Business continuity, organisational resilience, disaster recovery: The key focus in the pandemic
By MYBRANDBOOK
Sandeep Sengupta
Director - ISOAH Data Securities
Key priorities for 2021
Information Security has become a business risk, rather than an IT risk. CIOs are now part of the board, influencing decisions. The new normal brings unknown risks. Digital hygiene is now getting embedded into company culture.
Adopting Work-From Anywhere
Business continuity, organisational resilience, disaster recovery have been the key focus in the pandemic. These were mostly neglected in pre-COVID scenarios. With unavailability of infrastructure and people, disruption in supply chain and vendors; organisations are doing RTO & RPO for each and every process within the organisation. ISO 22301 (Business Continuity), BS 65000:2014 (Guidance on organizational resilience) are the standards in demand, superseding ISO27001 (Data Security) or ISO 27701 (Data privacy). To achieve business continuity, we have observed a massive adoption of cloud technologies, usage of VPN with MFA. Adoption of BYOD has also increased. HR has played an active role in the psychological wellbeing of the workforce.
Redesigning IT & Security strategy
First, the companies that invested in perimeter security assuming everything will remain secured within the office, had a problem to solve while everyone was working from outside the office. They had to redefine their budgets to accommodate end-point security, BYOD security, VPN security, etc.
Data protection and privacy became another concern for the companies with European GDPR and many other countries adopting regulations similar to GDPR. With government and regulatory bodies tightening the noose against the companies with stiff penalties against data breaches; the chance of data breach skyrocketed with companies trying to adapt to a new normal and in understanding the new risks.
Few offbeat Recommendations for businesses:
1. Procurement of department needs to ask vendors to submit their DR drill reports, business continuity policy during vendor empanelment.
Merely an undertaking of business continuity is not enough any more. Either the vendor needs to be ISO22301 certified by trusted
certification bodies; or send questionnaires on basic BCMS to understand their BCMS maturity.
2. Use job rotation to create a robust succession plan. People’s unavailability is an acute problem.
3. Get ISO22301 best practices implemented in organisation and get certified by a trusted certification body. External assessments add a lot of value to dig out risks which otherwise would have remained undetected.
4. Focus on data protection and privacy well in advance. IDPR will come into force sooner or later. Being ready will give any organization a market advantage. Being unready and waiting till the last moment can bring a 15 crore penalty in case of a data breach.
Happiest Minds brings in an innovative GenAI chatbot
Happiest Minds Technologies has announced the new GenAI chatbot - ‘hAPPI...
Government mandates encryption for CCTV cameras to ensure netw
In the wake of issuing an internal advisory on securing CCTV cameras at g...
TRAI recommends allowing only Indian entities to participate i
The Telecom Regulatory Authority of India (TRAI) has recommended that onl...
Galaxy AI is available on more devices with Samsung One UI 6.1
Samsung has expanded the range of smartphones to which One UI 6.1 and Gala...
SECUREYE SERVICES PVT. LTD.
TP-LINK INDIA PVT LTD.
GLOBUS INFOCOM LTD.
SAMSUNG INDIA ELECTRONICS PVT. LTD.
Technology Icons Of India 2023: Sachin Bansal
Sachin Bansal’s fintech startup, Navi Technologies, simplifies loan ...
Technology Icons Of India 2023: Gautam Adani
Gautam Adani is the Founder and the Chairman of the Adani Group, an In...
Technology Icons Of India 2023: Dr. P D Vaghela
Dr PD Vaghela serves as the Chairperson of Telecommunications Regulato...
RailTel connecting every corner of India
RailTel is an ICT provider and one of the largest neutral telecom infr...
DRDO is India's largest and most diverse research organisation
DRDO is the R&D wing of Ministry of Defence, Govt of India, with a vis...
PGCIL transforming India with its wide power transmission network
Engaged in power transmission, POWERGRID or PGCIL is a stated owned In...
SUPERTRON ELECTRONICS PVT. LTD.
Supertron deals in servers, laptops, components, accessories and is a...
WPG C&C COMPUTERS & PERIPHERALS PVT. LTD.
WPG C&C Computers & Peripherals (India) was incorporated in 2008 and ...
IVALUE INFOSOLUTIONS PVT. LTD.
: iValue Info Solutions is a value added distributor, provides solutio...