"Gone are the days when we did business impact assessments purely for business continuity and disaster recovery, it doesn't work anymore,"
"The business impact assessment is the heart of cyber resilience,"
"Traditionally, people focus more on detection, response and recovery but I think there's a bigger play here because if you look at third-party risk, that's in governance,"
"Identification is crucial. Have you got full visibility over not just your hardware assets, your software assets, your critical third parties, your data?"
Many businesses still fail to embed resilience across operations due to low cross-team collaboration and lack of business-focused priorities. Business impact assessments must shift from generic continuity plans to assessments at the business-function level so CISOs and CIOs can identify and prioritize critical processes needing investment. BIAs should map processes such as procurement, inventory, purchasing, distribution, and supplier payments and their dependencies on IT infrastructure, workforce and third-party vendors. Embedding resilience requires cross-department detail, governance attention to third-party risk, and full identification and visibility of hardware, software, critical third parties, and data.
Read at IT Pro
Unable to calculate read time
Collection
[
|
...
]