2021-11-08T07:30:00Z

What is the difference between cyber resilience and business continuity?

EB
  • 4
  • 673
PeerSpot user
6

6 Answers

JH
User
2022-08-10T02:29:58Z
Aug 10, 2022

Given todays landscape, I think cyber resilience in infrastructure (defined as the ability to protect and  recover from a cyber attack - i.e. Air Gapped Backups, immutable backups or snapshots, etc) should be considered a necessary component of Business Continuity (defined as the ability to continue running, or quickly recover, from an outage-causing disaster). BC is different from DR, in that DR implies a "recovery" activity, while BC implies the ability to continue operating through the outage.


While they may be separate today for political reasons, they should not be.

Search for a product comparison in Backup and Recovery
2022-08-09T17:38:20Z
Aug 9, 2022

In real world terms, Cyber Resilience would include security software (anti-virus and anti-malware), local machine and network policies to enforce hard passwords that are changed periodically, delegated folder access permissions, and physical access security protocols.
Business Continuity is a plan to keep a business from failing in the event of catastrophe. This should include redundant and remote co-located servers, off site data backups, system images, and provisions to operate from a different facility.

VK
Real User
2021-11-09T10:09:23Z
Nov 9, 2021

It's simple: cyber resilience is the ability to prepare for, respond to and recover from cyber attacks. And it is certainly the role of the security team. 


While business continuity is something that is a part of the backup procedure or DR site that in any case (and not just from a cyber attack) ensures that the business continues to operate.

Jairo Willian Pereira - PeerSpot reviewer
Real User
Top 5
2021-11-24T13:37:48Z
Nov 24, 2021

Both have the same purpose but not the same scope. 


Ensuring CR does not guarantee BCP but guaranteeing BCP (properly following all plans and sub-plans as required by ISO22301 standard) guarantees CR.


People often confuse DR (Disaster Recovery) with BCP but DR is just a small fragment of the entire BCP (again, see scope and purpose at ISO22301 and complementary 223xx norms).

AlanFink - PeerSpot reviewer
User
2021-11-09T11:27:27Z
Nov 9, 2021

Generic terms are always open to interpretation. My belief is that Cyber (crime) Resilience means there is a clear strategy, toolset and management process in place to ensure businesses are protected from malicious attacks whereas Business Continuity is a much broader term like having the secondary infrastructure in place to continue operating normally in the event of any kind of Business Interruption like natural disasters, power outages, software failure, malicious or accidental damage to data, etc and to be able to recover from it very quickly and with minimal cost. 


A step up from Disaster Recovery.

EB
Community Manager
2021-11-08T08:08:16Z
Nov 8, 2021

Hi @Enayat Galsulkar, @Daniel Aramayo ​and 
@Darshil Sanghvi,


Can you please chime in here and share your knowledge with other peers?

Find out what your peers are saying about Veeam Software, Zerto, Commvault and others in Backup and Recovery. Updated: February 2024.
763,955 professionals have used our research since 2012.
Disaster Recovery as a Service
Disaster Recovery as a Service providers offer solutions that enable businesses to recover their IT infrastructure and data in the event of a disaster.
Download Disaster Recovery as a Service ReportRead more

Related Q&As