Business Continuity Plan (BCP)

A strategy and set of arrangements to keep your business operational (or at least quickly restore operations) during and after disruptive events - which can include cyber incidents, but also other disasters like fires, floods, or power outages. In the context of cybersecurity, the BCP works hand-in-hand with Incident Response (IR).

‍

While Incident Response focuses on stopping the attack and fixing the issue, business continuity focuses on keeping critical business functions running or getting them running again ASAP. For instance, if a ransomware attack knocks out your primary server, a continuity plan might involve switching to a cloud backup server or even doing certain processes manually until systems are restored.

‍

Key parts of BCP include identifying your most critical operations, having data backups and spare equipment ready, and knowing in advance how you'd communicate and work during a disruption (e.g., can staff work from home if the office network is down? Who contacts key clients to reassure them?).

‍

Disaster Recovery (DR) is a subset of continuity planning, specifically about restoring IT infrastructure and data after a disaster (like restoring from backups, rebuilding servers). Even a small business should think about continuity: If our main software went down for two days, do we have a workaround? If our office is inaccessible, can we work remotely?

‍

A simple BCP might be as straightforward as, "We back up important data daily to the cloud, and if our office network is out, everyone will tether to cellular and use the cloud backups to continue work." The aim is resilience - ensuring you can still serve customers and maintain core operations no matter what happens.