2021-11-08T07:30:00Z

What is the difference between cyber resilience and business continuity?

Hi infosec professionals,

We all know how security terms can be confusing and there are permanent discussions between professionals about simple ones.

How would you describe the difference between cyber resilience and business continuity? 

How do you achieve each of them?

EB
Director of Community at PeerSpot (formerly IT Central Station)
  • 4
  • 583
6
PeerSpot user
6 Answers
VK
Project Manager - Business Consultant at Comtrade System Integration
Real User
Top 20
2021-11-09T10:09:23Z
Nov 9, 2021

It's simple: cyber resilience is the ability to prepare for, respond to and recover from cyber attacks. And it is certainly the role of the security team. 


While business continuity is something that is a part of the backup procedure or DR site that in any case (and not just from a cyber attack) ensures that the business continues to operate.

Search for a product comparison in Backup and Recovery Software
JH
Solution Architect at R2i
User
2022-08-10T02:29:58Z
Aug 10, 2022

Given todays landscape, I think cyber resilience in infrastructure (defined as the ability to protect and  recover from a cyber attack - i.e. Air Gapped Backups, immutable backups or snapshots, etc) should be considered a necessary component of Business Continuity (defined as the ability to continue running, or quickly recover, from an outage-causing disaster). BC is different from DR, in that DR implies a "recovery" activity, while BC implies the ability to continue operating through the outage.


While they may be separate today for political reasons, they should not be.

2022-08-09T17:38:20Z
Aug 9, 2022

In real world terms, Cyber Resilience would include security software (anti-virus and anti-malware), local machine and network policies to enforce hard passwords that are changed periodically, delegated folder access permissions, and physical access security protocols.
Business Continuity is a plan to keep a business from failing in the event of catastrophe. This should include redundant and remote co-located servers, off site data backups, system images, and provisions to operate from a different facility.

Jairo Willian Pereira - PeerSpot reviewer
Information Security Manager at a retailer with 10,001+ employees
Real User
Top 5Leaderboard
2021-11-24T13:37:48Z
Nov 24, 2021

Both have the same purpose but not the same scope. 


Ensuring CR does not guarantee BCP but guaranteeing BCP (properly following all plans and sub-plans as required by ISO22301 standard) guarantees CR.


People often confuse DR (Disaster Recovery) with BCP but DR is just a small fragment of the entire BCP (again, see scope and purpose at ISO22301 and complementary 223xx norms).

AlanFink - PeerSpot reviewer
Business Development & Product Manager at Prianto Ltd
User
Top 20
2021-11-09T11:27:27Z
Nov 9, 2021

Generic terms are always open to interpretation. My belief is that Cyber (crime) Resilience means there is a clear strategy, toolset and management process in place to ensure businesses are protected from malicious attacks whereas Business Continuity is a much broader term like having the secondary infrastructure in place to continue operating normally in the event of any kind of Business Interruption like natural disasters, power outages, software failure, malicious or accidental damage to data, etc and to be able to recover from it very quickly and with minimal cost. 


A step up from Disaster Recovery.

EB
Director of Community at PeerSpot (formerly IT Central Station)
Community Manager
2021-11-08T08:08:16Z
Nov 8, 2021

Hi @Enayat Galsulkar, @Daniel Aramayo ​and 
@Darshil Sanghvi,


Can you please chime in here and share your knowledge with other peers?

