Business Continuity in a Cyber World

Until recently, if it has been considered at all in the context of business continuity, cyber security may have been thought of in terms of disaster recovery and little else. Recent events have shown that cyberattacks are now an everyday occurrence, and it is becoming clear that the impact of these can have devastating effects on organizations whether large or small, public or private sector.

Cyber security is one aspect of information security, since the impacts or consequences of a cyberattack will inevitably damage one or more of the three pillars of information security: the confidentiality, integrity or availability of an organization's information assets. The main difference between information security and cyber security is that while information security deals with all types of information assets, cyber security deals purely with those which are accessible by means of interconnected electronic net- works, including the Internet.

Many responsible organizations now have robust information security, business continuity and disaster recovery programs in place, and it is not the intention of this book to re-write those, but to inform organizations about the kind of precautions they should take to stave off successful cyberattacks and how they should deal with them when they arise in order to protect the day-to-day businesses.