talk about theories, laws, physics, and human psyches later.

What is Business Continuity Planning (BCP)? In order to minimize the impact of any risks to organizational processes, BCP generates Plans, Policies, and Procedures for your Company to utilize in the event of an unexpected disaster. Cough* Cough* COVID-19. I remember writing a blog about this in 2018 which was fun to write, but at the time I found it difficult to find a relevant Crisis to help highlight the relevance and importance of having a BCP plan. With a BCP, your business can continue operating before, during, and after an Emergency.

 So, let’s be Proactive and not Reactive in our response to the Trickle-Down Theory. From the Top Down – BCP wants to be a calm, quick, and effective response to an emergency. The focus is on your businesses ability to recover as-soon-as-possible. There are Four main steps to the BCP process. These vary depending on your organization, but essentially they all seek the same outcome. This is where I want you to consider my title - Are You Process Oriented or Action Oriented? Or both? Do you make time for important processes? Or do you just take action when you need to?

The First Phase You Should Consider -
Dependent on the size or your organization and the nature of your business, Phase One relies on a methodology that has been previously demonstrated to the organization as a no-fail plan. This step includes:

Examination of the way your business is organized; from a crisis perspective

With approval of Senior Management; the formation of a BCP Team

 Valuation. An internal appraisal of your businesses available resources that can participate in BCP undertakings

Write this down – Evaluation of Legal and Regulatory Requirements which oversee your businesses response to a  cataclysmic event. 

To Learn More about BCP, DR, Incident Response, or other Cybersecurity related inquiries, send me your info and I will get back to you as soon as I am able.

About the Author - Ashley Oliver is an experienced Cybersecurity Consultant, Engineer, Mentor and Teacher based in the Central New York area. Ashley has over 10 years of experience. Ashley is a SME in several areas of security including Network Security Engineering, Architecture, Policy, Standards, and Compliance. Ashley's rare and unique experience is based on her love for the Shell, and perfect design. Ashley has knowledge of NIST, and is very proficient in Cybersecurity, Network Security, Next-Gen Firewalls, Layered Security, DLP, Encryption, IPSec, and more, and she is always more than willing to share and to teach.