Learn what your peers think about Azure Backup. Get advice and tips from experienced pros sharing their opinions. Updated: May 2023.
706,775 professionals have used our research since 2012.
Related Questions
Avigayil Henderson - PeerSpot reviewer
Content Development Manager at PeerSpot
Apr 3, 2023
Hello community,  Please let us know your thoughts in the comments below. Thank you.
See 2 answers
Muhammad Ibtehaj - PeerSpot reviewer
Enterprise Solutions Architect at Relacom
Mar 5, 2023
Testing your disaster recovery plan is crucial to ensure that your organization is prepared to minimize downtime in the event of a disaster. Here are some steps you can take to test your disaster recovery plan: Define Test Scenarios: Define test scenarios that simulate real-world disaster scenarios. These scenarios should be designed to test specific aspects of your disaster recovery plan, such as data recovery, network failover, and application availability. Involve All Relevant Parties: Involve all relevant parties in the testing process, including IT staff, business unit leaders, and third-party vendors. This will help to ensure that everyone is on the same page and understands their role in the event of a disaster. Document Test Results: Document the results of each test scenario, including any issues or areas for improvement. This will help you to refine your disaster recovery plan and ensure that it's as effective as possible. Test Regularly: Test your disaster recovery plan on a regular basis, such as quarterly or bi-annually. This will help to ensure that your plan remains up-to-date and effective in the face of evolving threats and technologies. Automate Where Possible: Automate as much of the testing process as possible, such as data replication, failover, and recovery. This will help to minimize the risk of human error and improve the overall efficiency of your disaster recovery plan. By following these steps, you can test your disaster recovery plan to work on minimizing downtime and ensure that your organization is prepared to quickly recover from a disaster.
reviewer2104281 - PeerSpot reviewer
IT Manager Infrastructure&DBA at SplashBI On-Demand Reporting and BI
Apr 3, 2023
Testing your disaster recovery plan is an essential step to ensure that it will work effectively in minimizing downtime. There are several ways to test your disaster recovery plan, and the following are some suggestions to consider: Tabletop Exercises: Tabletop exercises are simulations that test the effectiveness of your disaster recovery plan. They involve gathering key stakeholders together to walk through various scenarios and discuss how they would respond. This exercise can help identify any gaps or weaknesses in your plan, and can help refine your processes. Partial Failover Tests: Partial failover tests involve testing a subset of your IT systems to see if they can failover to your disaster recovery site. This test helps identify any issues with your failover processes and can help refine your failover procedures. Full Failover Tests: Full failover tests involve testing all of your IT systems to see if they can failover to your disaster recovery site. This test is more comprehensive than the partial failover test and can help identify any issues with your entire IT infrastructure. Unannounced Tests: Unannounced tests involve testing your disaster recovery plan without informing your IT team in advance. This test can help identify how quickly your team can respond to a disaster recovery situation and can help refine your communication processes. Production Failover Tests: Production failover tests involve testing your disaster recovery plan during a planned outage of your production environment. This test can help identify any issues with your failover processes and can help refine your procedures. It is important to note that testing your disaster recovery plan should be done on a regular basis to ensure that it remains effective and relevant. It is also important to document and analyze the results of your tests to identify areas for improvement and to update your plan accordingly.
Avigayil Henderson - PeerSpot reviewer
Content Development Manager at PeerSpot
Mar 17, 2023
Hello community,  Please share with the community what your thoughts are based on your personal experience. Thank you.
See 1 answer
TL
SQL Database Administrator at Aurora Mental Health Center
Mar 17, 2023
The key to recovery from a Ransomware attack is the boy scout motto "Be Prepared".  In our case, not only did we have backups at the DR site but both the Production site and DR site each had a NAS on a different subnet with different Admin passwords that had backup copies, so 4 total backups. We also were using iSCSI connections to our SAN which the ransomware was not able to cross when they polluted the connection file. This was an unexpected bonus. We were basically back up and running in 4 hours after wiping and restoring files. Lessons learned were to separate as much as possible so if one part of the domain/forest gets corrupted it cannot travel to the other areas. We now use Veeam for Hyper-V windows VMs and Zerto for VMware VMs, another separation of business functions with different admin passwords. Nothing is foolproof but by making it as difficult as possible then makes more time to catch and stop the attack sooner.
Related Articles
Ariel Lindenfeld - PeerSpot reviewer
Director of Community at PeerSpot
Aug 21, 2022
We’re launching an annual User’s Choice Award to showcase the most popular B2B enterprise technology products and we want your vote! If there’s a technology solution that’s really impressed you, here’s an opportunity to recognize that. It’s easy: go to the PeerSpot voting site, complete the brief voter registration form, review the list of nominees and vote. Get your colleagues to vote, too! ...
EB
Director of Community at PeerSpot (formerly IT Central Station)
Aug 2, 2022
Dear professionals, Welcome back to PeerSpot's Community Spotlight! Below you can find the latest hot topics posted by your fellow PeerSpot Community members. Read articles, answer questions, and contribute to discussions that are relevant to you and your expertise. Or ask your peers for insight on topics that interest you! Trending Here are some topics that your peers are discussi...
See 1 comment
EB
Director of Community at PeerSpot (formerly IT Central Station)
Aug 2, 2022
@Chris Childerhose, @PraveenKambhampati, @Deena Nouril, @Shibu Babuchandran and @reviewer1925439, Thank you for contributing your articles and sharing your professional knowledge with 618K PeerSpot community members around the globe as well as with a much bigger readers audience!
Chris Childerhose - PeerSpot reviewer
Lead Infrastructure Architect at ThinkON
Jul 27, 2022
Every Virtualization and System Administrator deals with having the ability to recover servers, files, etc. and having a Backup Solution to help with recovery will ease the burden. But how do you know which one is right for you? How would you go about choosing the right solution that will help you in your daily tasks? Software Criteria When choosing a backup solution there are many things t...
EB
Director of Community at PeerSpot (formerly IT Central Station)
Jul 18, 2022
Dear PeerSpot community members, Welcome to the latest PeerSpot Community Spotlight, where we sum up the most relevant recent postings by your peers in the community.  Check out the latest questions, articles and professional discussions contributed by PeerSpot community members!  Trending Here are some topics that your peers are discussing at the moment: What is your recomme...
EB
Director of Community at PeerSpot (formerly IT Central Station)
Jun 20, 2022
Hi PeerSpot community members, This is a fresh-from-the-oven Community Spotlight for you. Here, we've summarized and selected the latest posts (professional questions, articles and discussions) by PeerSpot community members. Check them out! Also, please share with us your feedback and suggestions by commenting below! Trending See what is trending at the moment and chime in to discuss! ...
Moderator
Chris Childerhose - PeerSpot reviewer
Lead Infrastructure Architect at ThinkON
Real User
ExpertTop 5
Related Articles
Ariel Lindenfeld - PeerSpot reviewer
Director of Community at PeerSpot
Aug 21, 2022
PeerSpot User's Choice Award 2022
We’re launching an annual User’s Choice Award to showcase the most popular B2B enterprise technol...
EB
Director of Community at PeerSpot (formerly IT Central Station)
Aug 2, 2022
Community Spotlight #19
Dear professionals, Welcome back to PeerSpot's Community Spotlight! Below you can find the lates...
Download Free Report
Download our free Azure Backup Report and get advice and tips from experienced pros sharing their opinions. Updated: May 2023.
DOWNLOAD NOW
706,775 professionals have used our research since 2012.